Kaspersky Endpoint Security for Business is a multi-layered platform, offered as a cloud-based or on-premises solution, geared toward protection and unified management to secure corporate data and every layer a network. Please note, only Windows servers are supported and this product doesn’t include an appliance offering.
It is ideal for small and medium-sized businesses looking for easy security management and the benefits of cloud service. It protects against all threats by identifying vulnerabilities, distributing patches, delivering extended systems management capabilities and securing gateways, email and collaboration servers.
Installation with Red Hat Packet Manager and Debian was straightforward and 32- and 64-bit Windows installers are also available. The on-premises deployment model requires Windows Server and SQL Server Express, which took some time to stand up. As with other products, you can create an installer to deploy through the Server Management Interface. We found the process of creating a Linux package unclear and suggest Kaspersky include a more detailed explanation.
The latest version features Adaptive Anomaly Control, which intelligently perceives and blocks anomalous applications and user behavior. The console option is more fully featured than the current web option, however, we were told an update will offer more web-based threat prevention capabilities.
Exploit Prevention identifies products with vulnerabilities and blocks operations when there is an attempt to leverage one. This is based on known installed software vulnerabilities. This feature has found five zero-day threats in the last seven months.
We were satisfied the Kaspersky Security Center functioned as designed. We ran our toolset against it and it deleted or quarantined the executables. However, the client or dashboard provide little notification. The notify flag seemingly is separate and would have to be configured as part of the policy behavior. We were able to change the hash of a program and take it through execution. This product lacks the storyboarding capabilities found in other solutions. We suggest including storyboarding in future releases to bring visibility and context into the full picture of attacks. We were informed the Security Center will be upgraded.
The console’s design aesthetic felt dated with an interface less clear and concise compared to other products we saw. It functioned adequately, albeit with a clunky navigation experience and less of an intuitive feel. We were impressed with how report-driven this solution is – providing 60 different customizable out-of-the-box templates that show typical items like what was detected, where and what action was taken. All are exportable to PDF or HTML and configured for email.
Tested by Tom Weil