Kaspersky Malaysia

Kaspersky Endpoint Security.


Integrated protection against known, unknown and advanced threats.

Kaspersky
Endpoint Security for Business
SELECT

  • Advanced security for workstations & file servers
  • Multi-layer mobile security and management
  • Application Control, Device Control & Web Control
  • Centralized management console for all functions

COVERAGE AREA

Protecting Windows, Linux & Mac desktops & laptops*

Delivering multi-layered security

Our latest anti-malware engine combines signature-based security, heuristic & behavioral analysis and cloud-assisted technologies – to protect your business against known, unknown and advanced threats. It can defend any combination of Mac, Linux and Windows desktops and laptops.

Updating security more efficiently

Because cybercriminals are continually launching new and more complex malware, we deliver database updates on a much more frequent basis than many other security vendors. In addition, we use multiple advanced security technologies to ensure we deliver greatly improved detection rates – while also cutting the size of updates… so more of your communications bandwidth is available for other tasks.

Protecting against unknown and advanced threats

When a new malware item is unleashed on the world, there’s a period of high risk. To deliver zero-hour protection against these threats, Kaspersky Lab technologies and threat intelligence continually evolve to ensure your business is protected from even the most sophisticated, new threats.

Detecting suspicious behavior

Whenever an application launches on your corporate network, our System Watcher module monitors the application’s behavior. If suspicious behavior is detected, System Watcher automatically blocks the application. In addition – because System Watcher keeps a dynamic log of the operating system, registry and more – it automatically rolls back malicious actions that the malware implemented before it was blocked.

Protecting against exploits

Our innovative Automatic Exploit Prevention (AEP) technology helps to ensure malware can’t exploit vulnerabilities within the operating systems or applications that are running on your network. AEP specifically monitors the most frequently targeted applications – including Adobe Reader, Internet Explorer, Microsoft Office, Java and many more – to deliver an extra layer of security monitoring and protection against unknown threats.

Controlling applications and connectivity

For some applications – even though the applications may not be classed as malicious – their activities may be regarded as high-risk. In many cases, it’s advisable that these activities are restricted. Our Host-Based Intrusion Prevention System (HIPS) restricts activities within the endpoint, according to the ‘trust level’ that has been assigned to the application. HIPS works together with our application-level Personal Firewall – which restricts network activity.

Blocking network attacks

Network Attack Blocker technology detects and monitors suspicious activities on your corporate network – and lets you preconfigure how your systems will respond if suspicious behavior is identified.

Using the power of the cloud – for even better security

With millions of users letting the cloud-based Kaspersky Security Network (KSN) receive data about suspicious behavior on their computers, your business can benefit from improved protection against the latest malware. This real-time flow of data ensures customers can benefit from a rapid response to new attacks – and it helps to minimize the incidence of ‘false positives’.

*Not all features are available on all platforms.

Protecting your file servers

Securing heterogeneous environments

Our award-winning security protects file servers running Windows, Linux or FreeBSD. Optimized scanning processes help to ensure there’s minimal impact on the performance of your servers. In addition to protecting cluster servers, we also defend Microsoft and Citrix terminal servers.

Ensuring reliable protection

If one of your file servers develops a fault, our security technologies will automatically re-launch when the file server restarts.

Boosting manageability

Every minute you have to spend on administration and generating reports, is time you could be devoting to strategically important activities. That’s why we provide a centralized console that lets you manage security on all your endpoints – file servers, workstations and mobile devices – and makes it easy to generate detailed reports.

Protecting mobile devices**

Robust mobile security

By combining the industry’s most advanced technologies, we defend against the latest mobile threats. Anti-phishing protects against websites that try to steal information or identity details – and anti-spam helps to filter out unwanted calls & texts. Flexible control tools let you block the launch of unauthorized applications and block access to dangerous websites. Rooting and jailbreaking incidents are automatically detected – and the devices are blocked.

Separating corporate and personal data

Our ‘app wrapping’ technology lets you set up special containers on each device. Corporate applications are stored in the containers – totally separated from the user’s personal data. You can enforce encryption for all containerized data and prevent data from being copied and pasted outside the container – plus you can request additional user authorization before containerized applications are allowed to launch. If an employee leaves your business, the remotely operated Selective Wipe feature lets you delete the corporate container – without deleting the device owner’s personal data and settings.

Supporting common MDM platforms

With improved mobile device management (MDM) capabilities, it’s easy to apply group or individual MDM policies to Microsoft Exchange ActiveSync and iOS MDM devices – through a single interface. Support for Samsung KNOX lets you manage various settings for Samsung devices.

