Endpoint Protection and EDR

Cynet converges endpoint protection, EDR and all other essential security technologies into the first autonomous security platform to provide total environment visibility and protection

Learn More

Kaspersky Endpoint Security Suite: Editions Structure, Pricing and Features

Kaspersky offers a robust set of endpoint security solutions, suitable for small, medium and large enterprises. The solutions provide preventive protection against malware and advanced threats, Endpoint Detection and Response (EDR) that helps respond to cyberattacks against endpoints (see our guide on EDR Cybersecurity), and security awareness training.

In this article you will learn:

  1. Kaspersky endpoint security suite basic capabilities
  2. Editions and pricing
  3. Endpoint support
  4. Security features included in each edition
  5. Endpoint protection with Cynet 360

Kaspersky Endpoint Security Suite: Basic Capabilities

The Kaspersky Endpoint Security suite helps organizations secure endpoints such as workstations, servers and mobile devices, and improve security for users. It includes three key capabilities:

  • Adaptive Endpoint Security—preventive measures to protect the endpoint and its data, including malware and exploit prevention, behavioral threat detection and network threat detection.
  • Endpoint Detection and Response—helps security teams rapidly respond to incidents and data breaches.
  • Security Awareness—computer-based training that makes employees aware of security threats such as social engineering.
  • A central emphasis in the design of Kaspersky’s endpoint solutions is that endpoint security should have minimal or no impact on the performance of the endpoint and the applications running on it.

    Editions and Pricing

    The Kaspersky suite includes several editions with variable pricing—we describe each edition in more detail in the following sections.

    EditionDescriptionPricing
    (annual, for 10 devices)*
    Kaspersky Endpoint Security for Business SELECTOn-premise solution with basic capabilities$539
    Kaspersky Endpoint Security for Business AdvancedOn-premise solution with enhanced capabilities$995
    Endpoint Security CloudCloud solution with basic capabilities$505
    Endpoint Security Cloud PlusCloud solution with enhanced capabilities$810

    * Editions and pricing may change from time to time, see the official pricing pages for each edition.

    Endpoint Support

    Kaspersky endpoint solutions support the following environments:

    ServersWorkstations and mobileSpecialist protection
    Windows serversWindows workstationsInternet gateways
    Linux serversMac workstationsMail servers
    Virtual machinesAndroid devicesMicrosoft SharePoint servers
    iOS devices
    Tablets and smartphones

    What’s Included in Each Edition?

    Endpoint Security for Business SELECT

    Endpoint Security for Business SELECT is the basic endpoint security offering, aimed at small to medium businesses. It is deployed on-premises.

    Core endpoint security features:

    • Exploit Prevention—prevents execution of malware and exploits and protects against unknown and zero-day threats
    • Behavioral detection and automatic rollback—protects against ransomware, fileless attacks, compromised privileged accounts. Automatic rollback enables instant reversal of changes made on a compromised endpoint.
    • Encryption protection—provides an anti-cryptor mechanism that block encryption on shared resources, when encryption originates from another machine
    • Network threat protection—identifies network attacks such traffic from known bad sources, and malware that modifies currently running processes.
    • Web console—central management of endpoints running on physical and virtual machines on-premises, in AWS and Azure.

    Mobile security features:

    • Anti-malware—machine-learning based detection of unknown threats, on-demand and scheduled malware scans.
    • Over the Air (OTA) provisioning—lets you pre-configure and deploy apps to mobile endpoints via SMS, email or PC workstation.
    • Anti-theft—tools that let you remotely inspect a SIM, remotely lock or wipe a machine and identify current location if a device is lost or stolen.
    • Application control

    Endpoint controls:

    • Application control—lets administrators enforce policies with regard to installation and usage of restricted applications, controls what software can run on PCs, and lets you perform Dynamic Whitelisting based on Kaspersky’s database of legitimate software.
    • Device control—lets you schedule and enforce policies regarding removable storage and peripherals.
    • Host Intrusion Prevention—restricts access to sensitive data on the endpoint and recording processes using Kaspersky’s reputation database.

