Kaspersky Endpoint Security for Business Select combines robust system controls with powerful security for all devices across your IT infrastructure – managed from a single, centralized, highly integrated management console.
Protection from the cyber threats your business faces
Kaspersky Endpoint Security for Business Select delivers multi-layered protection against known, unknown and advanced threats, powered by a unique combination of big data threat intelligence, machine learning and human expertise for higher levels of protection.
Protection that supports your workflow and processes
True platform independence means Kaspersky Endpoint Security for Business Select protects users regardless of what device or platform they use – or where they use them.
Granular security management
Kaspersky Endpoint Security for Business Select includes a single, highly integrated management console – Kaspersky Security Center – for centralized control over all devices in the network. Set up your own policies according to your specific requirements, or hit the ground running by using preconfigured policies developed by Kaspersky Lab experts.
Flexibility and full scalability
Our range of Targeted Security Solutions lets you add additional protection and management technologies when you need them, including:
- Kaspersky Security for Virtualization
- Kaspersky Security for Mail Server
- Kaspersky Security for Storage
- Kaspersky Security for Internet Gateway
- Kaspersky Security for Collaboration
- Kaspersky Vulnerability and Patch Management
Powerful multi-layered protection for laptops, workstations, servers and mobile devices, designed and built by the industry’s leading security experts*.
*Exact feature set varies depending on platform
Multi-layered security for desktops, servers and mobile devices
Multi-layered security and control
Kaspersky Endpoint Security for Business Select combines multiple technologies to protect all devices and environments against a constantly evolving cyber-threat landscape. Security controls along with Automatic Exploit Prevention, Host-Based Intrusion Prevention System and others significantly reduce the probability of a malware intrusion. A host of other technologies and processes detect and identify the malware at endpoint to stop it in its tracks and roll-back its actions.
The best of machine learning and human ingenuity
Kaspersky Lab’s unique HuMachine™ approach is powered by a combination of big data threat intelligence, machine learning and human expertise to ensure higher levels of multi-layered detection – without complexity or management headaches.
Using the power of cloud intelligence
Millions of Kaspersky customers worldwide voluntarily provide anonymized threat data from their devices to Kaspersky Security Network (KSN). This cloud-based threat lab gathers and stores massive volumes of metadata from suspicious files that enable it to make rapid, accurate decisions about the safety of files and URLs without having to completely analyze their content. This enables protection from unknown threats.
Detecting suspicious behavior
Kaspersky Endpoint Security for Business Select uses behavioral detection at both pre-execution and execution stage. Behavioral detection is supported by Kaspersky Security Network which stores huge amount of suspicious files’ metadata.
Prior to a file launching, behavioral detection using emulation plays a critical role in identifying unknown and advanced threats. Once an application has launched, SystemWatcher monitors files for signs of suspicious activity, comparing it with known malicious applications. Malicious files are blocked and any actions rolled back automatically.
Protecting against exploits
No application or operation system can boast that it is 100% free from vulnerabilities. These vulnerabilities can be exploited by malware to penetrate your network, infect your workstations and servers and disrupt your operations. Our innovative Automatic Exploit Prevention (AEP) technology helps to ensure malware can’t exploit vulnerabilities within the operating systems or applications that are running on your network. AEP specifically monitors the most frequently targeted applications – including Adobe Reader, Internet Explorer, Microsoft Office, Java and many more – to deliver an extra layer of security monitoring and protection against unknown threats.
Protecting the corporate network
Threats targeting corporate networks – including port scanning, denial-of-service attacks and buffer-overrun attacks – are on the increase. The Network Attack Blocker technology within Kaspersky Endpoint Security for Business Select detects and monitors suspicious activities on your corporate network and lets you preconfigure how your systems should respond if suspicious behavior occurs.
Security controls to manage applications, devices and Internet access
Dynamic whitelisting for application control
There are thousands of new applications on the market, and the number is growing every day. Keeping track of which are potentially dangerous and which aren’t is a challenge. Kaspersky’s dynamic whitelisting approach allows system administrators to activate a Default Deny policy that blocks all applications – unless they’re on your whitelist. Our in-house whitelisting lab constantly checks applications for security issues, adding them to the database of whitelisted applications (this database includes over 1.3 billion unique files – with 1 million files being added every day). Kaspersky customers have access to this database for use as is, or to adapt to their specific business requirements. Test mode ensures that no accidental blocking of business-critical applications takes place and there is no unwanted impact on functionality.
Control applications on servers and workstations
Our System Watcher technology monitors an application’s behavior as it launches on the server or employee machine to identify malicious patterns of activity. Malicious files are blocked – and on workstations, malicious activities are rolled back.
Control application privileges to minimize risks
For some applications – even though the applications may not be classified as malicious – their activities may be regarded as high-risk. In many cases, it’s advisable that these activities are restricted. Our Application Privilege Control (Host-Based Intrusion Prevention System – HIPS) restricts activities within the endpoint, according to the ‘trust level’ that has been assigned to the application and limits the rights of applications to access certain resources, including system and user files. Access of applications to audio and video recording devices can also be controlled.
Preventing unauthorized devices gaining access
To prevent unauthorized devices gaining access to your network, Kaspersky’s device controls enable you to set up controls based on time of day, geographical location or type of device. You can align the controls with Active Directory for granular administration and policy assignment and employ masks in the creation of Device Control rules and whitelist multiple devices if required. Kaspersky Endpoint Security for Business also logs all ‘delete and copy’ operations performed on removable USB devices, and manages user rights for file ‘read and write’ operations on CD/DVDs.
Flexible Wi-Fi control
Use of untrusted public Wi-Fi networks exposes devices – and the corporate network – to attack. By creating a list of trusted networks specifically for employees, you can allow access to trusted Wi-Fi networks and prohibit use of other networks without impacting on worker mobility.
Monitoring and control of Internet access
With more and more time spent online, including at work, Kaspersky’s web control tools let you set up Internet access policies and monitor Internet usage. It’s easy to prohibit, limit, allow and audit users’ activities on individual websites and/or categories of sites, such as games websites, social networks or gambling sites. Geographic and time-of-day controls can be aligned with Active Directory to help administrate and set policies.
System administrators are stretched, and any time spend on admin and generating reports could be spent on other critical, core business functions instead. Kaspersky Endpoint Security for Business Select includes Kaspersky Security Center (KSC), a centralized, highly integrated management tool that provides a complete view, and control, of the Kaspersky Lab endpoint security technologies in your business. KSC makes management of mobile devices, laptops, desktops, file servers, and virtual machines easy, while also generating reports, all from a convenient ‘single pane of glass’ console.
Supporting common MDM platforms to manage mobile devices
To manage all your mobile devices centrally you need a security solution that is integrated with all leading mobile device management platforms. Kaspersky Endpoint Security for Business Select supports Microsoft® Exchange ActiveSync®, iOS MDM and Samsung KNOX™ and enables easy creation of policies for each platform, e.g. mandatory encryption, password enforcement, camera usage, APN/VPN settings. Android for Work enables business profile creation and business application and device management.
Delivering a higher level of integration
All the technology within Kaspersky Endpoint Security Select has been developed in-house with a tightly-integrated code, which means there are no compatibility issues for you to deal with, and scalability is easy. Seamlessly integrated security technologies that do more to protect your IT environment – while centralized management saves you time.