Hi, could someone please explain to me the difference(s) (if any) between WSA and WSS? There only seems to be a comparison of the various home user versions on the site, and try as I might, I can't find anything like this elsewhere on the forum.
Thanks a lot
Page 1 / 1
The Webroot website can be quite unclear in the differences between their products. Here are some YouTube videos created by Webroot to help educated you in the uses for each product. In a short summary, WSA Business is for protecting PC's within a business and WSA Web Security Service is for protecting your business's network.
Live Demo - Webroot SecureAnywhere Business
http://www.youtube.com/watch?v=iWSGuUzMDy8
Live Demo - Webroot SecureAnywhere Web Security Service
http://www.youtube.com/watch?v=hz7g9tdiEh4
Live Demo - Webroot SecureAnywhere Business
http://www.youtube.com/watch?v=iWSGuUzMDy8
Live Demo - Webroot SecureAnywhere Web Security Service
http://www.youtube.com/watch?v=hz7g9tdiEh4
I see i like this:
WSA is a software that protects your endpoint. It works in the cloud so it's SaaS.
WSS is a gateway - sort of a proxy server that filters all of your internet traffic. Something like UTM with the exception that it's not physically located inside your LAN. So basically all of your internet traffic is routed through an external server which makes it close to being IaaS.
WSA is a software that protects your endpoint. It works in the cloud so it's SaaS.
WSS is a gateway - sort of a proxy server that filters all of your internet traffic. Something like UTM with the exception that it's not physically located inside your LAN. So basically all of your internet traffic is routed through an external server which makes it close to being IaaS.
Hello,
Our Webroot SecureAnywhere Endpoint Protection can best be described as a whole new way to prevent threats on your local system before they cause damage or undesirable results. It is not just an antivirus program, it protects against web threats, rootkits, MBR infections, rogue AV's, etc.
The Webroot SecureAnywhere Web Security Service is a web filtering solution that is very lightweight and powerful as there is no hardware that has to be purchased, installed and configured. We house all proxy servers in various datacenters around the globe so operating costs are minimal for the customer. Web traffic is filtered based on policy and can be blocked by content, category, URL, file type, or even quotas. This allows you to control what your users have access to on the web.
Even though the two are very different, the two combined can be said to be unstoppable when it comes to protecting your environment from the elements your users encounter on a daily basis.
Thank you and please let us know if you have any further questions,
Shawn T
Webroot Enterprise Support
Our Webroot SecureAnywhere Endpoint Protection can best be described as a whole new way to prevent threats on your local system before they cause damage or undesirable results. It is not just an antivirus program, it protects against web threats, rootkits, MBR infections, rogue AV's, etc.
The Webroot SecureAnywhere Web Security Service is a web filtering solution that is very lightweight and powerful as there is no hardware that has to be purchased, installed and configured. We house all proxy servers in various datacenters around the globe so operating costs are minimal for the customer. Web traffic is filtered based on policy and can be blocked by content, category, URL, file type, or even quotas. This allows you to control what your users have access to on the web.
Even though the two are very different, the two combined can be said to be unstoppable when it comes to protecting your environment from the elements your users encounter on a daily basis.
Thank you and please let us know if you have any further questions,
Shawn T
Webroot Enterprise Support
+1 to Shawn.
Although WSA is great at local protection if threats get dropped on the client, it doesn't have deep website inspection like other suites. Instead, it uses "cloud" based reputation for the first line of web defense. This makes the client much lighter (less prone to issues) and removes a lot of CPU usage but it is still one less layer compared to other suites. (Note that if the client is behind the corporate firewall this protection would be provided by a threat management gateway, though it's always nice to have protection client-side as well, especially for computers that are remote.) Even without this layer the client provides protection on par and above other solutions based on what I have experienced.
This is where WSAWSS comes in. It provides the deep website inspection "in the cloud" which is really where you want it- where threat trends, reputation, and deep inspection can be immediately analyzed and shared across all users of the service. The bad traffic hopefully never even hits your side of the wire which always makes the network guys happy.
