Kaspersky Endpoint Security for Windows
For laptops, desktops, tablets and servers
Windows’ dominance in the corporate world makes it an ongoing target for cybercriminals.
Relying on built-in security features is not enough to protect your business from next-generation cyberthreats. But adding-on multiple, disjointed technologies leads to management complexity – and reduces effectiveness.
Kaspersky Endpoint Security for Windows is the world’s most tested, most awarded security application powered by next-generation technologies to protect all Windows endpoints – and the data on them.
The application combines next-generation multi-layered threat protection, additional proactive layers such as Application, Web and Device controls, vulnerability and patch management, data encryption and extensive systems management toolset into an EDR-ready endpoint agent. This flagship product in the Kaspersky Lab business portfolio is rich in features and benefits:
- Protects your most valuable business assets – your data, reputation and business process continuity.
- Ensures efficiency – easy to implement and manage from a single console with unified policies.
- Provides the best possible protection for customers as proven by independent testing.
- Future-driven product research and development strategy – all technologies are developed in-house for true integration and innovation.
- Fits into existing infrastructures.
Find out what customers are saying about our technologies and True Cybersecurity for Business here.
ML-driven threat protection that’s effective even without regular updates
Our comprehensive, independently tested solutions are powered by multi-layered, next-generation protection that minimises the opportunities for threats to reach endpoints while reliably identifying and blocking the ones that do.
Several signature-less components, such as HIPS, KSN, Behaviour Detection, Exploit Prevention and others, provide the ability for a product to detect threats even without frequent updates. Protection is powered by static machine learning (ML) for pre- and dynamic machine learning (ML) for post-execution stages. Behaviour Detection analyses the actual process activity in real time and reveals its malicious nature. All that is needed then is to flag the alarm, terminate the process and Remediation Engine performs rollback of the changes.
Spot attacks and intrusions more rapidly
Kaspersky Endpoint Security for Windows instances can integrate with Endpoint Detection and Response (EDR) serving as its sensors on workstations and servers. This enables the capture and analysis of large volumes of data onshore without impacting on user productivity. It delivers advanced threats hunting for evidence of intrusion – such as file specimens matching the indicators of compromise (IoC).
Prevention exposure via network
The Network Threat Protection within Kaspersky Endpoint Security for Windows identifies network attacks on your corporate network and blocks them. For example, malware using a buffer-overrun attack can modify a process already downloaded in the memory and in this way execute the malicious code. The Network Threat Protection is the only component that can prevent infections from spreading in this way.
Lower your cost of ownership
Our mathematical model analyses over 100,000 sample features and uses 10-million behaviour logs to ‘teach’ the models – in one light, 2Mb client-side package. Our knowledge system database volume includes 50TB of data and +4 billion hashes, but these huge volumes of intelligence data don’t impact your resources or performance.
Each piece of next-generation technology is designed to deliver the quickest reaction times, lowest false positive rate and highest levels of protection, as verified by independent testing. This high performance is optimised to use fewer resources and less energy to improve TCO.
With the introduction of our Cloud Mode for protection components, this latest version of Kaspersky Endpoint Security for Windows:
• Has reduced the installation size by half, for rapid deployment
• Reduces disk and RAM consumption
• Reduces network load.
Address the dangers of browsing – in real time
In 2017 alone, over 199 million of unique URLs were recognised as malicious by Kaspersky Lab technologies. Even a favourite, trusted web site or corporate node can be compromised, making everyday operations insecure.
Kaspersky Endpoint Security for Windows is powered by Kaspersky Security Network (KSN), our cloud-assisted, global threat intelligence network. Millions of globally distributed nodes feed real-world threat intelligence to our systems, ensuring near real-time, rapid response to even the newest, emerging or evolving threat – including mass attacks.
KSN adds a further layer of security to the endpoint, enabling rapid, accurate decisions about URL or file safety to be made without having to completely analyse their content – with response times as low as 0.02 seconds, this is significantly faster than traditional protection methods.
Kaspersky Endpoint Security for Windows provides protection for various browsers without severe restrictions around version or operating system choice. End user experience is seamless and uninterrupted.
