The Webroot Evasion Shield protects users from a variety of script-based attacks. Admins can enable it via a global policy setting in the Webroot Management console. For more information on the Evasion Shield, please see the FAQ.
 
Important Notes:
  • The Evasion Shield is managed in the Webroot Management console. It cannot be enabled using the Endpoint Protection console.
  • Your admin account must have the Account Type Super Admin to be able to modify global policy settings.
  • The Webroot Endpoint Protection agent must be running version 9.0.28.00 or later to support the Evasion Shield.
 
To enable the Webroot Evasion shield:
  1. Log into the Webroot management console.
     
  2. In the left nav bar, click Policies and select the Endpoint Protection tab.
     
  3. Find and click the policy that you want to modify. 
     
    Tip: If the devices you have chosen to apply the Evasion Shield are currently using a System Policy (designated by a lock icon and located at the top of the list), you will need to create a copy of the policy and modify that. System Policies cannot be changed.

    To create a copy of any policy:​
    1. Click the policy you want to copy.
    2. Click the Copy button.
    3. Enter a Policy Name and Policy Description.
    4. Click Copy.
     
  4. In the Policy Settings section, scroll to the bottom and locate Evasion Shield.
     
  5. Click the down caret to expand the section, then make a selection for the Script Protection setting. The options include:
     
    • Off (default setting) – the shield is disabled
    • Detect and Report – scripts are detected and reported; admins can view script activity in the Reports tab by opening the Evasion Shield – Detections report
    • Detect and Remediate – scripts are detected, moved to quarantine, reported, and any system changes auto-remediated
  6. Click Save to modify the policy and save the new setting.
     
  7. Apply the updated policy to the devices that should have the Evasion Shield enabled. 
     
  8. Policy updates and new policies are applied as devices check-in to the console. Devices can be forced to check-in when needed.

If you need additional assistance, please contact Support.
Is this article helpful?
   
Thanks for your feedback!

Powered by NOHOLD Inc. U.S. Patent No. 10,659,398
All Contents Copyright© 2024