Windows Endpoint Security

Kaspersky Endpoint Security for Windows combines world-class anti-malware with application controls, web controls, & device controls, plus data encryption… in a single application. All functions can be managed from a unified console that’s purpose-built to ease deployment and administration across a range of Kaspersky technologies – so you can easily manage security for the multiple different types of endpoints across your network.

 

Relentless protection

With signature-based, proactive, and cloud-assisted detection technologies, Kaspersky Endpoint Security for Windows delivers multi-layer defense against all types of malware – including zero-day threats, evolving threats, and APTs (Advanced Persistent Threats). Security can be further augmented through integrated, advanced endpoint controls – Application Control, Web Control, and Device Control – and data encryption technologies, to provide comprehensive protection for your corporate systems and data.

Ease of deployment

Regardless of which level of integrated Kaspersky Lab business protection product* you buy, Kaspersky Endpoint Security for Windows is delivered and installed as a single application. Later, if you need to add further features, a simple license upgrade helps to simplify roll-outs.

Ease of management

Every anti-malware, endpoint control, and data encryption function and feature is managed from Kaspersky Security Center – Kaspersky’s integrated management console. From initial deployment through granular security policies, Kaspersky Security Center provides a single, unified approach to management, administration, and reporting.

Preserves more performance

All Kaspersky solutions are architected ‘from the ground up’ and are tightly integrated to ensure they work intelligently and efficiently together, and help to minimize the load on your computing resources.

*Kaspersky Endpoint Security for Business – Select, Kaspersky Endpoint Security for Business – Advanced, or Kaspersky Total Security for Business.

Features

Single application – single console – single policies

The integrated solution

Kaspersky Endpoint Security for Windows is a single application that covers a wide range of vital technologies:

  • Anti-malware protection – including firewall and HIPS
  • Endpoint controls
    • Application Control
    • Web Control
    • Device Control
  • Encryption

Whereas other vendors’ offerings may require you to purchase multiple products – each with a different management console – Kaspersky provides the solution to several major protection issues, in a single application.

Choose the modules you need

Kaspersky Endpoint Security for Windows is delivered and installed as a single agent that gives you access to all of the Kaspersky Endpoint Security for Windows functionality that’s included in your chosen tier of Kaspersky Endpoint Security for Business (Select or Advanced) or Kaspersky Total Security for Business.

    For Kaspersky Endpoint Security for Business – Select, the following are enabled:
  • Anti-malware protection – including firewall and HIPS
  • Endpoint controls
    • Application Control
    • Web Control
    • Device Control
  • ...plus other Kaspersky security technologies
    For Kaspersky Endpoint Security for Business – Advanced and Kaspersky Total Security for Business, the following are enabled:
  • Anti-malware protection – including firewall and HIPS
  • Endpoint controls
    • Application Control
    • Web Control
    • Device Control
  • Encryption*
  • ...plus other Kaspersky security technologies

*Although encryption functionality is delivered in a separate installation package, it can be automatically installed with Kaspersky Endpoint Security for Business – Advanced or Kaspersky Total Security for Business. So administrators only have to manage one task that automatically rolls out encryption and all other Kaspersky endpoint security technologies that are included in their chosen tier of Kaspersky endpoint security.

Easy to install and deploy

Installation is far quicker than for many other security products. Kaspersky Endpoint Security for Windows is a single agent – so there’s just one agent to install*. Kaspersky’s unified, central management console – Kaspersky Security Center – gives you convenient access to all parameters… so you can configure your protection as you require, and set policies for all features.

*Although encryption functionality is delivered in a separate installation package, it can be automatically installed with Kaspersky Endpoint Security for Business – Advanced or Kaspersky Total Security for Business. So administrators only have to manage one task that automatically rolls out encryption and all other Kaspersky endpoint security technologies that are included in their chosen tier of Kaspersky endpoint security.

Simple to upgrade

As and when your protection requirements change, you can upgrade to the next tier of Kaspersky Endpoint Security for Business / Kaspersky Total Security for Business – and access the additional Kaspersky Endpoint Security for Windows functionality… simply by unlocking features with a new license key.

Because Kaspersky Endpoint Security for Windows is installed as a single application, there’s no need to download any new software or update any programs when you upgrade from a lower tier**. You just enter your new license key and the additional features will be available immediately.