So really you want both services on your clients for absolute protection. I can't disclose exact sums, but with Webroot business licenses there can be a substantial discount when you buy both, so much of a discount where it literally doesn't make sense not to get WSAWSS.
From everything I have seen and my own speculation, it is my belief that Webroot's final goal to merge both services into a sort of super-cloud of executable threat information and web-based threat information under one client. This would eventually provide incredible powers of insight and threat event correlation. This would be years down the line, right now they are just trying to get both management consoles under the same roof. It's my understanding they already have services that can pull from these two sources but an integrated back-end platform is not a reality. Correct me if I'm wrong. Or don't, you'd just be tipping your hand to the competition 😛. I might be a spy.
After that's complete (and they improve the reporting) my understanding is that the only weak points would be:
1.) The lack of true client-side deep packet inspection for the local network. However, Window's increasingly powerful mitigations and local firewall make these threats easier for administrators to configure against. Where that leaves servers, which are required to keep ports open, I'm not sure.
2.) The inability to perform HIPS functions of more hardcore monitoring of sensitive system interfaces and blocking of unapproved programs. I'm not sure Webroot sees itself as ever entering this space. Their current design goals are extremely light client with minimal management and the heavy-lifting in the cloud backend, which a HIPS product would not fit into. Those things are seriously a CPU sink compares to Webroot's tech. Who knows though.
(Note: I have no financial arrangements or personal relationships with Webroot, other than them sending me a Webroot cup and me paying them lots of money every year. Perhaps they should send me more cups...)
Although WSA is great at local protection if threats get dropped on the client, it doesn't have deep website inspection like other suites. Instead, it uses "cloud" based reputation for the first line of web defense. This makes the client much lighter (less prone to issues) and removes a lot of CPU usage but it is still one less layer compared to other suites. (Note that if the client is behind the corporate firewall this protection would be provided by a threat management gateway, though it's always nice to have protection client-side as well, especially for computers that are remote.) Even without this layer the client provides protection on par and above other solutions based on what I have experienced.
This is where WSAWSS comes in. It provides the deep website inspection "in the cloud" which is really where you want it- where threat trends, reputation, and deep inspection can be immediately analyzed and shared across all users of the service. The bad traffic hopefully never even hits your side of the wire which always makes the network guys happy.
So really you want both services on your clients for absolute protection. I can't disclose exact sums, but with Webroot business licenses there can be a substantial discount when you buy both, so much of a discount where it literally doesn't make sense not to get WSAWSS.
From everything I have seen and my own speculation, it is my belief that Webroot's final goal to merge both services into a sort of super-cloud of executable threat information and web-based threat information under one client. This would eventually provide incredible powers of insight and threat event correlation. This would be years down the line, right now they are just trying to get both management consoles under the same roof. It's my understanding they already have services that can pull from these two sources but an integrated back-end platform is not a reality. Correct me if I'm wrong. Or don't, you'd just be tipping your hand to the competition 😛. I might be a spy.
After that's complete (and they improve the reporting) my understanding is that the only weak points would be:
1.) The lack of true client-side deep packet inspection for the local network. However, Window's increasingly powerful mitigations and local firewall make these threats easier for administrators to configure against. Where that leaves servers, which are required to keep ports open, I'm not sure.
2.) The inability to perform HIPS functions of more hardcore monitoring of sensitive system interfaces and blocking of unapproved programs. I'm not sure Webroot sees itself as ever entering this space. Their current design goals are extremely light client with minimal management and the heavy-lifting in the cloud backend, which a HIPS product would not fit into. Those things are seriously a CPU sink compares to Webroot's tech. Who knows though.
(Note: I have no financial arrangements or personal relationships with Webroot, other than them sending me a Webroot cup and me paying them lots of money every year. Perhaps they should send me more cups...)
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.