Please share with the community what you think needs improvement with Webroot Business Endpoint Protection.
What are its weaknesses? What would you like to see changed in a future version?
Its detection capability for certain attacks should be improved. It should have better and wider detection for certain malware attacks. It could also have some sort of RMN.
We've had some issues with the solution. We were attacked by CryptoLock. It's not the best in security. As we were breached, we'll be looking for a new solution next year. We need to have a stronger defense against CryptoLock and other attackers.
We find that their quality has fallen off over the years. Unfortunately, it just doesn't provide a level of protection that's needed at this point. They need better prevention and detection. Too many threats are getting through their protection, and causing an infection of the machines, actually. Webroot is very reactionary. It waits until the threat is active within memory to try and detect it. They need better pre-execution detection and prevention.
Tech support needs to be improved. If we have an issue, and we don't have an issue very often, trying to get support's attention is a really difficult endeavor. Their DNS support is underwhelming. There are side portions of their environment that we don't use because it creates more problems than it's worth. The feature that we would most like to see incorporated is DNS support. At the moment their DNS solution is problematic.
I think the one bad point about this product is that we did not find a way for Webroot to generate reports or schedule automatic reports to be sent to clients. These would be reports on the status of their device, the status of their security, and information about backups. The option for providing this information is not there and we cannot run the scan from our end. It must be run from the client's end. My only other hope would be that they would still continue providing this product. But they have scheduled it for end-of-life on March 1st or April 1st. I do not know why they are removing it from the market. But it is obviously their decision to make.
There's no static analysis inside their solution. The solution should add the capability to use cloud access so that we can provide clients with an endpoint code. There needs to be more advanced analytics. It would make it a more powerful antivirus solution within the marketplace.
This product has room for improvement to display a more detailed representation of the problem when a virus is or isn't stopped. We need to know more details about how the virus interacted with the computer. That is where some of the other products are starting to look better. It needs to work without disconnecting everyone. This is very important. In SentinelOne, you can disable all ports. You can look up the machine, play with the machine, etc. Webroot can do all sorts of things on the network. It's very good. There are some cool possibilities for more control within the environment. We have a broad list of plugins to use with a high degree of confidence. Backups are another aspect that can be improved. Having a backup solution that's associated with this in the case everything fails and the machine was destroyed would help us get the files back in emergencies.
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.
What is the best for ransomware infection?