**Encryption functionality is delivered in a separate installation package. When upgrading to Kaspersky Endpoint Security for Business – Advanced or Kaspersky Total Security for Business (from Kaspersky Endpoint Security for Business – Select), administrators can deploy the encryption module without having to reinstall Kaspersky Endpoint Security for Business.

Anti-malware, firewall, and HIPS

Multi-layer protection

Kaspersky’s latest anti-malware engine combines signature-based, heuristic, and cloud-assisted technologies – to deliver multi-layer security.

Protection against zero-day threats and APTs

Kaspersky’s policy of delivering frequent updates helps to ensure you’re protected against zero-day threats and APTs (Advanced Persistent Threats).

Better protection – with less load

Pattern-based detection methodologies improve detection and reduce the size of update files – to help minimize the load on your systems.

Urgent Detection System

Kaspersky’s Urgent Detection System database is continually updated with data about the latest malware discoveries – to help protect your systems against new threats, before the release of a malware signature. Because protection no longer relies on signature updates, Kaspersky can deliver near real-time protection.

Kaspersky System Watcher

System Watcher maintains a log of the system and resources. In the event of malware causing an impact – within an application, the operating system or the system registry – the malware is quarantined and changes are automatically rolled back to the state prior to the system impact.

Active Disinfection

Active Disinfection works at the lowest levels of the operating system – to protect against malicious code.

Kaspersky Security Network (KSN) delivers cloud-based protection

KSN collects data about suspicious behavior and malware from millions of consenting customers’ computers – so you can benefit from a real-time response to new malware, with a low incidence of ‘false positives’.

Class-leading firewall

Kaspersky’s Host-based Intrusion Prevention System (HIPS) and personal firewall let you set parameters for an individual port, IP address, or application.

Network Attack Blocker

Kaspersky Network Attack Blocker monitors suspicious activity on your network. You can set your system to respond in a pre-defined way if any suspicious behavior is detected.

Automatic Exploit Prevention

Kaspersky’s Automatic Exploit Prevention technology specifically monitors the most frequently targeted exploit vulnerabilities – to apply industry-leading intelligence that provides an additional layer of enhanced security monitoring.

Endpoint controls

Application Control

Kaspersky provides application startup and privilege control functions – together with continuous application monitoring – to deliver industry-leading functionality. Complementary and robust Whitelisting Controls & Blacklisting Controls – including the world’s most complete default allow and default deny settings – give the administrator an extremely comprehensive set of enhanced security capabilities.

Device Control

Flexible and in-depth controls let you manage how specific types of devices – or individual devices – are allowed to access your systems. Geographic, time-of-day, and device-type controls may be aligned with Active Directory – to help ensure efficient and granular administration and policy assignment.

Web Control

Web Control lets you administer and monitor web policies – to provide granular control of access to Internet resources. Geographic and time-of-day controls may be aligned with Active Directory – to help ensure efficient and granular administration and policy assignment.

Encryption

Secure Cryptography

An AES encryption algorithm – with 256 bits of key length – ensures strong encryption of your data.

Full Disk Encryption (FDE)

FDE operates on the physical sectors of the disk – to deliver encryption that’s ‘close to the hardware’ and enable an ‘encrypt everything at once’ strategy.

File-Level Encryption (FLE)

FLE offers granular encryption of individual files and helps to enable secure sharing of data across your network. For enhanced security – after a file has been encrypted, the original, unencrypted data is wiped from the hard drive.

Removable media encryption

Removable media encryption delivers full-disk and file-level encryption – to secure data that is transferred on mobile devices.

Single Sign-on

Single Sign-on means users only have to switch on their PC – and enter their user name and password – in order to load Windows and access the encrypted data on the PC’s hard drive. With Single Sign-on, the encryption / decryption process is virtually transparent to the user… which helps to maintain productivity.

Integration with Application Control

Flexible settings let you manage whether an application can access encrypted data / decrypted data or is denied access. Blocking access to encrypted data helps to ensure sensitive information cannot be sent by applications such as Skype and Instant Messaging programs. Enabling access to ciphertext helps administrators to manage secure backup processes.

Maintaining security beyond your perimeter

Password-protected, encrypted, self-extracting packages of files and folders enable the secure transfer of sensitive data – via a removable device, email, or the web. A special ‘portable mode’ for encrypted removable media (available for FLE) enables the secure transfer and operation of encrypted data – even onto computers that are not running Kaspersky Endpoint Security for Business.

