Business changes are placing tremendous demands on IT. New technologies are being adopted by IT as a response to these pressures - but these trends pose critical and dangerous malware risks to the organization.
Kaspersky enables customers to embrace new technologies and feel confident that they’re protected against the threats of tomorrow’s IT trends.
As a cornerstone of Kaspersky’s solutions, Kaspersky Endpoint Security for Windows provides centralized protection of Windows workstations and Windows servers from malware, potentially dangerous programs and network attacks.
- Best-of-breed anti-malware protection
Using signature-based, proactive defense technologies and the power of the cloud-assisted Kaspersky Security Network, the application intelligently scans workstations, servers and analyzes system and application behaviors. Because the Kaspersky architecture is tightly integrated, all program components work together for maximum protection with a light resource footprint.
- Powerful controls
Application Control, Device Control and Web Control bring a comprehensive level of manageability and deeper protection to the endpoint. Administrators can restrict access to external devices and non-essential websites. A customizable whitelist or blacklist of applications and tools to limit their privileges add to Kaspersky’s protective measures, which increase employee productivity, data protection and IT policy enforcement.
- Flexible, centralized administration
Using the Kaspersky Security Center application, remotely install the solution on workstations and servers, set protection parameters, manage anti-malware updates, monitor security status and respond to events. Features such as centralized vulnerability flagging, virtual machine support and sub-administration capabilities are also included.
- Proactive technologies and heuristics
System Watcher and other proactive components in Kaspersky Endpoint Security for Windows deliver protection against threats that have not yet been recorded in signature databases. Using Behavior Streams Signature patterns, suspicious behaviors are analyzed, immediate action is taken and, if necessary, unwanted changes are rolled-back and damaged data is restored.
Kaspersky Endpoint Security for Windows uses the most modern technologies from Kaspersky Lab to protect Windows workstations and servers on corporate networks.
- Security for file systems
All files are scanned (for malicious content) when created, launched or modified. Any individual files, directories and disks (local and network) can also be scanned.
- Kaspersky Security Network
Tens of millions of members in our global user community volunteer (“opt-in”) to provide data about suspicious activities and attempted malware infections to the cloud-based Kaspersky Security Network. The network immediately provides a response to suspected threats, much faster than traditional methods of protection. Using this experiential data, cloud-assisted protection reduces “false positives” which translates into an increase in business productivity.
- Safety online
Kaspersky applications scan HTTP traffic in real time using a variety of methods that include heuristic analysis of web pages. Blocking access to infected websites whose addresses are blacklisted ensures Internet users can work in a secure environment. Blacklisted URLs are updated real-time by the Kaspersky Security Network or can be customized by the administrator.
- Protection from hacker attacks
An improved firewall, together with IPS, safeguard workstations and servers on any type of network. Predefined rules for more than 250 of the most commonly used applications reduce time spent on configuring the firewall.
- Secure electronic communication
Mail traffic is scanned at the level of the data transfer protocol (POP3, IMAP, MAPI and NNTP for incoming traffic and SMTP for outgoing traffic, including SSL connections). The solution is compatible with the most common mail programs. The application also scans files and links sent via instant messaging systems (ICQ, MSN, AIM).
- Protection from phishing
A database containing URLs of phishing sites is used to identify and disable links to such websites in the Internet browser, at the same time rebuffing emails from phishers in the mail program. This list is updated real-time by the Kaspersky Security Network.
Kaspersky has integrated Application Control, Device Control and Web Content Filtering to Kaspersky Endpoint Security for Windows. These controls combined with the powerful protection of Kaspersky provide a deeper level of endpoint security.
- Application Startup Control
Kaspersky can prevent certain (or groups of) applications from launching by using administrative and cloud-assisted Whitelisting or Blacklisting. Customize either a “default deny” or “default allow” scenario to prevent unwanted applications from running.
- Application Privilege Control
Restrictions can be applied to application behaviors in the operating system, and their access to computer resources. Using administrator or cloud-assigned categories, applications can be grouped according to their trustworthiness and assigned system rights.
- Web Controls and Content Filtering
Provides administrative filtering of web resources by URL, content and data type. Flexibly set controls to grant permission, prohibit, limit or conduct user audits for certain categories of websites. Flexible scheduling of web usage rules enables web access during certain hours, helping enforce company policies.