Locking, wiping and locating missing devices

Remotely operated security features help to protect corporate data on missing devices. Administrators and users can lock the device, delete corporate data and find the device’s location. If a thief changes the SIM card, our SIM Watch feature sends you the new phone number – so you can still run the anti-theft features. Support for Google Cloud Messaging (GCM) helps ensure Android phones receive anti-theft commands rapidly.

Self-Service Portal

Our special Self-Service Portal makes it easy to enable personal mobile devices onto the corporate network. In addition, the portal gives users remote access to key anti-theft features – so users can rapidly respond to the loss of a device and reduce the risk of data loss, without adding to the load on administrators.

Easing the burden on IT administrators

A single centralized console lets you manage mobile devices – and their security – and makes it easy to apply consistent policies across different mobile platforms. In addition, our Web Console lets you manage mobile devices and their security – plus the security of other endpoints – from anywhere you can get online.

**Some features are not available for some of the supported mobile platforms.

Controlling applications, devices and Internet access

Dynamic Whitelisting – to complement security

Our Application Control is the industry’s most comprehensive implementation. We’re the only security vendor that has invested in establishing its own Whitelisting Lab that checks applications for security risks. Our database of whitelisted applications includes over 1.3 billion unique files – and it’s growing by a further 1 million files per day. Application Control and Dynamic Whitelisting makes it easier for you to run a Default Deny policy that blocks all applications, unless they’re on your whitelist. If you’re looking to introduce or update a Default Deny policy, our new test mode lets you set up the policy in a test environment – so you can check your policy is correctly configured, before you ‘go live’.

Preventing the connection of unauthorized devices

Device Control tools make it easy to manage which devices are allowed to access your corporate IT network. You can set up controls that are based on the time of day, geographic location or the type of device. You can also align the controls with Active Directory – for granular administration and policy assignment. Administrators can also use masks in the creation of Device Control rules – so multiple devices can easily be whitelisted for use.

Monitoring and controlling Internet access

Our Web Control tools let you set up Internet access policies and monitor Internet usage. It’s easy to prohibit, limit, allow or audit your users’ activities on individual websites or categories of sites, such as games websites, social networks or gambling sites. Geographic and time-of-day controls may be aligned with Active Directory – to help in administration and setting policies.

Centralizing management tasks

Letting you control all functions from one console

Kaspersky Endpoint Security for Business | Select includes Kaspersky Security Center – a single unified management console that gives you visibility and control of all of the Kaspersky Lab endpoint security technologies that you’re running. Kaspersky Security Center lets you manage security for your mobile devices, laptops, desktops, file servers, virtual machines and more – with the convenience of a ‘single pane of glass’ console.

Delivering a higher level of integration

Because tightly-integrated code results in products that deliver improved security, performance and manageability, all of our endpoint technologies have been developed by our own in-house team. All of our endpoint protection functionality is contained in the same codebase – so there are no incompatibility issues for you to deal with. Instead, you benefit from seamlessly integrated security technologies that do more to protect your IT environment – while centralized management saves you time.

Kaspersky
Endpoint Security for Business
ADVANCE

  • Extended systems management functionality
  • Vulnerability assessment & patch management
  • Multi-layered security – including encryption
  • Web Control, Application Control, Device Control
  • Mobile security and management
  • Centralized management of security & systems

COVERAGE AREA

Protecting Windows, Linux & Mac desktops & laptops*

Delivering multi-layered security

Our latest anti-malware engine combines signature-based security, heuristic & behavioral analysis and cloud-assisted technologies – to protect your business against known, unknown and advanced threats. It can defend any combination of Mac, Linux and Windows desktops and laptops.

Updating security more efficiently

Because cybercriminals are continually launching new and more complex malware, we deliver database updates on a much more frequent basis than many other security vendors. In addition, we use multiple advanced security technologies to ensure we deliver greatly improved detection rates – while also cutting the size of updates… so more of your communications bandwidth is available for other tasks.

Protecting against unknown and advanced threats

When a new malware item is unleashed on the world, there’s a period of high risk. To deliver zero-hour protection against these threats, Kaspersky Lab technologies and threat intelligence continually evolve to ensure your business is protected from even the most sophisticated, new threats.

Detecting suspicious behavior

Whenever an application launches on your corporate network, our System Watcher module monitors the application’s behavior. If suspicious behavior is detected, System Watcher automatically blocks the application. In addition – because System Watcher keeps a dynamic log of the operating system, registry and more – it automatically rolls back malicious actions that the malware implemented before it was blocked.

Protecting against exploits

Our innovative Automatic Exploit Prevention (AEP) technology helps to ensure malware can’t exploit vulnerabilities within the operating systems or applications that are running on your network. AEP specifically monitors the most frequently targeted applications – including Adobe Reader, Internet Explorer, Microsoft Office, Java and many more – to deliver an extra layer of security monitoring and protection against unknown threats.

