Kaspersky Endpoint Security Review
Antivirus software has existed nearly as long as computers have, and Kaspersky is among the many storied brands in this arena. The company offers a range of security products to fit the needs of any size business from home-based, one-person startups to corporations with thousands of employees.
CEO and co-founder Eugene Kaspersky began the company by accident. His computer became infected with an encrypted virus. His background in cryptography allowed him to build a solution to remove the virus, leading to the development of an antivirus database that today contains information on over half a billion malware programs.
Kaspersky the cybersecurity company was founded in 1997. It now protects 270,000 businesses and governments across 31 countries, making it one of the largest privately-held security organizations in the world.
The company’s Kaspersky Endpoint Security technology provides protection for endpoints such as workstations and servers. It’s packaged for small businesses as the Kaspersky Endpoint Security Cloud solution. Let’s dig into this endpoint security software to understand its strengths and weaknesses.
Who is Kaspersky Endpoint Security for?
Kaspersky Endpoint Security Cloud is for small businesses with a dedicated IT department and fewer than 100 employees. It’s designed for a small IT team, so they can manage security quickly and efficiently.
To do this, the software concentrates on the IT protection basics. But if you have a full-blown security operations center (SOC), the Kaspersky Endpoint Security Cloud offering is too simplistic.
Companies with a SOC typically seek advanced security options, such as endpoint detection and response (EDR) for post-breach remediation. In this case, look to Kaspersky for business solutions intended for mid-sized and larger companies.
Kaspersky Endpoint Security Cloud focuses on threat prevention for computers running on Windows, Mac, or Linux. It’s optimized for Windows, so some of its security features are only available on Windows machines.
The platform includes protection for companies using Microsoft Office 365. This requires setting up your Office 365 implementation as a separate workspace from your endpoints, but it’s covered under the same Kaspersky license. The software also provides mobile protection for Google’s Android and Apple’s iOS devices. Your subscription covers security for two mobile devices per user.
For your file servers, the Kaspersky server antivirus is available as part of the distribution package. You can configure the package to work with proxy servers as well.
The platform’s Monitoring tab serves as its main dashboard. Source: Kaspersky software.
Kaspersky Endpoint Security’s features
Kaspersky Endpoint Security leverages cloud-based technology, such as machine learning, to deliver its many IT security features. We’ll go over its primary capabilities in this section.
Kaspersky Endpoint Security uses several protection layers to prevent malware from infecting your IT network. These include antivirus to block malware, web defenses against malicious websites, and anti-theft features to remotely locate or wipe data from a stolen device.
Some of its protection capabilities include the following.
- Behavior analysis: Kaspersky Endpoint Security collects actions performed by computer processes and analyzes this data for behavior indicative of malware. This Behavior Detection, Exploit Prevention, and Remediation Engine allows Kaspersky to catch malware trying to avoid detection, such as dangerous ransomware. It can also roll back changes made by malware.
- Internet protection: The platform scans inbound and outbound web traffic from your endpoints. It examines websites for phishing indicators, and to determine if the site is on Kaspersky’s list of malicious web addresses. Its Web Threat Protection blocks access to these sites. This complements the platform’s Network Threat Protection, which blocks inbound traffic indicative of a network attack on the user’s computer.
- Threats in email: It also scans incoming and outgoing email, looking for viruses and other dangers. After discovering a threat, the software identifies the malware type — for example, if it’s a Trojan — and blocks the message.
These security features prove potent. The independent testing lab AV-Test Institute threw over 13,500 malware samples at Kaspersky Endpoint Security. The software stopped them all.
Against nearly 400 zero-day threats, which specifically target endpoint vulnerabilities, Kaspersky Endpoint Security caught all of these as well. Its performance exceeded the industry average of 98.9%, netting the platform a perfect score for protection.
The ability to avoid flagging legitimate software as a threat is another important consideration. In this area, Kaspersky Endpoint Security again exceeded industry averages. Against over one million software samples, Kaspersky Endpoint Security correctly identified 100% in AV-Test Institute’s latest round of testing. The industry average was 27 false positives.
Kaspersky Endpoint Security provides excellent protection without hurting your endpoint’s performance. In tests, Kaspersky Endpoint Security exceeded industry averages for performance, earning another perfect score.
For example, visiting 50 popular websites on a standard computer configuration led to performance slowdown an average of 9% of the time compared with the industry average of 14%. The software helps here by allowing you to schedule antivirus scans around the times when users need computer resources, only running scans when a device is idle.
