Here are my questions:
- How does WSA determine what programs to automatically add and their status (protected/allow/deny)? Right now it seems it has added my browsers. What if I don't want that to happen?
- How can I set a default status for programs on a policy level?
- How can I specify PAs on a policy level? It doesn't appear possible??
- How is the admin (me) alerted when a workstation makes a block happen, or when a workstation has a new PA added with a "blocked" status?
It looks like if we use this product then I'll need to disable Identity Shield altogether. It's a cool feature but without any administrative controls to automatically prevent a workstation from auto-blocking an application I cannot use it.
As constructive criticism as a developer and sysadmin myself, I think the control of this feature is terribly designed. Who thought it was a good idea to build in an auto-blocking feature that could very likely disrupt workflow for any number of clients without having any sort of feedback to the sysadmin (through the web client) AND additionally not provide a way to set any default settings? I guess "off" is the default setting I need.
I like Webroot for its alternative approach to malware but have been amazed by it's lack of options and control offered to the administrator. Some of these lacking configuration features are essentially crippling the feature altogether as they will need need to be disabled to ensure that workflow is not interrupted.
Something the developers need to understand is that a sysadmin does not ever want to single out a specific machine in his network. EVER. Everything should be able to be controlled on a policy/domain basis, to multiple clients at once. Yet, I've found a considerable number of features in the WSA client that are not configurable via the administrative console. If an option is NOT configurable on a policy level, it's the same thing as making the sysadmin apply it individually. This is because, after the intial options setting (where all clients can be selected), every new client would need to have the settings applied as it is added.
I'm not sure if Webroot is actively developing and improving these things or not? Make all developers become sysadmins and they will start designing more useful products.
Also, I can assume the same for the outbound firewall, which I would also need to disable. I don't think I can globally whitelist any programs on a policy level, which is super annoying.
I don't mean to rant but want to offer some opinions to hopefully improve a product that I see as having great potential (for my company and others) but is not there yet. Thanks!