Controlling applications and connectivity

For some applications – even though the applications may not be classed as malicious – their activities may be regarded as high-risk. In many cases, it’s advisable that these activities are restricted. Our Host-Based Intrusion Prevention System (HIPS) restricts activities within the endpoint, according to the ‘trust level’ that has been assigned to the application. HIPS works together with our application-level Personal Firewall – which restricts network activity.

Blocking network attacks

Network Attack Blocker technology detects and monitors suspicious activities on your corporate network – and lets you preconfigure how your systems will respond if suspicious behavior is identified.

Using the power of the cloud – for even better security

With millions of users letting the cloud-based Kaspersky Security Network (KSN) receive data about suspicious behavior on their computers, your business can benefit from improved protection against the latest malware. This real-time flow of data ensures customers can benefit from a rapid response to new attacks – and it helps to minimize the incidence of ‘false positives’.

*Not all features are available on all platforms.

Protecting your file servers

Securing heterogeneous environments

Our award-winning security protects file servers running Windows, Linux or FreeBSD. Optimized scanning processes help to ensure there’s minimal impact on the performance of your servers. In addition to protecting cluster servers, we also defend Microsoft and Citrix terminal servers.

Ensuring reliable protection

If one of your file servers develops a fault, our security technologies will automatically re-launch when the file server restarts.

Boosting manageability

Every minute you have to spend on administration and generating reports, is time you could be devoting to strategically important activities. That’s why we provide a centralized console that lets you manage security on all your endpoints – file servers, workstations and mobile devices – and makes it easy to generate detailed reports.

Enhancing security & extending system management

Eliminating known vulnerabilities

Our technologies scan your entire network – to identify vulnerabilities that result from unpatched applications or operating systems. Detected vulnerabilities can be automatically prioritized – and then patches and updates can be automatically distributed. Because we distribute new patches more rapidly than many other patching solutions, we help you to eliminate vulnerabilities within a shorter period.

Managing your hardware & software assets

All devices and software on your network are automatically discovered and recorded in a hardware inventory and a software inventory. The hardware inventory includes detailed information about each device and the software inventory helps you to control software usage and block unauthorized applications. Even guest devices that appear on your network can be automatically discovered – and provided with access privileges, without compromising the security of your corporate systems and data.

Optimizing the distribution of applications

You can deploy software at your command or schedule it for after office hours. For some installers, you can specify additional parameters in order to customize the software package that is installed. The use of secure, remote connections to any desktop or client computer helps you to resolve issues rapidly – and an authorization mechanism prevents unauthorized remote access. For traceability, all activities during a remote access session are logged.

Automating & optimizing OS deployment

Our technologies automate and centralize the creation, storage and cloning of secured system images. Images are held in a special inventory – ready to be accessed during deployment. Client workstation image deployment can be made with either PXE servers (Preboot eXecution Environment) – that have been previously used on the network – or using our own features. The use of Wake-on-LAN signals lets you automatically distribute the images after office hours. UEFI support is also included.

Reducing traffic – remote distribution

If you need to distribute software or patches to a remote office, one local workstation can act as the update agent for the entire remote office – to help reduce traffic levels on your network.

Integration with SIEM systems

Because security information and event management (SIEM) systems can play a vital role in helping enterprise-level businesses to gain real-time monitoring, we’ve included integration with two of the most popular SIEM products – HP ArcSight and IBM QRadar.

Encrypting confidential information

Strong encryption

By using an AES encryption algorithm that has 256 bits of key length and is NIST approved (#2980), we deliver strong encryption for your confidential information. If files or systems are lost or stolen, unauthorized users will not be able to access your encrypted data. Our encryption has also been designed to be FIPS 140-2 compliant (validation pending).

Integrated – for improved manageability

Although many vendors’ encryption products are not delivered as part of an integrated IT security solution, our encryption technologies are one component within a unified codebase that has all been developed by our in-house team. This makes it easier for you to apply encryption settings as part of the same policies that cover your anti-malware defenses, endpoint controls and other endpoint security technologies.

Full Disk Encryption and File-Level Encryption

For encryption that's 'close to the hardware' – and to make it easy for you to run an 'encrypt everything at once' strategy – Full Disk Encryption (FDE) operates on the physical sectors of the disk. File-Level Encryption (FLE) helps you to enable secure sharing of data across your network. For additional security – when a file is encrypted – the original, unencrypted file can be wiped from the hard drive.

Encryption of removable media

To protect data that also needs to be transferred on removable devices, Removable Media Encryption can perform Full Disk Encryption and File-Level Encryption.

