We just raised a $30M Series A: Read our story

Webroot Business Endpoint Protection Alternatives and Competitors

Get our free report covering Microsoft, SentinelOne, VMware, and other competitors of Webroot Business Endpoint Protection. Updated: November 2021.
552,407 professionals have used our research since 2012.

Read reviews of Webroot Business Endpoint Protection alternatives and competitors

Mark Krishnan
Associate Director - Infrastructure Engineering at AFT
Real User
Top 20
Great protection, excellent customer service, and an easy to understand UI

Pros and Cons

  • "The UI is simple and self-explanatory. Everything is easy to understand."
  • "Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"

What is our primary use case?

We primarily use the solution as advanced threat protection. It is used to protect all endpoints, servers, etc. 

What is most valuable?

They're very good at what they do. As far as the product is, in its current state, I don't have any complaints at all right now. They do a quarterly review with us, just so they can let us know how many viruses or how much malware they've stopped, etc. Those features are quite good. They also go through the portal step-by-step to describe whatever they improved or tightened up. They will explain everything clearly and in a way that a customer can understand.

They do also ask for feedback, which is nice. They'll ask things like "The last time we changed this, how was your experience?" or "Did you get a lot of false positives?" or "Did you get any complaints?" etc. That's pretty good. Not many companies do that.

The UI is simple and self-explanatory. Everything is easy to understand.

So far, in the past three years, they've been absolutely great. They've been more proactive than the solution we had previously was. They even introduced new products in their line and they came back and told us that they could add that product to our current solution. At first, we added them, then we decided we had sufficient resources in house to manage it ourselves and removed it. They were great about the change. 

They've caught quite a lot of viruses and malware that have been sent through improper links, which is very reassuring. 

They report any network isolation that has been done on certain endpoints if they detect a malicious file or malware on the device that couldn't be cleaned by automation. They isolate it or us. The end-user can contact the service desk and say, "Hey, I'm not able to surf the internet. I can't do anything, so can you help me?" or we're able to look at the endpoint and see "oh, your PC is infected, that's why you aren't allowed on." It's protecting us well.

Even though the users are somewhere else, even when they're not at headquarters, we are able to remediate everything before we put them on the network again. Those network isolations are great when we detect high threat malicious items. Those are valuable tools that we appreciate.

What needs improvement?

If an operating system is stopped by support by the original vendor like Microsoft, or maybe Apple, within a few weeks, CrowdStrike will also decide they no longer support it, and they kind of move on. I understand their model. However, if we still have the OS, it's hard to keep it protected. So, for example, if Microsoft decides to stop supporting or patching a solution, Crowdstrike too will stop supporting it and making updates. It's still a useable product, it's just not getting updates or patches and therefore may be vulnerable. 

The result is that we can't guarantee we're going to be able to protect that hardware or operating system. We either have to upgrade to a newer platform, which sometimes is not possible because you have a legacy application. Whatever that constraint is, sometimes we're not able to move things. We still have to rely on other products to support that. That's the only quandary I have with them. 

Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about.

When a file is infected or it detects a ransomware file network, when it does remediate, it should self-heal as Sophos does. That's a good feature to have, but I don't know enough pros and cons about that to kind of recommend that because if it is a false positive, that may be a problem. If it detected a valid file and if for some reason it decides, "Oh, this looks like an infection," and maybe it's not actually infected, and if it goes in and remediates it by replacing it with an older file, that may be a problem. However, I don't know, because I've never used that feature or heard anybody say that's a problem.

For how long have I used the solution?

I've been using the solution for about three years now.

What do I think about the stability of the solution?

I have two engineers that regularly watch everything. We all get alerts. We'll see if something gets isolated, or a user will tell us. We isolate the issues and work on them so nothing gets through the endpoints into the system. Within 30 minutes to an hour, an issue can be cleared.

It's therefore very stable. We're able to catch everything before it can get it. It's reliable for sure.

They're so pro-active there's very little intervention that we have to do on our end.

What do I think about the scalability of the solution?

The solution is easily scalable. A company shouldn't have any issues with that aspect of the solution.

How are customer service and technical support?

Technical support is great. We've never had to contact them at all. Instead, they've always been proactive and reached out to us.

Their quarterly review manager will contact us every three months. They schedule it months ahead and we actually jump on a Zoom or WebEx meeting. They actually go through the improvements, how much detections they go through, all of our features, anything new that has been added, anything they're seeing out in the world in terms of threats, and where we need to tighten up the roles.

They would improve the sensitivity level or they will decrease the sensitivity level for some false positives. For example, they might say "Hey, we detect these, but they're not really a threat because this is just a Word document that's produced in an older format. It's not something that's malicious." Then they would decrease the sensitivity in certain areas, to eliminate the issue going forward. They always ask permission before tweaking anything. They will come to us and say, "this is what we're considering doing it and why we want to do it. Is that okay?" We usually agree to that and then they go ahead and do it.

It's just a phenomenal company. If they ever stopped the way they handle their customer service, then I would probably move on to a different company. So far they've been pretty good. For the last three years, they contacted us always and told us about every aspect of the solution. I don't think I missed a quarterly meeting so far with them due to the fact that it's all been so valuable.

Which solution did I use previously and why did I switch?

Originally, we had Webroot. We used to get, every so often, a slew of viruses that would get through the cracks. I don't know if Webroot's definition didn't get updated in a timely manner or if they were just delayed in something, however, whatever it was, we used to get that intrusion quite a bit. Then we would patch it and we would have to remediate everything. It wasn't ideal. 

