Complex corporate IT networks require the highest levels of protection – a single piece of malware can spread rapidly across a network, disrupting business processes and destroying IT infrastructure. Servers need dedicated security solutions to protect critical data against the latest malware threats, performing continuously under the heaviest load conditions, with minimal impact on resources.
Kaspersky Security for Windows Server was developed specifically to protect complex networks and ensure that valuable corporate resources are efficiently secured. With prompt threat detection and response and exceptional resilience, together with launch control and exploit prevention against emerging threats, it delivers advanced server protection to businesses of all sizes.
Based on Kaspersky Lab's unique HuMachine framework, Kaspersky Security for Windows Server's multi-layered threat protection system detects all types of malware, including advanced, sophisticated and emerging threats. Despite its power, it has minimal impact on server performance and provides different optimization capabilities depending on server role (for example, by configuring application priority or excluding business-critical trusted processes from scanning).
Kaspersky Security Network (KSN) delivers a faster-than-ever response to new threats, improving the performance of protection components and minimizing the risk of false positives.
Kaspersky Security for Windows Server comprises a powerful Exploit Prevention mechanism that protects process memory from exploits. It watches over protected processes and prevents attempts to exploit unpatched or even zero-day vulnerabilities in system components and applications.
The most reliable resilience against data breaches is attained by implementing the Default Deny scenario using Application Launch Control. By prohibiting the use of any application other than trusted system components and specified programs or services, most malware types are automatically blocked from starting. Together with Device Control running in Default Deny mode ruling out the use of any unsolicited storage, these components considerably reduce the attack surface and boost the security of the server protected by Kaspersky Lab.
Making sure critical system components and processes (as well as mission-critical applications) remain intact is as important for the server's smooth functioning as for the security of the sensitive data processed on it.
Kaspersky Security for Windows Server takes care of this, providing features such as File Integrity Monitor and Log Inspection which help to not only prevent unwanted changes to the system but also to detect certain indicators of a security breach and complying with a number of regulations such as PCI/DSS.
Kaspersky Security for Windows Server protects a wide range of remote access environments including Microsoft Terminal Services and Citrix XenApp/Xen Desktop:
The rapid spread of Docker-based container virtualization requires specific protection, taking into account containers using the same kernel as other server processes. Kaspersky Security for Windows Servers secures Windows Server containers, making sure that compromised containers you may encounter won't harm your business
Kaspersky Security for Windows Server delivers reliable security for any kind of virtualized or hybrid infrastructure - private, hosted or in a public cloud.
This new system delivers traffic malware filtering, web links verification and web-resource control, based on Kaspersky categories for any external system supporting the ICAP protocol like proxy servers, storage or any other ICAP-supporting system.
Kaspersky Security for Windows Servers supports a wide range of storage systems from the most prominent vendors, including Hitachi, EMC², IBM, Dell, Oracle and NetApp. It supports both on-access scanning (when a launched file is modified) and on-demand scanning (either by request or scheduled). For NetApp Storage, unique Anti-Cryptor functionality is available. This technology secures data on NAS shares from ransomware and blocks any attempt to encrypt data on storage from any connected host machine with running crypto-malware.
Kaspersky Lab products were one of the first to offer dedicated protection of endpoints from encrypting ransomware. Servers are rarely attacked directly, but with cryptors now becoming a pandemic, they regularly suffer from remotely initiated encryption of the data stored on file shares.
Kaspersky Security for Windows Servers contains a unique anti-cryptor mechanism capable of blocking encryption of files on shared resources from a malicious process running on another machine on the same network. This system constantly watches over the protected shared folders, tracking the state of the stored files. As soon as encryption activity is detected, the system blocks the attack source machine from accessing the server, stopping the encryption process and preventing the loss of corporate data. This functionality is available for Windows and NetApp storage systems.
Choose the appropriate privilege level for each server's administrator, making it easy to comply with security requirements specific to different departments and roles.
Notifications can be sent to administrators via messaging service or email. Kaspersky Security for Windows Server is integrated with Simple Network Management Protocol (SNMP) and can operate with System Center Operations Manager (SCOM). Alternatively, monitor operations by reviewing Microsoft Windows or Kaspersky Security Center event logs.
Kaspersky Security for Windows Server provides integration capabilities for different SIEM systems. The application can convert events in application logs into formats supported by the syslog server so that those events can be recognized and imported into a SIEM. The application supports conversion into structured data format and into JSON format.
To improve the convenience of server security management, Kaspersky Security for Windows Servers allows the configuration of the local Windows firewalls of your servers directly from the unified console of Kaspersky Security Center.