Webroot Business Endpoint Protection

Webroot SecureAnywhere Business Endpoint Protection protects systems online and offline without the use of signature files, instead relying on cloud hosted threat definitions, heuristics and other techniques in the agent to protect the agent against attacks and zero day threats. Using a multi-layer protection scheme is important in guarding against the increasing volume and sophistication of attacks being deployed on the internet. Through the use of daily scans, custom shields for real-time protection, behavior modeling, firewall and privacy protection options, Webroot provides a comprehensive endpoint protection solution.
For scenarios where a threat does breach a system, Webroot can clean and reset the system to its pre-infected state, minimizing user impact and downtime. System administrators gain more control over when and how they work through the use of Webroot’s cloud hosted management dashboard, enabling network endpoint management and monitoring anytime, anywhere, ensuring 24×7 coverage for increased security. With standard reporting and notification capabilities, administrators are able to stay on top of the latest information, and take appropriate action to address issues as they arise, as well as keeping end users and other stakeholders informed throughout the process.

• Key Features
• Lightweight with high performance
• Reactive, zero-day threat protection
• Behavioral monitoring
• Cloud-based management
• Comprehensive reporting and notification tools

Lightweight Client

Due to the architecture and implementation of Webroot’s SecureAnywhere Business Endpoint Protection, it maintains minimal system resource utilization, and a small installation footprint, enabling for faster install, initial scan, runtime, monitoring, and cleaning than many other common anti-malware solutions in the market. Compared against many of the common industry anti-malware solutions in the market today, the Webroot agent installed on endpoints utilizes only 2MB of hard drive space, which is 118 times smaller hard drive footprint on average, only 5.5 MB memory at idle and 20x less memory for initial scans than the competition, 10% average CPU utilization during scans, and over 80 times faster scan times on average over other industry solutions.

The installation is light and efficient, enabled with one click installation, it’s remotely deployable to any system in the network, and the agent itself can be locked down by policy so that end users cannot see or interact with the agent. It can also be set to unmanaged to allow specific end users access to their agent. When managing multiple endpoints, the increase in speed, performance, and reduction in size can make a significant impact on the time spent deploying, managing, discovering and resolving issues across the network, freeing up time for administrators and end-users to do more important work.

Reactive Threat Protection
Where traditional antivirus software relies on the distribution of updated signature files to each endpoint independently to protect systems, Webroot SecureAnywhere Business Endpoint Protection relies instead on threat definitions hosted in the cloud. Because Webroot definitions for malware scanning are stored and used from the cloud, every PC or device connected to the Webroot cloud is instantly protected from new threats as soon as the definition is updated due to detection by any individual Webroot endpoint, or updated by Webroot’s own security research group. This early detection system is also informed by several of Webroot’s industry network security partners who deploy Endpoint Protection with their proprietary technologies to companies throughout the world, ensuring an enterprise grade solution that lends hundreds of gigabytes of new threat information daily.

The community of Webroot users is in fact working to protect each other, providing greater coverage and awareness with a higher rate of protection and responsiveness due to real-time updates provided every day.

Zero-Day Threat Protection
With thousands of new malware releases every day, zero-day threat protection is a critical aspect to any security solution. Webroot has implemented a predictive detection algorithm that monitors systems both online and offline based on file and program behavior analysis. If a virus or other malware has not been identified, and no threat definition has been created, then the application/software is assumed to be good.
Webroot SecureAnywhere Business Endpoint Protection creates a hash of any unknown file, including header, install location, digital signature, and other variables, and then compares that to Webroot’s database of known threats. If no threat is identified, Webroot runs the software in a controlled environment and captures the software behavior to determine if it appears to be malicious. If the behavior seems suspicious, or similar to other known threats, then the cloud informs the agent to block the program. If the behavior has not been seen before, and no mapping of known bad behavior can be determined, Webroot runs the program in a monitored state and captures all system and file changes made by the application. If the program is determined to be malware at a later date, all changes can be rolled back to their original state and the program is blocked. The ability to monitor offline systems through this behavior analysis keeps all endpoints in sync and fully protected, reducing company risk for system breaches, data loss, and privacy issues.

Centrally Managed, Globally Distributed
The Webroot SecureAnywhere Business Endpoint Protection console provides a one stop shop for monitoring, analyzing, and applying security to all managed endpoints within the network. The console is cloud hosted, ensuring access from approved personnel anytime, anywhere, from any device. The flexibility provided as a result allows for easier coverage 24×7, and faster response times when threats or security breaches do occur. Through the console administrators can select specific individuals or groups that need the Webroot agent installed, apply a specific network key code that ties that system to the company assets being managed, and distribute the client to any system regardless of geo-location.
Global policies and overrides are also managed through the cloud console, ensuring all core management functions are centralized in one location. Since the console is cloud hosted, there is no server management or installation required, making the whole process from installation to implementation and use seamless and easy to manage.

Comprehensive Reporting and Notification Tools
Through the Webroot SecureAnywhere Business Endpoint Protection console, administrators are able to monitor existing endpoints status, consume reports outlining summaries such as all threats discovered, undetermined threats, daily and collated threat history, installed endpoints, and many others. All of this data can be further broken down by company departments, deactivated systems that have been retired or shut down for some time that subsequently need protection re-enabled, managing deployment of new endpoints to various groups, and many other system management related functions. System administrators are able to configure a dashboard that includes the most relevant reports they are interested in seeing on a regular basis. Color coded visual charts and graphs make the information easier to consume at a glance.

Setting policies, monitoring endpoint status, and consuming reporting is augmented by the ability for the administrators to use the console to inform and stay connected with end users and other administrators. Through the use of the alerts function administrators can inform anyone in the company, be it individuals or broad distribution groups, when endpoints are installed. Administrators can provide threat summaries broadly, or installation summaries, or immediately inform when new threats are discovered. Centralizing the communication functionality within the tool ensures more connectivity and awareness of endpoint and overall network health, easing administrators from having to rely on other tools and disparate channels for managing the system.