In my own tests, I was able to install Kaspersky Endpoint Security on an old Android smartphone. I was pleasantly surprised when I experienced no noticeable impact on the phone’s performance despite the age of the device and operating system version.
Kaspersky Endpoint Security comes with a default security profile. Source: Kaspersky software.
Additional security tools
Kaspersky Endpoint Security gives you a range of security options based on the types of endpoints you’re protecting.
- You can set Kaspersky encryption to automatically encrypt data on endpoint hard drives.
- The software’s Host Intrusion Prevention feature blocks applications from performing actions that may prove harmful to the endpoint’s operating system.
- The Kaspersky firewall lets you control network traffic and block dangerous activity such as a remote desktop connection attempt.
- You manage which websites are permitted or blocked from access, and even choose to block entire categories of content, such as sites containing weapons or gambling.
- For mobile devices, you can oversee app installations. In this way, you can block users from installing apps that may harbor malware.
The Kaspersky Endpoint Security Cloud Management Console serves as the web-based interface from which to oversee your IT security. The UI (user interface) is simple, intuitive, and elegant.
The console’s monitoring section, which acts as its primary dashboard, allows your IT team to quickly review the health of your security. It displays charts highlighting key information such as any detected threats. Its protection status chart does not include iOS devices, however.
IT teams will find the platform’s Cloud Discovery feature particularly useful. This capability lets you analyze the external services used by company employees. With the widespread adoption of external cloud software such as Google Drive, it’s important to understand your staff’s use of these solutions. If they are storing company materials to these external services, you want to know and have a policy around that.
Kaspersky Endpoint Security’s vulnerability analysis tool allows you to quickly scan endpoints and shows those with vulnerabilities to address, such as outdated software. From the console, you can then deploy software patches in bulk, complete with the ability to include a message giving users a heads up. This feature is only available for endpoints running on Windows.
The platform uses security profiles to manage the protection policies applied to your endpoints. A default profile comes pre-installed to get your IT security implemented quickly. You can modify this profile or add custom ones based on your organization’s security needs.
The Cloud Discovery widget provides insights into staff use of external services. Source: Kaspersky software.
Kaspersky Endpoint Security’s reporting is an important aspect of managing your IT protection. It gives you the information needed to act on threats and to plug weak points before a threat can exploit them.
The console’s monitoring section displays several charts to help you analyze your security posture. This information provides protection status, threats and vulnerabilities found, and user details.
The number of built-in reports isn’t extensive, but they cover the basics. You’ll see reports on identified threats, network attacks, and the security status of your devices. You can generate reports quickly within the console, or schedule them for the platform to automatically email a copy to key recipients.
Kaspersky Endpoint Security comes with a set of built-in reports. Source: Kaspersky software.
Kaspersky Endpoint Security’s ease of use
Kaspersky makes the experience of using its software easy from the start. Once you sign up for an account, the Kaspersky Endpoint Security Cloud Management Console presents you with a Getting Started page walking you through the setup steps.
Kaspersky designed its product for quick, easy deployment. You can send users a link to download and install the Kaspersky software’s security agent onto endpoints, or perform installations through Windows Active Directory or manually by using the distribution package.
Kaspersky Endpoint Security comes pre-configured, such as a default security profile to apply to endpoints, so you can implement your IT security with minimal effort. For instance, the platform’s Host Intrusion Prevention settings already come with a list of executable applications where it will block risky actions.
Kaspersky does a great job creating a seamless experience between its business hub, where you manage your licenses, and its security console. Other security software makes you log into different portals, bouncing you back and forth. There’s none of that with Kaspersky.
When it comes to using the platform on a daily basis, Kaspersky Endpoint Security Cloud is straightforward. The console’s design makes working in it easy. It unfolds progressively more functionality as you drill deeper into a component, so you can focus on the features related to the task you’re trying to complete.
For example, a Devices section lists the endpoints you’re protecting. Click into a device’s security profile, and you’ll find further features based on the device’s operating system, such as settings for scanning computer files.
Since you’re managing security through a single web-based console, it’s easy to log in, quickly assess security status, and move on with your day. This gives a small IT team time and bandwidth to fulfill other responsibilities.
Kaspersky walks you through the setup process. Source: Kaspersky software.
Kaspersky Endpoint Security’s pricing
Kaspersky Endpoint Security Cloud starts at $405 per year for ten endpoints. The final price varies based on how many years you purchase in advance as well as the number of endpoints. You receive discounts on your subscription when buying more years of service and coverage for a greater number of endpoints. Kaspersky also provides a discount for new customers.