‘Portable mode’ encryption

If you need to transfer sensitive data via email, the Internet or a removable device, you can easily set up password-protected, encrypted, self-extracting packages of files and folders. A special 'portable mode', for File-Level Encryption on removable media, helps enable the secure transfer of data – even onto computers that are not running Kaspersky Endpoint Security for Windows.

Simplified sign-on and smartcard / token support

When a user switches on their PC and enters their username and password, our Single Sign-On feature will give the user immediate access to the encrypted data on their PC's hard drive. This helps to ensure the encryption & decryption processes are virtually transparent to the user – and that helps to boost efficiency and productivity. Two-factor authentication – via smartcards and tokens – is also supported.

Support for Intel AES-NI and more

By supporting Intel AES-NI, we enable more rapid encryption and decryption of data – for many Intel processor-based and AMD processor-based systems**. Our Full Disk Encryption technology also supports UEFI-based platforms. There’s also support for non-QWERTY keyboards.

**Not all processors are supported.

Protecting mobile devices***

Robust mobile security

By combining the industry’s most advanced technologies, we defend against the latest mobile threats. Anti-phishing protects against websites that try to steal information or identity details – and anti-spam helps to filter out unwanted calls & texts. Flexible control tools let you block the launch of unauthorized applications and block access to dangerous websites. Rooting and jailbreaking incidents are automatically detected – and the devices are blocked.

Separating corporate and personal data

Our ‘app wrapping’ technology lets you set up special containers on each device. Corporate applications are stored in the containers – totally separated from the user’s personal data. You can enforce encryption for all containerized data and prevent data from being copied and pasted outside the container – plus you can request additional user authorization before containerized applications are allowed to launch. If an employee leaves your business, the remotely operated Selective Wipe feature lets you delete the corporate container – without deleting the device owner’s personal data and settings.

Supporting common MDM platforms

With improved mobile device management (MDM) capabilities, it’s easy to apply group or individual MDM policies to Microsoft Exchange ActiveSync and iOS MDM devices – through a single interface. Support for Samsung KNOX lets you manage various settings for Samsung devices.

Locking, wiping and locating missing devices

Remotely operated security features help to protect corporate data on missing devices. Administrators and users can lock the device, delete corporate data and find the device’s location. If a thief changes the SIM card, our SIM Watch feature sends you the new phone number – so you can still run the anti-theft features. Support for Google Cloud Messaging (GCM) helps ensure Android phones receive anti-theft commands rapidly.

Self-Service Portal

Our special Self-Service Portal makes it easy to enable personal mobile devices onto the corporate network. In addition, the portal gives users remote access to key anti-theft features – so users can rapidly respond to the loss of a device and reduce the risk of data loss, without adding to the load on administrators.

Easing the burden on IT administrators

A single centralized console lets you manage mobile devices – and their security – and makes it easy to apply consistent policies across different mobile platforms. In addition, our Web Console lets you manage mobile devices and their security – plus the security of other endpoints – from anywhere you can get online.

***Some features are not available for some of the supported mobile platforms.

Controlling applications, devices and Internet access

Dynamic Whitelisting – to complement security

Our Application Control is the industry’s most comprehensive implementation. We’re the only security vendor that has invested in establishing its own Whitelisting Lab that checks applications for security risks. Our database of whitelisted applications includes over 1.3 billion unique files – and it’s growing by a further 1 million files per day. Application Control and Dynamic Whitelisting makes it easier for you to run a Default Deny policy that blocks all applications, unless they’re on your whitelist. If you’re looking to introduce or update a Default Deny policy, our new test mode lets you set up the policy in a test environment – so you can check your policy is correctly configured, before you ‘go live’.

Preventing the connection of unauthorized devices

Device Control tools make it easy to manage which devices are allowed to access your corporate IT network. You can set up controls that are based on the time of day, geographic location or the type of device. You can also align the controls with Active Directory – for granular administration and policy assignment. Administrators can also use masks in the creation of Device Control rules – so multiple devices can easily be whitelisted for use.

Monitoring and controlling Internet access

Our Web Control tools let you set up Internet access policies and monitor Internet usage. It’s easy to prohibit, limit, allow or audit your users’ activities on individual websites or categories of sites, such as games websites, social networks or gambling sites. Geographic and time-of-day controls may be aligned with Active Directory – to help in administration and setting policies.

Centralizing management tasks

Letting you control all functions from one console

Kaspersky Endpoint Security for Business | Select includes Kaspersky Security Center – a single unified management console that gives you visibility and control of all of the Kaspersky Lab endpoint security technologies that you’re running. Kaspersky Security Center lets you manage security for your mobile devices, laptops, desktops, file servers, virtual machines and more – with the convenience of a ‘single pane of glass’ console.

