Why Does Webroot Not Notify W8/8.1 Users that WSA Firewall Controls are UnavailableDisabled?

  • 30 March 2015
  • 7 replies

  • Anonymous
  • 0 replies
Why does Webroot not notify W8/8.1 users - either prior to or during WSA installation - that the firewall controls are unavailabledisabled ?
Afterall, am I not being charged for those features ?
Now, I know that Windows firewall controls are not disabled - but the WSA firewall AllowBlock radio buttons, plus the alert rulespolicies are missing.
I'm not interested in the technical details - only in an explanation why purchasers are not notified about this fact prior to purchase.

7 replies

Userlevel 7
Badge +52
First off, it's important to understand that the WSA firewall works differently than a traditional firewall in that it works together with the Windows firewall, functioning as the outbound component while the Windows firewall takes care of the inbound traffic. More specifically, it blocks malicious data traffic coming onto your computer. Basically, when both are turned on, they work in tandem to monitor data traffic coming in and out of your computer ports, looking for untrusted process that try to connect to the internet. The result is an intelligent and hassle-free firewall that unintrusively performs in the background, letting our powerful antivirus work it's magic and only steps in if it misses something. 

Windows 8 presents certain technological limitations to our current firewall implementation and we are evaluating our options in light of those limitations. The operating system itself is locked down in certain respects that limit what third-party firewalls are capable of, which is why you don't see some of the features in Windows 8 that you would otherwise see in older versions of Windows.
The Webroot SecureAnywhere firewall and software is compatible with any other antivirus or firewall application, so you should have no problem running our software alongside your other antivirus/firewall. While it is possible for another antivirus or firewall application to interfere with WSA, no part of Webroot should interfere with other firewalls as WSA is built to recognize and co-exist with other legitimate antivirus/firewall applications. Running the Windows firewall alongside our program is recommended and sufficient because the Windows firewall is effective against hostile inbound connections, whereas SecureAnywhere provides effective outbound protection.
Userlevel 7
Badge +56
Hello and Welcome to the Webroot Community!
Please read this: https://community.webroot.com/t5/Ideas-Exchange/Outbound-connections-fw-control-in-Win-8-Win-8-1/idi-p/60003 and it's the same on Win 10 Preview.
Daniel 😉
Both Petrovic's and DoubleHelix's replies are appreciated, but they are technical explanations as to why the WSA firewall features are absent.

As I mentioned in my OP, I am already aware of the technical challenges faced by Webroot in implementing the WSA firewall features on W8/8.1. I am not interested in the technical details as they are irrelevant to the issue and my questions regarding it.

I have no problem with the W8/8.1 OS constraints that make the WSA firewall features impossible to implement.

On the other hand, it is a long-standing issue (as far back as 2012), that Webroot does not inform W8/8.1 consumers prior to purchase of WSA's firewall featurecontrol limitations within the software itself.

So the questions remain...

Why does Webroot not inform customers - either prior to or during installation - that the WSA firewall features will not be available?

Once again, am I not charged for that feature?

This is not meant to be argumentative or belligerent. However, I think Webroot has an obligation to inform W8/8.1 consumers prior to purchase of the limitations.


Sorry, above should read TripleHelix - not DoubleHelix.
Userlevel 7
Badge +56
Well I don't think Development has anything to add but we will see? @ @ @ @
@ wrote:
Well I don't think Development has anything to add but we will see? @ @ @ @
Thank You...TripleHelix
I am actively testing Webroot against various malwares.  When the malwares establish outbound connections to their servers, I have not seen a single WSA firewall alert.  Some of those servers have been widely recognized as C&C servers by the anti-malware community.
To be perfectly honest, that WSA did not block any of the outbound connects really surprises me.
I expected at least some of those connects would have been blocked by the Web Shield.  So I can only assume that none of the malicious remote IP addresses are in the Webroot database(s).
Thank You, TripleHelix.

Best Regards,