The Kaspersky price is comparable to competitor solutions when factoring in the discounts. Otherwise, it’s $405 price tag is a bit higher that of than its rivals. The company also offers a free 30-day trial of its product.
The Kaspersky price varies based on the solution, number of endpoints, and years of service you’re buying. Source: Kaspersky software.
Kaspersky Endpoint Security’s support
Online support for Kaspersky Endpoint Security is robust. Its self-service portal is easy to navigate, and packed with product documentation, how-to articles, online training, and instructional videos. Some video tutorials are also conveniently embedded into the management console to help you get up to speed.
The online support portal is well organized, and its search functionality is effective at delivering relevant results. Kaspersky integrates its user manuals and knowledge base articles in a seamless experience so you aren’t lost or confused by shifting from one to the other.
Additional help options include phone support, a community forum, chat, and an online IT ticketing system to report specific issues. Phone support and chat are limited to normal business hours on weekdays (Eastern Time in the US), so if you have an urgent issue after hours or on the weekend, you’re limited to self-serve options.
If you want a higher level of help on an ongoing basis, Kaspersky offers premium support plans that you can purchase separately.
Benefits of Kaspersky Endpoint Security
Kaspersky Endpoint Security’s top benefit is its strong protection capabilities. Along with this, the software offers a solid set of features and well-organized online help.
The Kaspersky Endpoint Security Cloud Management Console is easy to use and lays out functionality in a logical fashion. It groups key security parameters together under intuitive headings, making navigation a breeze.
Kaspersky delivers several other benefits as well:
- The platform helps you identify the shadow IT actions of your staff, such as storing files on external services.
- Deployment is straightforward and fast.
- Robust security policies are set up for you from the start.
Another benefit is Kaspersky’s extensive selection of security products. As your business grows, your IT protection can evolve along with you.
Configuration options abound, such as extensive rules for your firewall settings. Source: Kaspersky software.
Controversy about Kaspersky products
In 2017, the US government banned Kaspersky products for use by federal agencies, citing concerns that Russian-based Kaspersky was vulnerable to Russian government influence. Kaspersky denies any connection to the Russian government. However, the ban extends only to US government agencies and contractors. Private companies can continue to choose Kaspersky products for their organizations.
As a result, during the onboarding process, you’ll notice more legal documents and disclaimers than you might experience with other vendors. Kaspersky particularly calls out how your data is used by the company.
Kaspersky products collect data, such as the websites you visit, to evaluate potential new threats, and to stay ahead of cybercriminals who themselves are constantly evolving their attack tactics. Kaspersky’s approach is commonplace in the security industry and performed by many other security vendors.
In response to the government ban, Kaspersky implemented its Global Transparency Initiative, moving many of its data storage and processing capabilities to Switzerland. Its Transparency Centers permit customers to review Kaspersky’s security technology and use of data. Kaspersky’s terms of service also allow you to audit the company’s use of your data as part of this transparency effort.
A strong small business security suite
The Kaspersky Endpoint Security Cloud solution is a solid foundation for your small business’s IT protection. Its defenses are excellent at threat prevention with extensive tests proving its effectiveness against cyberattacks.
The platform balances rich security features with ease of use, making it a great option for small businesses. But as part of this balancing act, it’s not all-encompassing.
Kaspersky Endpoint Security Cloud doesn’t include advanced remediation features such as threat hunting technology, available in Kaspersky’s higher-end product lines. It’s also best for Windows machines since a number of features are only available to Windows operating systems.
Many small businesses won’t find these detractors as barriers. Given its strong prevention capabilities, Kaspersky Endpoint Security is an excellent entry point to establishing your IT security.
Frequently Asked Questions for Kaspersky Endpoint Security
Does Kaspersky offer a free version of its endpoint security?
No free version exists, but Kaspersky offers a free 30-day trial of its business products, including Kaspersky Endpoint Security Cloud. The company also provides some free stand-alone tools such as a virus removal program for an infected computer.
Does Kaspersky Endpoint Security cover mobile devices?
Yes, Kaspersky Endpoint Security includes mobile protection for Android and iOS devices. The platform’s features will vary by device type. For example, iOS devices require additional setup steps.
Is Kaspersky Endpoint Security banned in the US?
No, it’s legal to use Kaspersky products, including its endpoint security, for non-government use. Kaspersky products are only prohibited for government agencies as well as private organizations performing contract work for the US government.
VIA | fool.com