Reviews

Kaspersky Endpoint Security for Business Select review

On-premises endpoint protection that’s top value and packed with features but complex to deploy

Price
£616
  • Well-priced; Excellent malware protection
  • Limited web policy controls; Deployment is tedious

SMBs that want their endpoint security solution right where they can see it will like Kaspersky's Endpoint Security for Business (ESB) as it runs on an on-premises host. The entry-point ESB Select on review offers anti-malware for Windows servers and workstations, OS X and Linux, adds web, device and application controls and tops it off with mobile security.

Installation starts with the ESB Security Center, which installed all prerequisites for us and was completed inside 40 minutes. This provides the central point of contact for all ESB functions and although the main console hasn't changed much over the years, it is easy to use and very informative.

For client deployment, the console scanned the lab network and displayed all Active Directory domains, workgroups and IP subnets. Each client requires the Network Agent and Endpoint Security components, which we deployed manually by selecting all our Windows 7, 10 and Server 2012 R2 test hosts from the unassigned devices view and pushing both of them out with a single job.

Agent deployment took 15 minutes per system, after which they were dropped into the default managed computer group. When the System Center is installed, it creates base security policies for this group so all our hosts were protected immediately.

Custom groups can be created for specific sets of clients and their settings are applied the moment a computer joins or is moved from another group. We could have groups with their own policies and create sub-groups which inherited settings from the top level.

ESB's policies control the client real-time virus scanner and provides separate options for scanning files, emails, IM and web traffic, where we could choose from three scan levels using a slider. Kaspersky includes a client firewall with customized access rules, a network attack blocker and a system watcher that monitors suspicious application behavior.

Endpoint controls are equally good as the same policies can be used to apply application usage rules. We needed to define application categories first and then we added these to our policies to allow or deny their use.

Policy web controls are very unimpressive as Kaspersky only provides 15 URL categories to block or allow. Even so, they worked fine during testing and rebuffed all our attempts to access games and gambling sites.

No user interaction is required in the event of a malware detection. When we introduced our test malware samples, the agent quietly went about its job in the background by cleaning, deleting or quarantining them.

Mobiles can be managed by loading the ActiveSync plug-in on your Exchange server or using Kaspersky's iOS MDM server module. Weak documentation made the latter complex to setup and it also relies on the iPhone Configuration Utility to set iOS profiles which, although still available for download, is no longer supported by Apple.

The System Center console provides views of all clients with coloured status icons and detailed statistics graphs for protection and vulnerability levels, virus activity and updates. Reporting is very detailed, with predefined ones included for viewing anything from users on infected computers to web browsing behavior, plus options to create custom reports.

Kaspersky includes a web console which provides remote browser access to the Security Center but its interface is very sparse. Running on the Apache web server, it provides basic views of managed computers and alerts as well as options to apply tasks and configure policies.

Kaspersky's ESB is worth considering for SMBs wary of extending their endpoint security management into the cloud. The range of features and copious documentation does complicate deployment but the Select version offers powerful on-site security and is also surprisingly good value.

This review originally appeared in PC Pro issue 273

Verdict

Kaspersky's ESB is worth considering for SMBs wary of extending their endpoint security management into the cloud. The range of features and copious documentation does complicate deployment but the Select version offers powerful on-site security and is also surprisingly good value.

Featured Resources

2021 Thales access management index: Global edition

The challenges of trusted access in a cloud-first world

Free download

Transforming higher education for the digital era

The future is yours

Free download

Building a cloud-native, hybrid-multi cloud infrastructure

Get ready for hybrid-multi cloud databases, AI, and machine learning workloads

Free download

The next biggest shopping destination is the cloud

Know why retail businesses must move to the cloud

Free Download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Cleaning up legacy IT to drag big tobacco into the future
digital transformation

Cleaning up legacy IT to drag big tobacco into the future

12 Oct 2021