- Device Control
Removable devices (data storage devices, I/O devices) on the corporate network can be regulated with flexible policy scenarios. These devices can be restricted to a granular device ID level, connection bus, or device type. A scheduling function enables certain rules to take effect during specific times. These controls reduce the risk of malicious programs penetrating users’ computers and help prevent confidential data leaks.
- Vulnerability Scanner
On-demand and on-access vulnerability scanning and centralized reporting allow the grouping of endpoints according to detected vulnerabilities. The feature helps identify system weak points, missing patches and neglected application and OS updates.
Kaspersky Endpoint Security for Windows benefits from an enhanced antivirus engine and a range of optimization technologies, ensuring the most efficient use of workstation and server resources with minimal impact on performance.
- Enhanced antivirus engine
By combining signature and pattern-based, proactive defense and cloud-assisted technologies, malware detection is maximized. The program’s integrated codebase optimizes the use of system resources and has minimal impact on other programs.
- QScan Technology
A deep scanning technology that works at the lowest levels of an operating system to neutralize any malicious objects detected at the root of a user’s system.
- Resource management
During periods of increased user activity, the Kaspersky Endpoint Security for Windows reduces its demand on system resources. Scanning continues in background mode, which does not impede the user’s work with other applications.
Kaspersky’s powerful Kaspersky Administration Kit has evolved into the comprehensive Kaspersky Security Center. The product provides centralized administration for Kaspersky Endpoint Security for Windows on workstations and file servers. From this central console, install, configure and update Kaspersky Lab endpoint solutions on the network, whether on physical or virtual machines.
For more about the central administration features of the product, see Kaspersky Security Center.
Transparently install Kaspersky Endpoint Security for Windows on either file servers or workstations
Please note that the distributive version of Kaspersky Endpoint Security for Windows allows installation on both client and server Windows operating system as part of the following Kaspersky products:
- Kaspersky Work Space Security may be installed on client workstations only
- Kaspersky Security for File Server may be installed on servers only
- Kaspersky Business Space Security, Kaspersky Enterprise Space Security, or Kaspersky Total Space Security may be installed on both workstations as well as servers
System Requirements for Kaspersky Endpoint Security for Windows
Hardware and Software Requirements
To ensure proper functioning of Kaspersky Endpoint Security 10 for Windows, a computer must meet the following requirements:
- 1 GB of free hard drive space.
- Microsoft Internet Explorer 7.0 or higher.
- Microsoft Windows Installer 3.0 or higher.
- An Internet connection for activating the application and for updating databases and application modules.
Hardware requirements for computers with workstation operating systems:
- Microsoft Windows 8 Professional / Enterprise,
- Microsoft Windows 8 Professional / Enterprise x64 Edition,
- Microsoft Windows 7 Professional / Enterprise / Ultimate SP0 or higher,
- Microsoft Windows 7 Professional / Enterprise / Ultimate x64 Edition SP0 or higher,
- Microsoft Windows Vista Business / Enterprise / Ultimate SP2,
- Microsoft Windows Vista Business / Enterprise / Ultimate x64 Edition SP2,
- Microsoft Windows XP Professional SP3 or higher:
- Intel Pentium 1 GHz or faster;
- 1 GB RAM
Hardware requirements for computers with server operating systems:
- Microsoft Small Business Server 2011 Essentials / Standard / Premium х64 Edition,
- Microsoft Windows MultiPoint Server 2011 х64 Edition,
- Microsoft Windows Server 2012 Foundation х64 Edition,
- Microsoft Windows Server 2012 Essentials х64 Edition,
- Microsoft Windows Server 2012 Standard х64 Edition,
- Microsoft Windows Server 2008 R2 Standard / Enterprise х64 Edition SP0 or higher,
- Microsoft Windows Server 2008 R2 Foundation х64 Edition SP0 or higher,
- Microsoft Windows Server 2008 Standard / Enterprise х64 Edition SP2 or higher,
- Microsoft Windows Server 2008 Standard / Enterprise SP2 or higher,
- Microsoft Windows Server 2003 R2 Standard / Enterprise SP2 or higher,
- Microsoft Windows Server 2003 R2 Standard х64 Edition SP2 or higher,
- Microsoft Windows Server 2003 Standard SP2,
- Microsoft Windows Server 2003 Standard х64 Edition SP2:
- Intel Pentium 1 GHz or faster;
- 1 GB RAM