KasperskySecurity for Windows Server
Complex corporate IT networks require the highest levels of protection – a single piece of malware can spread rapidly across a network, disrupting business processes and destroying IT infrastructure. Servers need dedicated security solutions to protect critical data against the latest malware threats, performing continuously under the heaviest load conditions, with minimal impact on resources.
Kaspersky Security for Windows Server was developed specifically to protect complex networks and ensure that valuable corporate resources are efficiently secured. With prompt threat detection and response and exceptional resilience, together with launch control and exploit prevention against emerging threats, it delivers advanced server protection to businesses of all sizes.
Advanced server protection
Next-generation protection against the latest malware
Based on Kaspersky's unique HuMachine framework, Kaspersky Security for Windows Server's multi-layered threat protection system detects all types of malware, including advanced, sophisticated and emerging threats. Despite its power, it has minimal impact on server performance and provides different optimization capabilities depending on server role (for example, by configuring application priority or excluding business-critical trusted processes from scanning).
Cloud-assisted server protection
Kaspersky Security Network (KSN) delivers a faster-than-ever response to new threats, improving the performance of protection components and minimizing the risk of false positives.
NEW: Exploit prevention
Kaspersky Security for Windows Server comprises a powerful Exploit Prevention mechanism that protects process memory from exploits. It watches over protected processes and prevents attempts to exploit unpatched or even zero-day vulnerabilities in system components and applications.
NEW: System hardening
The most reliable resilience against data breaches is attained by implementing the Default Deny scenario using Application Launch Control. By prohibiting the use of any application other than trusted system components and specified programs or services, most malware types are automatically blocked from starting. Together with Device Control running in Default Deny mode ruling out the use of any unsolicited storage, these components considerably reduce the attack surface and boost the security of the server protected by Kaspersky.
Making sure critical system components and processes (as well as mission-critical applications) remain intact is as important for the server's smooth functioning as for the security of the sensitive data processed on it.
Kaspersky Security for Windows Server takes care of this, providing features such as File Integrity Monitor and Log Inspection which help to not only prevent unwanted changes to the system but also to detect certain indicators of a security breach and complying with a number of regulations such as PCI/DSS.
Protection for terminal servers
Kaspersky Security for Windows Server protects a wide range of remote access environments including Microsoft Terminal Services and Citrix XenApp/Xen Desktop:
- End users sessions in desktop publishing modes remain secured against malware threats, including ransomware. The new Traffic Security component of Kaspersky Security for Windows Server provides anti-virus and anti-phishing protection for web and mail traffic on the Terminal Server.
- Security controls, specifically Application and Web Controls with Kaspersky categories restrict the use of unsolicited resources, reducing the risk of a data breach.
NEW: Support for Microsoft Windows Server containers
The rapid spread of Docker-based container virtualization requires specific protection, taking into account containers using the same kernel as other server processes. Kaspersky Security for Windows Servers secures Windows Server containers, making sure that compromised containers you may encounter won't harm your business
Support for virtualized environments
Kaspersky Security for Windows Server delivers reliable security for any kind of virtualized or hybrid infrastructure - private, hosted or in a public cloud.
NEW: External traffic security
This new system delivers traffic malware filtering, web links verification and web-resource control, based on Kaspersky categories for any external system supporting the ICAP protocol like proxy servers, storage or any other ICAP-supporting system.
'Always-on' multi-layered protection for storage
Kaspersky Security for Windows Servers supports a wide range of storage systems from the most prominent vendors, including Hitachi, EMC², IBM, Dell, Oracle and NetApp. It supports both on-access scanning (when a launched file is modified) and on-demand scanning (either by request or scheduled). For NetApp Storage, unique Anti-Cryptor functionality is available. This technology secures data on NAS shares from ransomware and blocks any attempt to encrypt data on storage from any connected host machine with running crypto-malware.
Protecting shared folders and storages from crypto-malware (Anti-Cryptor)
Kaspersky products were one of the first to offer dedicated protection of endpoints from encrypting ransomware. Servers are rarely attacked directly, but with cryptors now becoming a pandemic, they regularly suffer from remotely initiated encryption of the data stored on file shares.
Kaspersky Security for Windows Servers contains a unique anti-cryptor mechanism capable of blocking encryption of files on shared resources from a malicious process running on another machine on the same network. This system constantly watches over the protected shared folders, tracking the state of the stored files. As soon as encryption activity is detected, the system blocks the attack source machine from accessing the server, stopping the encryption process and preventing the loss of corporate data. This functionality is available for Windows and NetApp storage systems.
Flexible, easy management
Control over administrator privileges
Choose the appropriate privilege level for each server's administrator, making it easy to comply with security requirements specific to different departments and roles.
Notifications can be sent to administrators via messaging service or email. Kaspersky Security for Windows Server is integrated with Simple Network Management Protocol (SNMP) and can operate with System Center Operations Manager (SCOM). Alternatively, monitor operations by reviewing Microsoft Windows or Kaspersky Security Center event logs.
NEW: SIEM integration
Kaspersky Security for Windows Server provides integration capabilities for different SIEM systems. The application can convert events in application logs into formats supported by the syslog server so that those events can be recognized and imported into a SIEM. The application supports conversion into structured data format and into JSON format.
NEW: Windows Firewall management
To improve the convenience of server security management, Kaspersky Security for Windows Servers allows the configuration of the local Windows firewalls of your servers directly from the unified console of Kaspersky Security Center.