Block ransomware, fileless attacks and administrative account takeovers
Cybercriminals use tools and scripts to collect administrator passwords, enabling the remote administration of infected hosts. They can also use legitimate utilities to launch fileless attacks – making it impossible for traditional protection engines to block them. This is compounded by the almost constant evolution of threats, as well as the proliferation of ransomware – 2017 will forever be remembered for the huge number of encryption ransomware attacks. Kaspersky Lab uses behaviour analysis to detect these evolving threats – identifying them by their actual behaviour rather than their emulated activity at the intrusion prevention stage.
By detecting and analysing suspicious activity on workstations, shared folders and file servers, Kaspersky Lab’s Behaviour Detection can protect against new, advanced threats like ransomware. In the event of a successful attack detection, automatic rollback will reverse any actions taken and the malware is blocked.
Shield common software against zero-day attacks
Kaspersky Lab’s Exploit Prevention prevents malware from executing and exploiting software or operating system vulnerabilities. The most targeted applications - including Adobe® Reader, Microsoft® Internet Explorer®, Microsoft® Office®, and Java – are monitored, delivering an extra layer of protection against unknown, zero-day threats.
See next-generation technology in action
Our combination of human expertise with big data threat intelligence and machine learning informs our industry-leading intelligence that not only prevents cybersecurity incidents, but predicts, detects and responds to them – and can you can see the results in action, viewing each layer of protection, the threats detected and blocked, logged and secure.
One management console for mixed IT environments
Light-touch control and management for all endpoints from a ‘single pane of glass’ console – spend less time and resources managing IT assets and security. Define and replicate specific settings and parameters from a universal policy.
Deploy across diverse and air-gapped networks
Unique wizards for easy deployment across the network, with or without Active Directory domain. Deploy and retain endpoint protection even if networks are physically disconnected from the Internet.
Assign different endpoint groups or management tasks to different administrators via the Role-Based Model and customise the management console so that each administrator can only access the tools and data relevant to their responsibilities.
Protection against attempted tampering
Kaspersky Endpoint Security for Windows safeguards the integrity of its own protection and system safety, including attempts to disable it. For example, a hacker’s efforts to make changes to the protection components would be intercepted and blocked.
Encryption and data protection for every business
Secure confidential data on PCs, tablets, servers and removable devices with Kaspersky Endpoint Security for Windows’ user-transparent FIPS 140-2 certified encryption.
Prevent data breaches
Whether it’s a stolen laptop or lost storage device, encryption make sensitive data useless to criminals or unauthorised viewers. Kaspersky Endpoint Security for Windows uses the Advanced Encryption Standard (AES) 256 bit algorithm and supports Intel® AES-NI for fast encryption.
Protect data at rest
Full Disk Encryption (FDE) runs on the physical hard drive, making it easy to run an ‘encrypt everything at once’ strategy without relying on end users to decide which items should be encrypted. Full Disk Encryption enables pre-boot authentication and guarantees a secure, tamper-proof environment external to the operating system – as a trusted authentication layer.
Secure data sharing and backup
Kaspersky’s File Level Encryption enables the encryption of data in specific files and folders on any given drive. This allows system administrators to encrypt files automatically, based on attributes such as location and file type – and this encryption can be enforced for information created in any application. Users can also easily create encrypted, self-extracting packages – ensuring that data is protected when stored in backup or shared via removable devices, email, network or the web.
Central management and choice centrally
It’s good practice to apply encryption settings under the same policy as anti-malware, device control and other endpoint security settings. This enables the best practice approach of integrated, coherent policies – for example, IT can allow approved USB devices to connect to a laptop, and can also enforce encryption policies to the device. All through the same single console used to manage Kaspersky Lab endpoint security.
In the event of password loss or damage to the drive, data can still be recovered and decrypted using a special centrally managed emergency recovery procedure. Built-in Microsoft® BitLocker® management enables OS-embedded encryption, letting you decide which technology to use and control via the single console.
Cloud-enabled controls for policy refinement and breach prevention
Host Intrusion Prevention, centralised web, device and application controls reduce your attack surface and help keep users safe and productive. Kaspersky Lab has its own dedicated Dynamic Whitelisting laboratory, maintaining a constantly monitored and updated database of more than 2.5-billion trusted programs. This database automatically synchronises with endpoints to simplify routine work for administrators.
For ease of management, powerful endpoint controls are managed from the same console, tightly integrated with Active Directory and next-generation anti-malware protection. This makes setting blanket policies quick and easy.
