<rant mode on>
DONT DO IT.
Egads, we drank the Koolaid against our own good judment, and as natively lazy SySaDmInS, depolyed to a few small clients and our own office alongside Vipre Business Anti-virus. We used the silent audit, then when the agents checked in, changed to recommended defaults. Ran a couple of manual deep scans in succession that ran in less than 5 minutes. What? This can't be right, but everything appeared to be running normally. Until..... 10:00 AM the following morning, all hell-o breaks loose.
(Side note - Why on earth would a "Recommended Default Workstation" policy be set to run, out of the box at 10:00 AM? The workerbees are just getting into full production honey-making mode at 10:00 AM.) What were they thinking???
Webroot (kit?) and Vipre were having a conniption fit fignting over who is going to scan about 60 threads. Even the page file was getting scanned by Webroot. The two programs pegged the Disk Activity to sustained %100 utilization. So much for "Light Weight" The computers turned int Zombies at three clients sites, all calling on the phone saying "Hey, can you look into this, all our computers are running slow "Something must be running in the background.......we can't work, we're down!!!" We would have loved to have helped, but all of our technicians and dispatchers computers were in a trance, and there we were, up sewer creek without a paddle or bucket and the dirty water was coming in fast.
FIRE DRILL MODE X4
Both Vipre and Webroot have anti-tamper restrictions that would not allow us to kill the tasks, no-way, no-how Dorothy.
We were finally able to kill some production apps in the task manager, to drop the disk utilization, pegged now at 98%, With 2% overhead, we had just enough hard drive resources to move around and boot into slave mode and disable the services, reboot again and start calling our clients to round-robin all the computers and disable both AV's so they could get back to work.
This cost us SIX MAN HOURS of productivity in our own office and clients lost over FIFTY HOURS, sending our SLA down the toilet zone by over 23.64%. OUCH!
The bottom line is that it is our own fault, with 25+ years of IT experience, we knew better. But then again we were hypnotized by the marketing malarkey everywhere on this website that Webroot runs well with other AV programs and promoting the option to "no need to uninstall existing AV when deploying Webroot.
Please change your marketing razz-a-ma-taz to say that Webroot runs alongside "many, some, a few, most other anti-virus programs except Vipre Enterprise Business and lets get back to the "best practice" of migrating AV by uninstalling the old one first, then install the new one. IT Guy 101.
By the way...... 10:00 AM for a Deep Scan Default in production environments? NO. Just NO. NO NO. Probably a good idea for all the BestBuy home computer ducks that have AV gavaged down their gullets by the fast talking sales guys who insist on "Optimizing your brand new comptuer for $69 with a free copy of your software. They are away from the HOME and at WORK at 10:00 AM. The reverse is true for the S.S. Enterprise version. Set the scan default to 2:00 AM, Mr. Zulu.
Now about that Deep System Scan on a 100 GB data drive in less than 5 minutes.......I'm not feeling much love for this software right now..... We'll see....The interface is slicker than snot on a doornob, we will +1 on that, but it will take some time to tell before we can have full confidence in the product as an Enterprise security solution. We've been jaded and snake-bit on this one.
Don't drink the Koolaid!
-Rickkee Rantton
<rant mode off>
Page 1 / 1
Normally we work ok with most other AV programs, but sometimes they change things up and then we have to do some tweaking. Probably the best thing to do for this situation is have support work with you, as it sounds like some in-depth digging is required. Would you like me to have them contact you?
Hello and thank you for the quick reply and offer to generate a support request.
As I stated, its our own fault 🙂 The problem was with Vipre real time protection enabled. When Webroot was doing the initial scan (Silent Audit), multiple threads were opened in both Vipre and Webroot. Vipre was scanning every file accessed by Webroot, and scanning Webroot executables. Maybe it was trying to stop the "Webroot Treat" and couldn't because of the stealth - anti-tamper settings.
We found that the "Silent Audit" default settings are not optimal for our universes. We are setting a default silent audit with modified settings to be more consertative.
BASIC CONFIGURATION
1.) Operate background functions using fewer CPU resources. Default: OFF Our Preferene: ON
2.) Favor low disk usage over verbose logging. Default: OFF Our Preference: ON
3.) Poll Interval. Default: 30 Minutes Our Preference: 15 Minutes
SCAN SCHEDULE
4.) Scan Schedule Time: Default: 10:00 AM (really? why in the world?) Our Preference: 2:00 AM (after the bars are closed)
SCAN SETTINGS
5.) Do not perform scheduled scan when a full screen.... Default: ON Our Preference: OFF
6.) Favor low CPU over fast. Default: OFF Our Preference: ON
SELF PROTECTION
7.) Self Protection: Default: ON / Maximum Our Preference : OFF
REAL TIME
8.) Scan files when written or modified: Default:ON Our Preference: OFF
WEB THREAT SHIELD
9.) Enabled - Default: OFF Our Preference: ON: (Who wants to catch CryptLocker?)
Anyhow, the problem is resolved, and Webroot so far seems to be a great product.
Thanks and happy WebRootin'
As I stated, its our own fault 🙂 The problem was with Vipre real time protection enabled. When Webroot was doing the initial scan (Silent Audit), multiple threads were opened in both Vipre and Webroot. Vipre was scanning every file accessed by Webroot, and scanning Webroot executables. Maybe it was trying to stop the "Webroot Treat" and couldn't because of the stealth - anti-tamper settings.
We found that the "Silent Audit" default settings are not optimal for our universes. We are setting a default silent audit with modified settings to be more consertative.
BASIC CONFIGURATION
1.) Operate background functions using fewer CPU resources. Default: OFF Our Preferene: ON
2.) Favor low disk usage over verbose logging. Default: OFF Our Preference: ON
3.) Poll Interval. Default: 30 Minutes Our Preference: 15 Minutes
SCAN SCHEDULE
4.) Scan Schedule Time: Default: 10:00 AM (really? why in the world?) Our Preference: 2:00 AM (after the bars are closed)
SCAN SETTINGS
5.) Do not perform scheduled scan when a full screen.... Default: ON Our Preference: OFF
6.) Favor low CPU over fast. Default: OFF Our Preference: ON
SELF PROTECTION
7.) Self Protection: Default: ON / Maximum Our Preference : OFF
REAL TIME
8.) Scan files when written or modified: Default:ON Our Preference: OFF
WEB THREAT SHIELD
9.) Enabled - Default: OFF Our Preference: ON: (Who wants to catch CryptLocker?)
Anyhow, the problem is resolved, and Webroot so far seems to be a great product.
Thanks and happy WebRootin'
Glad you were able to get it sorted out and thanks for letting us know the outcome!
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.