    Kaspersky Endpoint Security for Business Advanced

    The Business Advanced edition offers identical capabilities to the Business SELECT edition, with the following additional features:

    • Patch management—identifies operating system and application vulnerabilities and applies the latest patches and security updates.
    • Encryption—enforces encryption of data at rest to prevent access to sensitive data on the endpoint.
    • Adaptive security—protects against application-based attacks by automatically raising security within each application to the highest level appropriate for internal users.
    • Protection for sensitive data—meets FIPS 140.2 and Common Criteria-certified encryption, manages OS-embedded encryption and helps comply with GDPR.
    • System image management—creates, stores and clones system images automatically, enabling easy deployment of new systems and system updates.

    Kaspersky Endpoint Security Cloud

    Endpoint Security Cloud is comparable to Business SELECT, but is a cloud-based solution, suitable for smaller businesses or those with limited IT/security staff. It offers predefined security policies and makes it easier to get started. It can also be used to secure remote workers using their personal devices.

    The Endpoint Security Cloud edition includes the following features:

    • File-, Web-, Mail Threat protection
    • Ransomware and Exploit prevention
    • Device firewall
    • Network Attack Blocker
    • Vulnerability Scans
    • Mobile protection

    Kaspersky Endpoint Security Cloud Plus

    The Endpoint Security Cloud Plus edition offers the same capabilities as Endpoint Security Cloud, with the following additional features which provide improved manageability for larger businesses:

    • Web Control
    • Device Control
    • Encryption management
    • Patch management

    Endpoint Protection—Prevention, Detection and Protection with Cynet 360

    Cynet 360 is a security solution that includes a complete Endpoint Protection Platform (EPP), including Next-Generation Antivirus (NGAV), device firewall, advanced EDR security capabilities and automated incident response. The Cynet solution goes beyond endpoint protection, offering network analytics, UEBA and deception technology.

    Cynet’s platform includes:

    • NGAV—blocks malware, exploits, LOLBins, Macros, malicious scripts, and other known and unknown malicious payloads.
    • Zero-day protection—uses User and Entity Behavior Analytics (UEBA) to detect suspicious activity and block unknown threats.
    • Monitoring and control—asset management, endpoint vulnerability assessments and application control, with auditing, logging and monitoring.
    • Response orchestration—automated playbooks and remote manual action for remediating endpoints, networks and user accounts affected by an attack.
    • Deception technology—lures attackers to a supposedly vulnerable honeypot, mitigating damage and gathering useful intelligence about attack techniques.
    • Network analytics—identifying lateral movement, suspicious connections and unusual logins.

    Learn more about the Cynet 360 security platform.

    Dive In

    Ebook Free Download

    Securing Your Organization’s Network on a Shoestring

    How to protect your resource-constrained organization’s endpoints, networks, files and users without going bankrupt or losing sleep.

    DOWNLOAD NOW
    Ebook Free Download

    Securing Your Organization’s Network on a Shoestring

    How to protect your resource-constrained organization’s endpoints, networks, files and users without going bankrupt or losing sleep.

    DOWNLOAD NOW
    SOLUTION BRIEF

    Automated Threat Discovery & Mitigation

    Secure your all organizational assets with a single platform. Cynet 360 protects across all threat vectors, across all attack stages.

    DOWNLOAD NOW
    SOLUTION BRIEF

    Automated Threat Discovery & Mitigation

    Secure your all organizational assets with a single platform. Cynet 360 protects across all threat vectors, across all attack stages.

    DOWNLOAD NOW
    FREE TRIAL

    Deploy Cynet in Minutes and Try it for 14 Days

    Try Cynet’s easy-to-launch prevention, detection and response platform across your entire organization - free for 14 days!

    START YOUR TRIAL