Kaspersky Endpoint Security for Business Select review

On-premises endpoint protection that’s top value and packed with features but complex to deploy

Price
£616
  • Well-priced; Excellent malware protection
  • Limited web policy controls; Deployment is tedious

SMBs that want their endpoint security solution right where they can see it will like Kaspersky's Endpoint Security for Business (ESB) as it runs on an on-premises host. The entry-point ESB Select on review offers anti-malware for Windows servers and workstations, OS X and Linux, adds web, device and application controls and tops it off with mobile security.

Advertisement - Article continues below

Installation starts with the ESB Security Center, which installed all prerequisites for us and was completed inside 40 minutes. This provides the central point of contact for all ESB functions and although the main console hasn't changed much over the years, it is easy to use and very informative.

For client deployment, the console scanned the lab network and displayed all Active Directory domains, workgroups and IP subnets. Each client requires the Network Agent and Endpoint Security components, which we deployed manually by selecting all our Windows 7, 10 and Server 2012 R2 test hosts from the unassigned devices view and pushing both of them out with a single job.

Agent deployment took 15 minutes per system, after which they were dropped into the default managed computer group. When the System Center is installed, it creates base security policies for this group so all our hosts were protected immediately.

Advertisement
Advertisement - Article continues below

Custom groups can be created for specific sets of clients and their settings are applied the moment a computer joins or is moved from another group. We could have groups with their own policies and create sub-groups which inherited settings from the top level.

Advertisement - Article continues below

ESB's policies control the client real-time virus scanner and provides separate options for scanning files, emails, IM and web traffic, where we could choose from three scan levels using a slider. Kaspersky includes a client firewall with customized access rules, a network attack blocker and a system watcher that monitors suspicious application behavior.

Endpoint controls are equally good as the same policies can be used to apply application usage rules. We needed to define application categories first and then we added these to our policies to allow or deny their use.

Policy web controls are very unimpressive as Kaspersky only provides 15 URL categories to block or allow. Even so, they worked fine during testing and rebuffed all our attempts to access games and gambling sites.

No user interaction is required in the event of a malware detection. When we introduced our test malware samples, the agent quietly went about its job in the background by cleaning, deleting or quarantining them.

Advertisement - Article continues below

Mobiles can be managed by loading the ActiveSync plug-in on your Exchange server or using Kaspersky's iOS MDM server module. Weak documentation made the latter complex to setup and it also relies on the iPhone Configuration Utility to set iOS profiles which, although still available for download, is no longer supported by Apple.

The System Center console provides views of all clients with coloured status icons and detailed statistics graphs for protection and vulnerability levels, virus activity and updates. Reporting is very detailed, with predefined ones included for viewing anything from users on infected computers to web browsing behavior, plus options to create custom reports.

Kaspersky includes a web console which provides remote browser access to the Security Center but its interface is very sparse. Running on the Apache web server, it provides basic views of managed computers and alerts as well as options to apply tasks and configure policies.

Advertisement - Article continues below

Kaspersky's ESB is worth considering for SMBs wary of extending their endpoint security management into the cloud. The range of features and copious documentation does complicate deployment but the Select version offers powerful on-site security and is also surprisingly good value.

This review originally appeared in PC Pro issue 273

Verdict

Kaspersky's ESB is worth considering for SMBs wary of extending their endpoint security management into the cloud. The range of features and copious documentation does complicate deployment but the Select version offers powerful on-site security and is also surprisingly good value.

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement

Recommended

Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/security/cyber-security/355271/microsoft-gobbles-up-corpcom-domain-to-keep-it-from-hackers
cyber security

Microsoft gobbles up corp.com domain to keep it from hackers

8 Apr 2020
Visit/server-storage/servers/355254/a-critical-flaw-in-350000-microsoft-exchange-remains-unpatched
servers

A critical flaw in 350,000 Microsoft Exchange remains unpatched

7 Apr 2020