Quick and accurate endpoint security software
Updated November 29, 2019

Quick and accurate endpoint security software

Junie Johwa | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Kaspersky Endpoint Security

It is used by the whole business only on workstations and laptops. It is used to protect workstations and laptops from security threats.

Pros

  • Detecting threats with accuracy.
  • Immediate scan of removable drives which often are notorious threat vectors.
  • Can scan for limited software vulnerabilities.
  • Stable.

Cons

  • Being able to throttle its scan performance centrally, it can suck up CPU for workstations and laptops during scheduled full scans.
  • Less CPU usage - It was removed from all our servers in favor of Microsoft System Center Endpoint Protection as all our virtual servers were literally squeezed of their CPU usage by the application.
  • Installation is two fold, agent and the endpoint protection software.
  • Threats are detected with accuracy, no false positives from our experience.
  • Heuristics are very sharp and work very well so they can flag unusual behavior.
  • Manage and deploy or uninstall endpoint protection software and agent laptops and workstations centrally.
  • Be able to detect and patch third party products' vulnerability as we use Microsoft System Center which finds vulnerabilities only for its products.
  • Saved money on 3rd party application vulnerability scanners.
It is very difficult to get solutions from support if you are having a problem.

Do you think Kaspersky Endpoint Security delivers good value for the price?

Yes

Are you happy with Kaspersky Endpoint Security's feature set?

Yes

Did Kaspersky Endpoint Security live up to sales and marketing promises?

Yes

Did implementation of Kaspersky Endpoint Security go as expected?

Yes

Would you buy Kaspersky Endpoint Security again?

Yes

It is well suited for heuristic accuracy on detecting threats, immediate scans for removable devices, and has very good application control where you can set only approved software to run or totally ban USB storage devices and have an option to decide what to permit on USB, like banning storage USB devices and allowing USB keyboards.

Kaspersky Endpoint Security Feature Ratings

Anti-Exploit Technology
10
Endpoint Detection and Response (EDR)
10
Centralized Management
9
Hybrid Deployment Support
Not Rated
Infection Remediation
10
Vulnerability Management
9
Malware Detection
10

Using Kaspersky Endpoint Security

410 - All of the business employees have the software installed. They represent all functions of the business from the CEO to the driver.
3 - 
  • Networking skills.
  • Endpoint security fundamentals.
  • Patch management.
  • Basic security protocols e.g removable drives banned and known to be notorious in spreading malware etc.
  • Firewall basics.
  • Protection from security threats.
  • Detect and patch 3rd party software vulnerabilities like notorious Adobe Flash.
  • Control application usage. For example, users can only use approved software from the business, unapproved software is blocked and this reduces attack surface area where if everyone could install any application they want which could carry malware, ransomware, etc.
  • Use the product to augment Microsoft System Center Configuration Manager to patch products (non-Microsoft).
  • Easily control applications vs the Microsoft built-in Application Locker which can be complex.
  • Installation on virtual Servers as there is an improvement in terms of performance on newer Kaspersky Endpoint Security.
  • Better integration (we are using Kaspersky Endpoint Protection 10.x) with Cisco ISE as there is a problem to automatically invoke automatic download of database updates. Upgrading to version 11 could provide better integration
The product is stable and accurate in detecting security threats. There are very few or no false positives in detecting security threats or unusual behavior and has very sharp heuristics. The product does the job very well including saving us money in getting 3rd party patch management tools as the business is already using Microsoft System Center Configuration Manager which is Microsoft product specific and the product patches these third party products e.g Adobe Flash Player

Evaluating Kaspersky Endpoint Security and Competitors

  • Price
  • Product Features
The product was affordable than other Endpoint security software looked at. The price was also a factor looking at features and the outstanding feature was patching and detecting vulnerabilities to 3rd party software which are non-Microsoft and saved us heaps of money in buying another product.
We should have evaluated the support model we chose. The support model (Standard Support instead of MSA Enterprise or Business) we have is not serving us well. It is difficult to get solutions quickly for issues and we are not happy with the service.

Kaspersky Endpoint Security Implementation

Make sure to provide awareness campaigns on changes that will be implemented and WHY the business is doing it and the benefits reaped. Benefits reaped is very important for the justification of why things have to change and emphasizing the importance of security. This will reduce user disgruntlement and total bitterness on use of their workstation or laptop
  • Third-party professional services
PC Net
Change management was a big part of the implementation and was well-handled - Users were now blocked from using some applications which were not approved (there was no control of what software can run initially although the users didn't have admin rights Help desk would help in installing any application the user felt they "needed") and caused a bit of an uproar and managed to do security awareness campaigns in the danger of not controlling applications. Regular Information Security Awareness Campaigns e.g using computer wallpaper, regular workshops with users
  • Uproar from users who were now blocked from using software that was now not approved as the business was now putting controls of what software can be used and this includes total ban on removable storage devices and Bluetooth
  • User disgruntlement as they were not in control of what is in their workstations and laptops anymore

Kaspersky Endpoint Security Support

ProsCons
Quick Resolution
Support understands my problem
Poor followup
Less knowledgeable
Problems left unsolved
Not kept informed
Escalation required
Difficult to get immediate help
Support doesn't seem to care
Slow Initial Response
Yes - We have the standard support which is not serving us very well. Planning during renewal to get MSA Enterprise or Business.
I haven't experienced very good support from them, unfortunately.

Using Kaspersky Endpoint Security

ProsCons
Like to use
Easy to use
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
Familiar
None
  • Making sure only approved software is used in the business
  • Detecting and patching 3rd party software (non-Microsoft) for the business for no additional cost
  • Agents hardly have issues on laptops and workstations
  • Installation of two components ie. agent and endpoint security software
  • Not integrated (we are using Endpoint Security 10.x) properly with posture check (requirements: Kaspersky Endpoint Security Installed and Database files have to be <7 days old) when you have Cisco ISE in the network to allow compliant machines access to the network and non complaint denied access and put on Remediation network, the software does not automatically download updates.
  • Computer discovery can be incorrect if you use it for computer inventory especially on a computer domain
The integration with a known solution is not good (Cisco ISE), product (10.x) does not automate remediation, however security is great and detects security threats with accuracy including heuristics, very few or no false positives

Comments

More Reviews of Kaspersky Endpoint Security