Webroot DNS Filter

I’m trying to use the Webroot DNS filtering on a server. It looks like it’s an add-on feature but I can’t find any info on Syncro about pricing for this module. Is it available? I tried turning it on as a trial and setting up all the filtering policies and everything looks good on the Webroot dashboard but it doesn’t seem to be installing.

https://help.syncromsp.com/hc/en-us/articles/360034435513-Webroot-Integration has no mention of filtering so don’t think it’s available.

Hi James! Our version of Webroot does have the DNS option but this is not included in our initial pricing. Antivirus is included with Webroot, but DNS Protection would be an add-on which is an additional $1.00 per asset so together would be $2. This can be enabled on the Webroot side through your SecureAnywhere portal.

Did Webroot stop installing via the agent after you enabled the trail, and was it installing previously?

Webroot AV is installing and working fine, no problems there, but DNS protection is not installing as far as I can tell. I first enabled the DNS filtering on trial, but have since switched to paid. It is still not installing.

I have gone through all of their steps in creating a DNS group, applying a DNS policy, setting DNS policy to install on servers, and setting AV policy to install DNS protection. It’s just not installing on the server I’m trying to get it to work on. Don’t know what I’m missing and/or doing wrong.

I’d like to take a deeper look at this since it should be supported. Ticket coming your way shortly! That’ll be inbound to the email attached to your forum account.

Whoops, sorry, everything is installed. I started gathering some info for you and noticed it did show that Webroot DNS was installed. Logged onto the server again and it was installed, however the service was stopped. Once I started the Webroot DNS service, everything seems to be functioning the way my policy is set. I think I’m good to go now, just have to remember to check service or restart after install.

1 Like

I run an audit script to check for OpenDNS / Quad 9 / CloudFlare DNS. Maybe you can add Webroot.

## Verify at least one DNS filtering service is active
Import-Module $env:SyncroModule

## Cloudflare (Malware filtering 1.1.1.2/1.0.0.2 minimum)
if (Resolve-DnsName phishing.testcategory.com -type A -ErrorAction SilentlyContinue | Where-Object {$_.IPAddress -NE "0.0.0.0"} | Select-Object -Property IPAddress) { write-host("Failed Clouflare DNS malware filtering audit") } else { write-host("PASSED Clouflare DNS malware filtering audit"); exit 0 }

## OpenDNS
$ip = (Resolve-DnsName internetbadguys.com -type A -ErrorAction SilentlyContinue | Select-Object -Property IPAddress)
if (( ([version]'146.112.255.152') -lt ([version]$ip.IPAddress) -and ([version]$ip.IPAddress) -lt ([version]'146.112.255.159') ) -or ($ip -eq '67.215.92.210') ){ write-host("Failed OpenDNS filtering audit") } else { write-host("PASSED OpenDNS filtering audit"); exit 0 }

## Quad9
if (Resolve-DnsName isitblocked.org -type A -ErrorAction SilentlyContinue | Where-Object {$_.IPAddress -like "*.*.*.*"} | Select-Object -Property IPAddress) { write-host("Failed QUAD9 DNS malware filtering audit") } else { write-host("PASSED QUAD9 DNS malware filtering audit"); exit 0 }

Rmm-Alert -Category 'DNS Filtering' -Body 'Failed DNS filtering audit (Cloudflare|Quad9|OpenDNS)'

Edited to note the Cloudflare check is for Cloudflare for Families. Audit makes sure malware filtering of 1.1.1.2 or 1.1.1.3 is in use. If you need to ensure the 1.1.1.3 (adult & malware blocking) DNS is set, I have a separate script. Let me know.

2 Likes