The Webroot Evasion Shield protects users from a variety of script-based attacks. Admins can enable it via a global policy setting in the Webroot Management console. For more information on the Evasion Shield,
please see the FAQ.
Important Notes:
- The Evasion Shield is managed in the Webroot Management console. It cannot be enabled using the Endpoint Protection console.
- Your admin account must have the Account Type Super Admin to be able to modify global policy settings.
- The Webroot Endpoint Protection agent must be running version 9.0.28.00 or later to support the Evasion Shield.
To enable the Webroot Evasion shield:
- Log into the Webroot management console.
- In the left nav bar, click Policies and select the Endpoint Protection tab.
- Find and click the policy that you want to modify.
Tip: If the devices you have chosen to apply the Evasion Shield are currently using a System Policy (designated by a lock icon and located at the top of the list), you will need to create a copy of the policy and modify that. System Policies cannot be changed.
To create a copy of any policy:
- Click the policy you want to copy.
- Click the Copy button.
- Enter a Policy Name and Policy Description.
- Click Copy.
- In the Policy Settings section, scroll to the bottom and locate Evasion Shield.
- Click the down caret to expand the section, then make a selection for the Script Protection setting. The options include:
- Off (default setting) – the shield is disabled
- Detect and Report – scripts are detected and reported; admins can view script activity in the Reports tab by opening the Evasion Shield – Detections report
- Detect and Remediate – scripts are detected, moved to quarantine, reported, and any system changes auto-remediated
- Click Save to modify the policy and save the new setting.
- Apply the updated policy to the devices that should have the Evasion Shield enabled.
- Policy updates and new policies are applied as devices check-in to the console. Devices can be forced to check-in when needed.
If you need additional assistance,
please contact Support.