Webroot SecureAnywhere Business Replacement?

Dashrender

@scottalanmiller said in Webroot SecureAnywhere Business Replacement?:

@wrx7m said in Webroot SecureAnywhere Business Replacement?:

I will definitely need centralized management.

What's the piece of that that you need? AV isn't something requiring much management typically. You want it updated and running, maybe centrally reporting. What do you want to manage?

White listing something would be the main thing I could think of for management.

scottalanmiller

@wrx7m said in Webroot SecureAnywhere Business Replacement?:

@scottalanmiller said in Webroot SecureAnywhere Business Replacement?:

@wrx7m said in Webroot SecureAnywhere Business Replacement?:

I will definitely need centralized management.

What's the piece of that that you need? AV isn't something requiring much management typically. You want it updated and running, maybe centrally reporting. What do you want to manage?

Deployment, configuration and reporting.

Is that really needed? We use Defender most places. Nothing to deploy, that's automatic. Nothing to configure, also automatic (normally.) And reporting, can be done lots of ways but is rarely needed. that's the one piece that could be improved a lot, but what kind of reporting do you really want?

Dashrender

@wrx7m said in Webroot SecureAnywhere Business Replacement?:

@scottalanmiller said in Webroot SecureAnywhere Business Replacement?:

@wrx7m said in Webroot SecureAnywhere Business Replacement?:

I will definitely need centralized management.

What's the piece of that that you need? AV isn't something requiring much management typically. You want it updated and running, maybe centrally reporting. What do you want to manage?

Deployment, configuration and reporting.

Deployment is built into Windows 10, so nothing to worry about there. Config - what other than whitelisting something is there to configure?
Reporting is the bugaboo. As listed Intune and SCCM with MOM can it, Powershell and WMI can do it, GPO alone can't.

Dashrender

@scottalanmiller said in Webroot SecureAnywhere Business Replacement?:

, but what kind of reporting do you really want?

To know what the current status of the endpoint is - i.e. version of software, engine and dat files.
Also want to know about any infection/attempted infections.

This last bit I'd like in realtime so we can see if there is something weird going on.

Kelly

@dashrender said in Webroot SecureAnywhere Business Replacement?:

@scottalanmiller said in Webroot SecureAnywhere Business Replacement?:

, but what kind of reporting do you really want?

To know what the current status of the endpoint is - i.e. version of software, engine and dat files.
Also want to know about any infection/attempted infections.

This last bit I'd like in realtime so we can see if there is something weird going on.

https://docs.microsoft.com/en-us/powershell/module/defender/index?view=win10-ps

Realtime is the hard part.

wrx7m

I still have mostly Windows 7, but am migrating to Windows 10. Also, currently on Server 2012 R2 for all but one Server 2008 r2.

I want reporting for immediate alerts for any infections. Almost no one will notify me of issues until it really impedes their work.

Dashrender

@kelly said in Webroot SecureAnywhere Business Replacement?:

@dashrender said in Webroot SecureAnywhere Business Replacement?:

@scottalanmiller said in Webroot SecureAnywhere Business Replacement?:

, but what kind of reporting do you really want?

To know what the current status of the endpoint is - i.e. version of software, engine and dat files.
Also want to know about any infection/attempted infections.

This last bit I'd like in realtime so we can see if there is something weird going on.

https://docs.microsoft.com/en-us/powershell/module/defender/index?view=win10-ps

Realtime is the hard part.

Agreed - but the WMI thing I would guess could get you pretty damned close. I'd say 5 mins is good enough in most cases.

Dashrender

@wrx7m said in Webroot SecureAnywhere Business Replacement?:

I still have mostly Windows 7, but am migrating to Windows 10. Also, currently on Server 2012 R2 for all but one Server 2008 r2.

I want reporting for immediate alerts for any infections. Almost no one will notify me of issues until it really impedes their work.

Defender can be baked into your deployment image, so that's not much different that Win 10. And I'm pretty sure you can put defender on Windows Server 2008 or newer.

travisdh1

At my new place, we use ESET. That's purely for the central management console when we're supporting 250+ small businesses.

dbeato

@wrx7m said in Webroot SecureAnywhere Business Replacement?:

@momurda said in Webroot SecureAnywhere Business Replacement?:

This task Manager behavior is from Webroot?
I see it occasionally; one developer in particular says it is always a problem.

https://community.webroot.com/t5/Webroot-SecureAnywhere-Complete/Task-Manager/td-p/309032

According to the most recent post in that thread (edit - the most recent post is currently 2 weeks old), a beta release fixes this issue. Being that the thread started in December of 2017, it goes to show how long it takes them to fix things.

yes, that is also what we found out, especially in Windows 10.