Delivering a higher level of integration

Because tightly-integrated code results in products that deliver improved security, performance and manageability, all of our endpoint technologies have been developed by our own in-house team. All of our endpoint protection functionality is contained in the same codebase – so there are no incompatibility issues for you to deal with. Instead, you benefit from seamlessly integrated security technologies that do more to protect your IT environment – while centralized management saves you time.

Kaspersky
TOTAL
Security for Business

  • Protects against known, unknown & advanced threats
  • Secures laptops, desktops, servers & mobile devices
  • Identifies vulnerabilities & distributes patches
  • Delivers extended systems management capabilities
  • Secures your Web gateway, email & collaboration

COVERAGE AREA

Protecting Windows, Linux & Mac desktops & laptops*

Delivering multi-layered security

Our latest anti-malware engine combines signature-based security, heuristic & behavioral analysis and cloud-assisted technologies – to protect your business against known, unknown and advanced threats. It can defend any combination of Mac, Linux and Windows desktops and laptops.

Updating security more efficiently

Because cybercriminals are continually launching new and more complex malware, we deliver database updates on a much more frequent basis than many other security vendors. In addition, we use multiple advanced security technologies to ensure we deliver greatly improved detection rates – while also cutting the size of updates… so more of your communications bandwidth is available for other tasks.

Protecting against unknown and advanced threats

When a new malware item is unleashed on the world, there’s a period of high risk. To deliver zero-hour protection against these threats, Kaspersky Lab technologies and threat intelligence continually evolve to ensure your business is protected from even the most sophisticated, new threats.

Detecting suspicious behavior

Whenever an application launches on your corporate network, our System Watcher module monitors the application’s behavior. If suspicious behavior is detected, System Watcher automatically blocks the application. In addition – because System Watcher keeps a dynamic log of the operating system, registry and more – it automatically rolls back malicious actions that the malware implemented before it was blocked.

Protecting against exploits

Our innovative Automatic Exploit Prevention (AEP) technology helps to ensure malware can’t exploit vulnerabilities within the operating systems or applications that are running on your network. AEP specifically monitors the most frequently targeted applications – including Adobe Reader, Internet Explorer, Microsoft Office, Java and many more – to deliver an extra layer of security monitoring and protection against unknown threats.

Controlling applications and connectivity

For some applications – even though the applications may not be classed as malicious – their activities may be regarded as high-risk. In many cases, it’s advisable that these activities are restricted. Our Host-Based Intrusion Prevention System (HIPS) restricts activities within the endpoint, according to the ‘trust level’ that has been assigned to the application. HIPS works together with our application-level Personal Firewall – which restricts network activity.

Blocking network attacks

Network Attack Blocker technology detects and monitors suspicious activities on your corporate network – and lets you preconfigure how your systems will respond if suspicious behavior is identified.

Using the power of the cloud – for even better security

With millions of users letting the cloud-based Kaspersky Security Network (KSN) receive data about suspicious behavior on their computers, your business can benefit from improved protection against the latest malware. This real-time flow of data ensures customers can benefit from a rapid response to new attacks – and it helps to minimize the incidence of ‘false positives’.

*Not all features are available on all platforms.

Protecting your file servers

Securing heterogeneous environments

Our award-winning security protects file servers running Windows, Linux or FreeBSD. Optimized scanning processes help to ensure there’s minimal impact on the performance of your servers. In addition to protecting cluster servers, we also defend Microsoft and Citrix terminal servers.

Ensuring reliable protection

If one of your file servers develops a fault, our security technologies will automatically re-launch when the file server restarts.

Boosting manageability

Every minute you have to spend on administration and generating reports, is time you could be devoting to strategically important activities. That’s why we provide a centralized console that lets you manage security on all your endpoints – file servers, workstations and mobile devices – and makes it easy to generate detailed reports.

Enhancing security & extending system management

Eliminating known vulnerabilities

Our technologies scan your entire network – to identify vulnerabilities that result from unpatched applications or operating systems. Detected vulnerabilities can be automatically prioritized – and then patches and updates can be automatically distributed. Because we distribute new patches more rapidly than many other patching solutions, we help you to eliminate vulnerabilities within a shorter period.

Managing your hardware & software assets

All devices and software on your network are automatically discovered and recorded in a hardware inventory and a software inventory. The hardware inventory includes detailed information about each device and the software inventory helps you to control software usage and block unauthorized applications. Even guest devices that appear on your network can be automatically discovered – and provided with access privileges, without compromising the security of your corporate systems and data.

