Before I start on a review of this product, I just want to make something clear – I’m not a shill for any product – if I’m writing about it, it’s because we use it and either my customers or I like it (or loathe it).
So, in the interests of full disclosure, Anittel recently purchased 10000 agents of Webroot SecureAnywhere for our clients and internal use. This was after an exhaustive review process and many, many vendors input and sales pitches.
To preface why this was an important decision and one in which a lot of diligence was undertaken is because the two things that cause the most problems for any MSP is Malware and Backup issues. The amount of time burnt on these two issues the world over must be enormous because just internally here at Anittel I have worked out that we spent between 400 and 500 hours in any given month on these two issues, that’s a lost revenue opportunity of $50-60k which is straight off the bottom line.
Traditional issues are malware infections including ones created through zero-day exploits, clients not updating through traditional signature based updates, issues caused by AV installations (particularly ones that include a firewall) and other simple and niggling issues. It’s a running joke that the second something goes wrong with a PC or server, after you’ve rebooted it just uninstall the AV package and it’ll probably fix it.
So, to say it’s a pain is an understatement – when we were looking for something to replace our existing AVG/Kaspersky implementation through Kaseya we wanted to address these issues, not lock ourselves into another nightmare scenario.
I was fortunate enough to come across Webroot as part of our reviews and I was very impressed with a few things in theory with their product, namely:
- It isn’t signature based, no need to ensure machines get signature updates every day
- It has a very small install footprint
- It has a very small scanning footprint
- It retains a cloud based library of processes/applications that are allowed and not and if it doesn’t fall into one of these two categories it journals the changes made by that process/application and allows you to roll back if it becomes a known bad process/application.
- It can be installed alongside other AV implementations without conflict (which was key, given we were going to be migrating from an existing AV installation for clients and wanted no lapse in protection)
I got talking to some guys there about the fact that I liked the product, but didn’t like the fact it was yet ANOTHER portal, something I talk about in an earlier blog. They were keen to work with us and Labtech to integrate it into our RMM tool which was a great outcome for all.
Anyway, we’ve been running it in beta internally and with some selected customers now for about 3 months and it’s been a stellar success, I’ve been very happy with the rollout and we’re now planning a schedule to cut all customers over to this platform in the immediate future.
There’s a few bad things, so on balance, I’m going to share them as well
- It’s not great on a machine that’s already infected, it doesn’t have a clean up tool like McAfee Stinger that is good on pre-infected machines, you really want this out there before a breakout (obviously) then it’s very effective
- The web portal, if you have to use it, is annoying – I don’t like it’s authentication mediums (although I understand why) and I think it’s clunky and not easy to understand. We’ve limited access internally to a few super users of the platform and setup standard packages for customers, this has worked well, I’d caution against rolling this portal out for 30 engineers – you’ll spend more time resetting passwords than having them working.
- The integration to Labtech is in it’s infancy, it’s basically deploy/remove from Labtech using scripts, I’m working with Webroot on further integration such as logging tickets when a virus is found and remediating them/closing the ticket but that’s a while away
Otherwise, I can highly recommend Webroot to MSPs and in fact to corporates as well who are looking for a excellent anti-malware solution.
I’m getting a demo of their web security product as well this week, which looks to be interesting too and based on the same model (lightweight client and cloud based ‘definitions’) – I’ll let you know how it looks next week