Kaspersky Endpoint Security Suite: Editions Structure, Pricing and Features
Kaspersky offers a robust set of endpoint security solutions, suitable for small, medium and large enterprises. The solutions provide preventive protection against malware and advanced threats, Endpoint Detection and Response (EDR) that helps respond to cyberattacks against endpoints, and security awareness training.
Endpoint Security for Business SELECT is the basic endpoint security offering, aimed at small to medium businesses. It is deployed on-premises.
Core endpoint security features:
Exploit Prevention—prevents execution of malware and exploits and protects against unknown and zero-day threats
Behavioral detection and automatic rollback—protects against ransomware, fileless attacks, compromised privileged accounts. Automatic rollback enables instant reversal of changes made on a compromised endpoint.
Encryption protection—provides an anti-cryptor mechanism that block encryption on shared resources, when encryption originates from another machine
Network threat protection—identifies network attacks such traffic from known bad sources, and malware that modifies currently running processes.
Web console—central management of endpoints running on physical and virtual machines on-premises, in AWS and Azure.
Mobile security features:
Anti-malware—machine-learning based detection of unknown threats, on-demand and scheduled malware scans.
Over the Air (OTA) provisioning—lets you pre-configure and deploy apps to mobile endpoints via SMS, email or PC workstation.
Anti-theft—tools that let you remotely inspect a SIM, remotely lock or wipe a machine and identify current location if a device is lost or stolen.
Application control—lets administrators enforce policies with regard to installation and usage of restricted applications, controls what software can run on PCs, and lets you perform Dynamic Whitelisting based on Kaspersky’s database of legitimate software.
Device control—lets you schedule and enforce policies regarding removable storage and peripherals.
Host Intrusion Prevention—restricts access to sensitive data on the endpoint and recording processes using Kaspersky’s reputation database.
Kaspersky Endpoint Security for Business Advanced
The Business Advanced edition offers identical capabilities to the Business SELECT edition, with the following additional features:
Patch management—identifies operating system and application vulnerabilities and applies the latest patches and security updates.
Encryption—enforces encryption of data at rest to prevent access to sensitive data on the endpoint.
Adaptive security—protects against application-based attacks by automatically raising security within each application to the highest level appropriate for internal users.
Protection for sensitive data—meets FIPS 140.2 and Common Criteria-certified encryption, manages OS-embedded encryption and helps comply with GDPR.
System image management—creates, stores and clones system images automatically, enabling easy deployment of new systems and system updates.
Kaspersky Endpoint Security Cloud
Endpoint Security Cloud is comparable to Business SELECT, but is a cloud-based solution, suitable for smaller businesses or those with limited IT/security staff. It offers predefined security policies and makes it easier to get started. It can also be used to secure remote workers using their personal devices.
The Endpoint Security Cloud edition includes the following features:
File-, Web-, Mail Threat protection
Ransomware and Exploit prevention
Network Attack Blocker
Kaspersky Endpoint Security Cloud Plus
The Endpoint Security Cloud Plus edition offers the same capabilities as Endpoint Security Cloud, with the following additional features which provide improved manageability for larger businesses:
Endpoint Protection—Prevention, Detection and Protection with Cynet 360