Optimizing the distribution of applications

You can deploy software at your command or schedule it for after office hours. For some installers, you can specify additional parameters in order to customize the software package that is installed. The use of secure, remote connections to any desktop or client computer helps you to resolve issues rapidly – and an authorization mechanism prevents unauthorized remote access. For traceability, all activities during a remote access session are logged.

Automating & optimizing OS deployment

Our technologies automate and centralize the creation, storage and cloning of secured system images. Images are held in a special inventory – ready to be accessed during deployment. Client workstation image deployment can be made with either PXE servers (Preboot eXecution Environment) – that have been previously used on the network – or using our own features. The use of Wake-on-LAN signals lets you automatically distribute the images after office hours. UEFI support is also included.

Reducing traffic – remote distribution

If you need to distribute software or patches to a remote office, one local workstation can act as the update agent for the entire remote office – to help reduce traffic levels on your network.

Integration with SIEM systems

Because security information and event management (SIEM) systems can play a vital role in helping enterprise-level businesses to gain real-time monitoring, we’ve included integration with two of the most popular SIEM products – HP ArcSight and IBM QRadar.

Encrypting confidential information

Strong encryption

By using an AES encryption algorithm that has 256 bits of key length and is NIST approved (#2980), we deliver strong encryption for your confidential information. If files or systems are lost or stolen, unauthorized users will not be able to access your encrypted data. Our encryption has also been designed to be FIPS 140-2 compliant (validation pending).

Integrated – for improved manageability

Although many vendors’ encryption products are not delivered as part of an integrated IT security solution, our encryption technologies are one component within a unified codebase that has all been developed by our in-house team. This makes it easier for you to apply encryption settings as part of the same policies that cover your anti-malware defenses, endpoint controls and other endpoint security technologies.

Full Disk Encryption and File-Level Encryption

For encryption that's 'close to the hardware' – and to make it easy for you to run an 'encrypt everything at once' strategy – Full Disk Encryption (FDE) operates on the physical sectors of the disk. File-Level Encryption (FLE) helps you to enable secure sharing of data across your network. For additional security – when a file is encrypted – the original, unencrypted file can be wiped from the hard drive.

Encryption of removable media

To protect data that also needs to be transferred on removable devices, Removable Media Encryption can perform Full Disk Encryption and File-Level Encryption.

‘Portable mode’ encryption

If you need to transfer sensitive data via email, the Internet or a removable device, you can easily set up password-protected, encrypted, self-extracting packages of files and folders. A special 'portable mode', for File-Level Encryption on removable media, helps enable the secure transfer of data – even onto computers that are not running Kaspersky Endpoint Security for Windows.

Simplified sign-on and smartcard / token support

When a user switches on their PC and enters their username and password, our Single Sign-On feature will give the user immediate access to the encrypted data on their PC's hard drive. This helps to ensure the encryption & decryption processes are virtually transparent to the user – and that helps to boost efficiency and productivity. Two-factor authentication – via smartcards and tokens – is also supported.

Support for Intel AES-NI and more

By supporting Intel AES-NI, we enable more rapid encryption and decryption of data – for many Intel processor-based and AMD processor-based systems**. Our Full Disk Encryption technology also supports UEFI-based platforms. There’s also support for non-QWERTY keyboards.

**Not all processors are supported.

Protecting mobile devices**

Robust mobile security

By combining the industry’s most advanced technologies, we defend against the latest mobile threats. Anti-phishing protects against websites that try to steal information or identity details – and anti-spam helps to filter out unwanted calls & texts. Flexible control tools let you block the launch of unauthorized applications and block access to dangerous websites. Rooting and jailbreaking incidents are automatically detected – and the devices are blocked.

Separating corporate and personal data

Our ‘app wrapping’ technology lets you set up special containers on each device. Corporate applications are stored in the containers – totally separated from the user’s personal data. You can enforce encryption for all containerized data and prevent data from being copied and pasted outside the container – plus you can request additional user authorization before containerized applications are allowed to launch. If an employee leaves your business, the remotely operated Selective Wipe feature lets you delete the corporate container – without deleting the device owner’s personal data and settings.

Supporting common MDM platforms

With improved mobile device management (MDM) capabilities, it’s easy to apply group or individual MDM policies to Microsoft Exchange ActiveSync and iOS MDM devices – through a single interface. Support for Samsung KNOX lets you manage various settings for Samsung devices.

Locking, wiping and locating missing devices

Remotely operated security features help to protect corporate data on missing devices. Administrators and users can lock the device, delete corporate data and find the device’s location. If a thief changes the SIM card, our SIM Watch feature sends you the new phone number – so you can still run the anti-theft features. Support for Google Cloud Messaging (GCM) helps ensure Android phones receive anti-theft commands rapidly.