Decrypting data on faulty machines

If a system develops a fault – even if its operating system is unable to boot – you can decrypt data with special recovery tools, using a device-unique key that is held in escrow within Kaspersky Security Center.

Single management console

Every feature within Kaspersky Endpoint Security for Windows can be set up and managed via Kaspersky Security Center – the easy-to-use, centralized management console that gives you detailed control over virtually all Kaspersky security technologies running on your IT network.

Kaspersky Security Center delivers a ‘one pane of glass’ management console – so you don’t have to invest time getting to grips with a different management interface for every different security technology that your systems need.

  • Deploy and manage Kaspersky Endpoint Security for Windows – and other Kaspersky technologies – across your corporate network
  • Apply anti-malware, endpoint controls, and encryption settings within a single policy
  • Manage Kaspersky anti-malware protection across a range of platforms and operating systems:
    • Apple Mac
    • Linux
    • Windows – including Windows 8
  • Set policies that can be applied across both physical and virtual machines
  • Generate a wide range of customizable reports on security status and performance

System requirements

Hardware requirements:
  • Intel Pentium 1 GHz or faster
  • 1 GB RAM
  • 2 GB of free hard drive space
General requirements:
  • Microsoft Internet Explorer 7.0 or higher
  • Microsoft Windows Installer 3.0 or higher
  • An Internet connection – for activating the application and for updating databases & application modules
Operating systems – for workstations:
  • Microsoft Windows 8.1 Enterprise x86/x64
  • Microsoft Windows 8 Professional / Enterprise
  • Microsoft Windows 8 Professional / Enterprise x64 Edition
  • Microsoft Windows 7 Professional / Enterprise / Ultimate SP0 or higher
  • Microsoft Windows 7 Professional / Enterprise / Ultimate x64 Edition SP0 or higher
  • Microsoft Windows Vista Business / Enterprise / Ultimate SP2
  • Microsoft Windows Vista Business / Enterprise / Ultimate x64 Edition SP2
  • Microsoft Windows XP Professional SP3 or higher
Operating systems – for servers:
  • Microsoft Windows Server 2012 R2 Standard x64(Server Core & Cluster Mode
    are not supported, file system ReFS is supported with limitations)
  • Microsoft Small Business Server 2011 Essentials / Standard / Premium x64 Edition
  • Microsoft Windows MultiPoint Server 2011 х64 Edition
  • Microsoft Windows Server 2012 Foundation х64 Edition (ReFS is not supported; Core mode is not supported)
  • Microsoft Windows Server 2012 Essentials х64 Edition (ReFS is not supported; Core mode is not supported)
  • Microsoft Windows Server 2012 Standard х64 Edition (ReFS is not supported; Core mode is not supported)
  • Microsoft Windows Server 2008 R2 Standard / Enterprise х64 Edition SP0 or higher
  • Microsoft Windows Server 2008 R2 Foundation х64 Edition SP0 or higher
  • Microsoft Windows Server 2008 Standard / Enterprise х64 Edition SP2 or higher
  • Microsoft Windows Server 2008 Standard / Enterprise SP2 or higher
  • Microsoft Windows Server 2003 R2 Standard / Enterprise SP2 or higher
  • Microsoft Windows Server 2003 R2 Standard х64 Edition SP2 or higher
  • Microsoft Windows Server 2003 Standard SP2
  • Microsoft Windows Server 2003 Standard х64 Edition SP2
ENDPOINT SECURITY FOR BUSINESS - SELECT
ENDPOINT SECURITY FOR BUSINESS - SELECT

  • Award-winning, multi-layer anti-malware
  • Endpoint controls – Application, Device & Web
  • Mobile security & mobile device management... and more

Free TrialsBuy NowRequest a Demo
 
ENDPOINT SECURITY FOR BUSINESS - ADVANCED
ENDPOINT SECURITY FOR BUSINESS - ADVANCED

  • Rigorous anti-malware & endpoint controls
  • Data encryption – for added security
  • Vulnerability scanning & patch management
  • Systems management & IT efficiency tools

Free TrialsBuy NowRequest a Demo
 
TOTAL SECURITY FOR BUSINESS
TOTAL SECURITY FOR BUSINESS

  • Award-winning anti-malware – plus endpoint controls
  • Data encryption – to protect precious business data
  • Patch management – including automatic vulnerability scan
  • Efficiency-boosting systems management tools
  • Email security – to defend against spam and malware
  • Internet gateway security – for safer web access

Free TrialsBuy NowRequest a Demo