Skip to main content
Hi all,

 

We are a small systems integrator, and are looking for an AV product to recomment to our clients. In the past we have used Trend, and Symantec, and Avast.

 

I'm looking for any real IT folks opinions and experiences on Webroot.

 

We like the cloud management aspect of it.

 

Thanks, Simon.
FYI I've seen your question but too busy to post detailed response yet. Short answer: Yes.
Simon, after several months of searching for a replacement AV product to roll out to our clients we decided on Webroot - over all the other major products. The reasons were numerous but here are the primary ones:

 

- web console - isn't perfect but allows us to remotely manage the clients, do the main admin tasks we need to, and is flexible

- development team actually listens to users and works to implement additional functionality requests both in the software and admin console

- the products approach to how it handles threat determination, the behavior analysis component, and the way it responds to possible and known threats actually makes sense versus how others are doing this. The behavior component and the way it allows a program to run, but if it deems it risky prevents outbound access, is the best way to handle threats - after all what good is infecting machines unless you get something from it - preventing outbound access solves the issue of behavior like reporting home to download even more malware to turn my machine into a bot. I don't care if I'm infected as long as I: 1) don't start talking to outside computers and sending information, 2) don't start talking to outside computers and downloading even more damaging code, 3) don't start infecting other machines on the network and 4) can roll back to the previous state easily. Webroot does all this in a way others don't even come close to matching.

- the cloud based model simplifies use, minimizes install footprint, and minimizes impact on end user as well as admin during deployment - this is a true cloud deployment - not a hybrid solution implemented because everyone is going cloud so we have to and how do we do that fast so we can keep selling our outdated product

- the cloud based aspect means if a major zero day threat hits, all our users are immediately protected - we don't need to run around updating clients, they are always up to date - other vendors "cloud" solutions still needs to push out new definitions to provide protection

- the pricing is very competetive

- from my personal experience - and I have a lot of it (23+ years), and my professional training (GSEC, GCWN, GCIH, CISSP - not current as my executive role no longer requires them) Webroot is leaps and bounds ahead of the competition in protection delivery methodology, functionality, and capability - even with other vendors "cloud" products definition updates are still downloaded to every machine - so they really aren't cloud - they are just the AV product with a cloud management console. And if they don't have the latest definitions downloaded they aren't up to date. And they still install 100's of megabytes of program code on end user machines - even if the installer is only a few MB's - just watch what goes on in the background during an install - or try to install without being internet connected. Webroot has everything they have - AV, identity protection etc without the bloat, but with the performance.

 

Anyway, my 2 cents worth, and just to be clear - you do need to adjust your thinking a bit when it comes to how Webroot protects you, but once you do, and think about it a bit it makes perfect sense. One of those "why isn't everyone doing it this way - it is so simple and make so much sense - why has it taken so long to get here" type of moments.

 

Wayne
In my opinion all the products that still work with the traditional signature based approach are about to fail. To have an AV client that is "reactive" by design wont cut it anymore. Detection rates for all those products you mentioned are well below the official statistics.



Real world tests will show that Webroot actually works well and catches more.



Besides that work with your customers towards a multi layer approach and add additional controls such as browser plugin security, user rights, UTM firewalls, etc.

Reply