We were looking for a product that would be more proactive than a reactive solution, and after doing a bunch of research, we decided on CrowdStrike. 

How was the initial setup?

The solution's initial setup was very simple. The only thing we had an issue with is our network operation. Is a separate organization that manages it. We have a network operation that we used for 24 hour monitoring. They don't support CrowdStrike and they were not experts in it. They stood us we would have to manage it ourselves. In the beginning, we were kind of worried about it. However, after that initial stage, the simplicity of how to install it, configure it was like a breeze.

We manage the entire solution in house. For maintenance, we have me and two engineers, plus a second level of support. There are around five people altogether.

What's my experience with pricing, setup cost, and licensing?

I'm not sure of the exact cost of the solution. That's a detail our finance department handles.

Which other solutions did I evaluate?

We did research on Cylance. We looked at Norton as well. We went through a bunch of products and we decided CrowdStrike was probably the most advanced threat protection at that time, which was three years ago. 

One of the products we were looking at is Sophos. The reason we were looking at Sophos is we were purchasing a backup and disaster recovery tool. In that tool, they had a built-in Sophos pack; they integrated Sophos in to protect the backup and replication and recovery. That way, if a backup had infections, for some reason, and they weren't picked up, and it got into our backup product, then Sophos could kick in and pick it up. It has automated remediation, meaning it reverses back the infection before infection if that makes sense.

Sophos has a self-healing technology built into it, which is an AI technology that they invented. We were looking at that because we thought that may be a better product. We were doing some homework on that and trying to figure out more about it. We're still in the process of purchasing a backup and recovery tool, so we're still doing our homework.

What other advice do I have?

We're just customers. We don't have a business relationship with the company.

I'm not sure which version of the solution we're using. The last time I checked, it was version 5.6. It is up-to-date, however. I get a report every so often saying, we've updated the sensors, or current version, etc. It's an auto-update and it does that. Whenever it's missing something or it couldn't reach an endpoint, the company will send me a report of that, saying these endpoints are not updated because we couldn't detect it on the network any longer.

The only advice I would say to others considering the solution is, if they have an unsupported operating system or legacy application, to look closely at CrowdStrike to see if the solution actually makes sense for them. This is due to the fact that they're not going to be able to support it. If they have thousands of servers and 20% of them are legacy applications, they may not want to think about CrowdStrike because the solution doesn't support legacy products. Other than that, I fully recommend CrowdStrike. The advanced threat protection they have has always been great.

I'd rate the solution a solid nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Ronald Rosenbaum
Managing Director at The IT Agency Pty Ltd
Real User
Top 20
A simple, effective, and lightweight antivirus solution

Pros and Cons

  • "This solution is good at catching viruses and it's very effective and lightweight, which are all things that you want in an antivirus product."
  • "Reporting on incidents needs improvement."

What is our primary use case?

We provide managed services for our clients and we are looking at this solution for many, if not all, of our customers. Depending on the results of our evaluation, we may be making it our standard.

What is most valuable?

This solution is good at catching viruses and it's very effective and lightweight, which are all things that you want in an antivirus product.

It's fast in comparison and we like that. It's simple, which is okay.

What needs improvement?

Reporting on incidents needs improvement. It doesn't give very much information compared to Sophos. Sophos will give you a graphic that you can zoom in on the subject and find out everything that the exploit tried to do. It gives you a visual sense of what is going on.

When it does find something I am not 100% sure that they are exploits or if they are false positives. At times, it can be difficult to tell what the problem is.

The deployment was a bit difficult. It was more difficult than Sophos, for example, with having to create an installer. I had to read through a lot of documentation to figure it out. It's clunky and cumbersome.

In Sophos, I can click what I want and it downloads an installer for each tenant. It just takes seconds. Whereas with Deep Instinct, I have to create a whole script and a lot more steps to deploy it.

You have to be more technical to deploy it. You can't just send a file to an end-user and have them install it. You have to have technical expertise.

The dashboards are quite primitive compared to Sophos, which is both good and bad. It's good because it's fast.

Easier Deployment would be better. More integration with RMMs, such as LabTech or Automate. Also, there should be more optics. When it does something, more information on what's happening would help us to make better decisions.

What do I think about the stability of the solution?

We are still in the test phase at the moment, but I know a few companies that use it in mass and they like it a lot. From them, I know that it is stable.

What do I think about the scalability of the solution?

The solution is scalable and there are no issues with that.

Which solution did I use previously and why did I switch?

Previously we were using Webroot, but we are in the process of getting rid of it. We are thinking of moving all of our clients to Deep Instinct, and Sophos. We may have some clients on one and some on the other.

We have been using Sophos for five years now.

Sophos uses a huge amount of resources. There are a lot of components, and because it has so many, sometimes there are problems with installations. When there is a problem it takes forever to fix it. Also, it drains battery life on my laptop or tablet. With Deep Instinct, it lasts for hours.

Which other solutions did I evaluate?

 We are in the process of evaluating Deep Instinct.

What other advice do I have?

I would suggest that people seriously consider using Deep Instinct. It's no-frills but effective and lightweight.

At this point, I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Get our free report covering Microsoft, SentinelOne, VMware, and other competitors of Webroot Business Endpoint Protection. Updated: November 2021.
552,407 professionals have used our research since 2012.