Reduce exposure to attacks
Powered by Dynamic Whitelisting, Application Control significantly reduces your exposure to zero-day attacks by providing total control over what software, including specific versions, is allowed to run. This includes shadow IT scenarios where, for example, employees install non-corporate software or games on a device, putting the corporate network at risk while at the same time being unproductive. Blacklisted applications are blocked, while your approved and trusted applications from the Dynamic Whitelisting database continue to run smoothly.
Regulate access to sensitive data and recording devices
Some applications’ activities may be considered high risk – even though the applications themselves are not classed as malicious – and these activities should be controlled.
Our solution restricts application privileges according to assigned trust levels, limiting access to resources like sensitive data. Working in step with local and cloud (KSN) reputations database, Host Intrusion Prevention controls applications and restricts access to critical system resources, audio and video recording devices.
Kaspersky Lab’s huge store of default HIPS settings and restrictions for different applications helps relieve administrator burden while giving them complete control over specific, individual settings.
Stop threats associated with public Wi-Fi or USB devices
To prevent users from connecting to potentially insecure public Wi-Fi networks, you can generate a list of trusted networks based on name, encryption/authentication type – or prevent the creation of a network bridge by blocking a second active network connection.
Disabling a USB port doesn’t necessarily fix your removable device issue, because it can impact on other users’ productivity – for example, being unable to connect a 4G modem. Kaspersky Lab’s Device Control solves this by enabling a more granular level of control at network connection and device type level. Integration with Kaspersky Lab’s encryption technologies allows you to apply encryption policies to specific drive types, as well as:
• Create rules for allowed devices
• Set read/write permissions for devices
• Log delete/copy operations
• Align device controls with Active Directory users
Control inappropriate resource use
Prevent time-wasting and potential data leakage via social networks and instant messaging services with web controls. Administrators can monitor, filter and control what websites employees access, directly at the endpoint. Once settings are synchronised with the endpoint, policies are enforced even when the user is not on the corporate network.
Flexible policies enable acceptable social browsing at certain times of the day while integration with Active Directory means policies can be applied across the business quickly and easily.
How to buy
Kaspersky Endpoint Security for Windows is included in:
For the most complete, up-to-date requirements, please refer to Kaspersky Knowledge Base.
- 2 GB of free disk space on the hard drive
- Intel Pentium 1 GHz processor (that supports the SSE2 instruction set or compatible equivalent)
- RAM: 1 GB for a 32-bit OS (2 GB for a 64-bit OS)
- Microsoft Windows 10 Pro / Enterprise x86 / x64*
- Microsoft Windows 8.1 Pro / Enterprise x86 / x64
- Microsoft Windows 8 Pro / Enterprise x86 / x64
- Microsoft Windows 7 Professional / Enterprise / Ultimate x86 / x64 SP1 or later
- Microsoft Windows Server 2016 x64**
- Microsoft Windows Server 2012 Standard / Foundation / Essentials x64 Edition or higher
- Microsoft Windows MultiPoint Server 2012 x64 Edition
- Microsoft Windows Small Business Server 2011 Essentials / Standard x64 Edition
- Microsoft Windows Server 2008 R2 Standard / Enterprise x86/x64 Edition SP1 or higher
* For details about support for the Microsoft Windows 10 operating system, please refer to article 13036 in the Technical Support Knowledge Base.
**For details about support for the Microsoft Windows Server 2016 operating system, please refer to article 13036 in the Technical Support Knowledge Base.
- VMWare Workstation 12
- VMWare ESXi 6.5
- Microsoft Hyper-V 2016
- Citrix XenServer 7.2
- Citrix XenDesktop 7.14
- Citrix Provisioning Services 7.14
Version requirements for subscription
This application is available as part of Kaspersky Endpoint Security for Business and can be purchased on subscription with flexible monthly licensing. Please check with your local partner about subscription availability in your country and Application System Requirements here.
Kaspersky Lab's unique combination of big data threat intelligence, machine learning and human expertise enables agile, responsive protection against any kind of threat — with minimal management overheads.
Every 40 seconds, a business is attacked by ransomware. Find out more about why Ransomware was Kaspersky Lab's 'Story of the Year' for 2016.