Self-Service Portal

Our special Self-Service Portal makes it easy to enable personal mobile devices onto the corporate network. In addition, the portal gives users remote access to key anti-theft features – so users can rapidly respond to the loss of a device and reduce the risk of data loss, without adding to the load on administrators.

Easing the burden on IT administrators

A single centralized console lets you manage mobile devices – and their security – and makes it easy to apply consistent policies across different mobile platforms. In addition, our Web Console lets you manage mobile devices and their security – plus the security of other endpoints – from anywhere you can get online.

**Some features are not available for some of the supported mobile platforms.

Controlling applications, devices and Internet access

Dynamic Whitelisting – to complement security

Our Application Control is the industry’s most comprehensive implementation. We’re the only security vendor that has invested in establishing its own Whitelisting Lab that checks applications for security risks. Our database of whitelisted applications includes over 1.3 billion unique files – and it’s growing by a further 1 million files per day. Application Control and Dynamic Whitelisting makes it easier for you to run a Default Deny policy that blocks all applications, unless they’re on your whitelist. If you’re looking to introduce or update a Default Deny policy, our new test mode lets you set up the policy in a test environment – so you can check your policy is correctly configured, before you ‘go live’.

Preventing the connection of unauthorized devices

Device Control tools make it easy to manage which devices are allowed to access your corporate IT network. You can set up controls that are based on the time of day, geographic location or the type of device. You can also align the controls with Active Directory – for granular administration and policy assignment. Administrators can also use masks in the creation of Device Control rules – so multiple devices can easily be whitelisted for use.

Monitoring and controlling Internet access

Our Web Control tools let you set up Internet access policies and monitor Internet usage. It’s easy to prohibit, limit, allow or audit your users’ activities on individual websites or categories of sites, such as games websites, social networks or gambling sites. Geographic and time-of-day controls may be aligned with Active Directory – to help in administration and setting policies.

Protecting corporate mail & preventing data leakage

Securing multiple platforms

With support for a wide range of mail servers – including Microsoft Exchange, IBM Lotus Notes / Domino, Sendmail, qmail, Postfix, Exim and CommuniGate Pro – our mail server security technologies protect mail traffic and groupware servers against malware and spam. Kaspersky Total Security for Business can also be used to set up a dedicated mail gateway.

Filtering out spam

Effective spam filtering can help businesses to boost efficiency and productivity. Our intelligent spam filtering technology helps to prevent the arrival of distracting spam messages in users’ inboxes. It achieves a very low rate of false positives – while reducing traffic on your corporate network.

Managing complexity

Easy-to-use tools simplify the management of your mail server security, including:

Monitoring protection status
Managing scan settings
Generating reports
Helping to preserve performance

With optimized scanning – plus the option to exclude specific items from a scan – our mail server protection also supports load balancing of server resources. This means you benefit from highly effective protection, without any significant impact on performance.

Boosts Data Protection and Compliance

Our technologies analyze the content of outgoing emails and automatically block messages and attachments that contain confidential corporate data or sensitive information about employees. In addition to scanning for words contained in our pre-installed glossaries – or your administrator’s custom glossary – we also scan for structured data.*

*Data Loss Protection features are licensed separately.
Protecting web gateways

Securing traffic

Our security technologies deliver protection for traffic flowing through most popular, Windows-based or Linux-based gateways – automatically removing malicious and potentially hostile programs that appear in HTTP(S), FTP, SMTP and POP3 traffic. With frequent updates, Kaspersky Total Security for Business helps to protect you against known and unknown threats.

Protecting mail

Kaspersky Total Security for Business can protect corporate mail flowing through Microsoft Forefront TMG or Microsoft ISA Server.

Delivering high detection rates

With intelligent, optimized scanning – plus load balancing – Kaspersky Total Security for Business delivers high detection rates, without any significant impact on system performance.

Enhancing manageability

Easy-to-use management tools – together with flexible reporting capabilities – help to ensure you get improved visibility and improved control of your security.

Securing collaboration & preventing data leakage

Protecting SharePoint environments

Easy-to-use security, file filtering and content filtering let you centrally manage the protection of an entire Microsoft SharePoint server farm – from a single console. Our protection technologies have very little impact on the performance of your systems.

Helping to optimize storage

To help you achieve more efficient use of your data storage, our file filtering technologies aid you in eliminating the storage of unnecessary files – and make it easier to enforce your document storage policies. You can create lists of prohibited file names and extensions – and we also provide preset file type profiles that let you rapidly implement policies for music, video, executable files and more. By analyzing real file formats – regardless of the file extension name – our technology ensures security policies cannot be violated by files that avoid the use of a prohibited file extension.

