Kaspersky Endpoint Security for Business
On-premises endpoint protection that’s top value and packed with features – but it’s complex to deploy
SCORE ✪✪✪✪✪ PRICE 25 users, 1yr subscription, £616 exc VAT from kaspersky.co.uk
Kaspersky’s Endpoint Security for Business (ESB) runs on an on-premises host – so it’s ideal for businesses that want their security solution right where they can see it. We tested the entry-point ESB Select package, which offers anti-malware services for Windows servers and workstations, macOS and Linux, along with web, device and application controls – and there’s mobile security as well.
Installation starts with the ESB Security Center, which is the central point of contact for all functions. We had this up and running inside 40 minutes; while the main console hasn’t changed much over the years, it’s easy to get to grips with, and very informative.
Next, the Network Agent and Endpoint Security components must be installed on each client. You can do this from the main console: Kaspersky scanned the lab network, and picked up all of our Active Directory domains, workgroups and IP subnets. We manually selected all our Windows 7, 10 and Server 2012 R2 test hosts from the list of unassigned devices view, and pushed the components out to them with a click.
Deployment took around 15 minutes per system; when the process was complete, each client appeared in the default managed computer group. The System Center sets up default security policies for this group, so our hosts were protected immediately. You can also create custom groups for specific sets of clients; group settings are applied the moment a computer joins or is moved from another group. It’s even possible to create sub-groups, which inherit the settings of the top level group.
ESB’s policies control the clientside virus scanner, and provide separate options for scanning files, emails, IM and web traffic; a simple slider control lets you choose from three scan levels. In addition, there’s a client-side firewall with customised access rules, a network attack blocker and a system watcher that monitors suspicious application behaviour.
You can also set up policies to enforce application usage rules. To use this feature you need to sort applications into categories; with this done, you can then assign policies to
“The System Center console provides views of all clients, with coloured status icons and detailed statistics graphs”
allow or deny the use of certain types of software.
One aspect of ESB that didn’t impress us was its website access controls. Kaspersky provides just 15 URL categories, which you can block or allow; we’d have preferred to see a much finer-toothed approach. Still, these filters worked perfectly during our testing, blocking all our attempts to access off-limits games and gambling sites.
The antivirus side of things is nicely unobtrusive, with no user interaction required. When we copied our test malware samples onto a protected client, the agent set about quietly cleaning, deleting or quarantining them in the background.
Mobile devices can be managed by loading the ActiveSync plugin onto your Exchange server, or using Kaspersky’s iOS MDM server module. We found the documentation unclear, however, which made it frustrating to set up. The iOS module also relies on the iPhone Configuration Utility to set profiles; although this is still available for download, it’s no longer supported by Apple.
The System Center console provides an overview of all clients, with coloured status icons and detailed graphs showing protection and vulnerability levels, virus activity and updates. Reporting is very detailed, with predefined templates included for viewing anything from users on infected computers to web browsing behaviour; of course, you can also create custom reports to suit specific needs.
Although Kaspersky doesn’t offer a full cloud-based interface, it does support a web console that provides remote browser access to the Security Center. The interface is very sparse, however. Running on the Apache web server, it provides basic views of managed computers and alerts, plus options to apply tasks and configure policies.
Kaspersky Endpoint Security for Business is well worth considering by SMBs who aren’t keen to push their endpoint security management into the cloud. The wide range of features means it can be relatively complex to deploy, and the documentation wasn’t always as thorough as we’d have liked. All the same, the Select version offers powerful on-site security, and is also surprisingly good value.