ENFORCING POLICIES
ONE SIMPLE TOOL FOR MANAGING ON-SITE AND REMOTE USERS
Administrators are able to easily manage and enforce policies amongst individuals or groups through controls in the Management Console. Since Webroot SecureAnywhere is not reliant upon dedicated servers or corporate networks, threat determinations and new policies are available to endpoints immediately, regardless of location. Users are easily protected from threats and out-of-date software and policies are a thing of the past. This provides 24/7, real-time protection for users anywhere in the world.
- RELATED FEATURES:
- Endpoint Policy Management | Agent Visibility and Control
Web-based Management Console
ENDPOINT POLICY MANAGEMENT
Video: Policies
The Endpoint Policy Management within Webroot SecureAnywhere gives administrators extensive control over environments without over-complicating the task of creating and managing policy. The simple on/off approach makes it extremely easy to define the policy behavior of Webroot SecureAnywhere on endpoints.
Endpoint policy modifications may initially be saved as draft changes before promoting them to a ‘live’ status and policies may also be exported as .csv files. This is especially useful for organizations with change control and auditing requirements, because any necessary reviews or revisions may be made before deployment. It also gives administrators the ability to share policy changes for approval, re-name them, or assign different sets of users to the revised policies.
Any administrator with the appropriate permissions can create policies and assign them to individual endpoints or groups of users. For example, you can create a policy that does not show any signs of Webroot SecureAnywhere being installed, so it doesn’t appear as a system tray icon and is not listed within the program list in the start menu.
A number of default policies are supplied as standard and these are easily modified, re-named and assigned to a user or groups of users. By default, all new users are assigned to the Default Group but can easily be moved to any other Policy.
AGENT VISIBILITY AND CONTROL
The console is very easy to navigate and is very quick to browse giving visibility of all systems quickly with a lot of customized features.
Video: Overrides
Overrides empower Administrators by giving them the control to override automated file determinations made by the Webroot Intelligence Network. Overrides can be applied to the entire organization or to an individual policy that only affects a subset of users.
For example, if an administrator decided that their users should not be allowed to use a specific program, such as torrent software, the administrator can use an override to flag the file as ‘Bad’ during scans and quarantine it. This allows administrators to stop endpoints from running undesirable applications.
Alternatively, if corporate policies change or a blocked application needs to be restored, administrators also have the ability to reverse any overrides and restore the files from quarantine.
Overrides may be applied from several locations within Webroot SecureAnywhere:
- From the Overrides tab in the Management Console
- From the Group Management tab in the Management Console
- From the Reports tab in the Management Console
- From any area of the Management console that offers the ‘Create override’ option flag
As stated above, overrides may be applied globally or applied to individual policies. For example, an MD5 file might be treated as ‘Bad’ at the global level and ‘Good’ at the individual policy level. A real world example of this would be a keylogger program that is used legitimately by the IT department to have audits for financial compliance in a trading room, but would be considered malicious if active on any other department’s endpoints.
Overrides are also a powerful way of blocking attacks as an administrator is immediately in a position to stop applications that have compromised or are causing the spread of an infection.
WEB-BASED MANAGEMENT CONSOLE
Video: Web Based Management Console
The Webroot SecureAnywhere web-based management console can be accessed via any web browser by entering a user name and password, plus an individual security code that ensures only legitimate Administrators will gain access. Additional administrators can be added and given varied access permissions to ensure the appropriate levels of control over policies, reporting, alerting and management of endpoints.
The ‘Home’ page of the management console provides links to Endpoint Security, Mobile Security and the Webroot Community.
By providing an instant overview of protected endpoints and their current statuses, plus the ability to drill into the details directly from the Status Page, administration is greatly simplified. The Webroot SecureAnywhere management console allows you to access all the features needed for viewing, remotely interacting with and managing endpoints under clear headings that include:
- Policies: Policies define the behavior of Webroot SecureAnywhere on the endpoints wherever they are deployed. Webroot SecureAnywhere’s policy settings offer easy and granular customization.
- Group Management: Groups help to organize endpoints for easy management. You can view groups and each endpoint within these groups, and select individual endpoints to see scan histories or initiate remote agent commands.
- Reports: Reports show threats and unidentified software present on your network, and the versions of Webroot SecureAnywhere software running on your endpoints.
- Overrides: Overrides give you administrative control over the files that are allowed in your environments. You can override files as Good or Bad and apply these overrides globally, or by policy when needed.
- Logs: Logs provide a view of changes, and a history of command usage.
- Software Download & Deployment: Provides an easy, in-console Agent deployment tool and links to information on the various deployment options available.
Management Console – Status Page
By clicking on the Endpoint Security tab, the Administrator is taken to the Status page, which provides a complete overview of all deployed endpoints. The status page also gives the ability to drill into details directly, greatly simplifying user administration.
The Status Page shows:
- An alert notification if any managed endpoints need attention. By clicking the notification, administrators can access a list of endpoints that have recently encountered threats.
- A bar chart showing the number of endpoints that have encountered threats in the last 7 days. Clicking the chart allows the administrator to see a detailed list of those endpoints.
- A pie chart detailing the Webroot SecureAnywhere software version deployed across all managed endpoints, which gives helpful insight to any agents that have not checked in.
- Endpoint activity, which shows the number of endpoints that are managed by Webroot SecureAnywhere, based on a time period selected from a drop-down menu.
- A list of recently infected endpoints which can be drilled into to view the infections on each endpoint and view the associated policies.
- An information panel showing the most recent threat information with links to Education Videos; Release Notes and Webroot News.
Management Console - Status Page