Providing flexible content filtering

By checking all documents against lists of prohibited content – including explicit words / phrases and the use of offensive language – content filtering helps you to control and assign internal collaboration policies. With pre-installed dictionaries / categories – and the ability to create your own list of prohibited words and phrases – it’s easy to configure content filtering that’s tailored to your requirements.

Giving you real-time status information

Our dashboard display gives you at-a-glance access to real-time data – including IT security status, database version and license status for all protected servers. In addition, Kaspersky Total Security for Business makes it easy to generate reports on events and security status.

Boosts Data Protection and Compliance

Kaspersky Total Security for Business analyzes the content of documents stored within Microsoft SharePoint Server – and automatically registers and blocks any that contain identified confidential corporate data or sensitive information. In addition to scanning for words contained in its pre-installed glossaries – or your administrator’s custom glossary – it also scans for structured data.*

*Data Loss Protection features are licensed separately.
Centralizing management tasks

Letting you control all functions from one console

Kaspersky Endpoint Security for Business | Select includes Kaspersky Security Center – a single unified management console that gives you visibility and control of all of the Kaspersky Lab endpoint security technologies that you’re running. Kaspersky Security Center lets you manage security for your mobile devices, laptops, desktops, file servers, virtual machines and more – with the convenience of a ‘single pane of glass’ console.

Delivering a higher level of integration

Because tightly-integrated code results in products that deliver improved security, performance and manageability, all of our endpoint technologies have been developed by our own in-house team. All of our endpoint protection functionality is contained in the same codebase – so there are no incompatibility issues for you to deal with. Instead, you benefit from seamlessly integrated security technologies that do more to protect your IT environment – while centralized management saves you time.

Kaspersky
Security for File Server
For Windows and Linux

*This product also offered as standalone product.
Can be bought separately.

  • Centralized, real-time protection
  • Hierarchical Storage Management
  • Advanced Configuration

PRODUCTS INFORMATION

Features

Rigorous security for Windows file servers

Our latest engine provides file server security and more. Because we deliver database updates on a very frequent basis, you benefit from better protection against the very latest threats.

Improved detection & less load on your resources

Our pattern-based and heuristic technologies achieve improved detection rates, while also helping to reduce the size of update files. You benefit from superior security that also helps to minimize the load on your IT infrastructure. In addition, because this latest release of Windows Endpoint Security for Windows is 30% smaller than the previous release, installation uses fewer resources.

Cloud-assisted protection

The cloud-based Kaspersky Security Network (KSN) receives data – about suspicious behavior and malware – from millions of consenting customers' computers. Armed with this real-time data from the field, we can provide an extremely rapid response to new and emerging malware. It also helps us to reduce the incidence of false positives – which helps your business to maintain productivity.

Flexible, class-leading firewall

Our Host-based Intrusion Prevention System (HIPS) and personal firewall let you set parameters for an individual port, IP address or application.

Protection against network attacks

Network Attack Blocker technology monitors suspicious behavior that occurs on your network. It also lets you preset how your system will respond if suspicious behavior is detected.

Unified management console

Kaspersky Endpoint Security for Windows (for file servers) is supplied complete with Kaspersky Security Center – the centralised management console that gives you detailed control over all Kaspersky Lab endpoint security technologies that are running on your IT network.

System Requirement

Hardware requirements

  • Intel Pentium 1 GHz or faster
  • 1 GB RAM
  • 2 GB of free space on the hard drive

General Requirement

  • Microsoft Internet Explorer 7.0 or later
  • Microsoft Windows Installer 3.0 or later
  • An Internet connection – for activating the application and for updating databases & application modules

Operating System

  • Microsoft Windows Server 2016 х64 Standard / Essentials х64*
  • Microsoft Windows Server 2012 R2 Standard / Essentials x64 (ReFS is supported with limitations. Server Core and Cluster Mode configurations are not supported.)
  • Microsoft Windows Server 2012 Foundation / Essentials / Standard x64 (ReFS, Server Core and Cluster Mode configurations are not supported.)
  • Microsoft Windows MultiPoint Server 2011 x64 Edition
  • Microsoft Small Business Server 2011 Essentials / Standard x64
  • Microsoft Windows Server 2008 R2 Standard / Enterprise / Foundation x64 SP0 or later
  • Microsoft Windows Server 2008 Standard / Enterprise x86 / x64 SP2 or later
  • Microsoft Small Business Server 2008 Standard / Premium x64
  • Microsoft Windows Server 2003 R2 Standard x86 / x64 SP2 or later
  • Microsoft Windows Server 2003 R2 Enterprise x86 / x64 SP2 or later
  • Microsoft Windows Server 2003 Standard x86 / x64 SP2
  • Microsoft Windows Server 2003 Enterprise x86 / x64 SP2 or later


Products Comparison