Item: Kaspersky EDR Optimum
Rating: 7
Author: Verified User

Use Cases and Deployment Scope

Kaspersky was our corporate antivirus. As far as we did not want to take any risks, we wanted a powerfull one. No doubt, Kaspersky is a great product, it works fine, although it needs some tunning for some applications, as many other antivirus products. However, we managed to get it working smoothly

Pros and Cons

Prevention
Self-update client
AD integration

Console (not cloud version)
Resource management
Remote connection

Most Important Features

Prevention
EDR capabilities
AD integration

Return on Investment

Threat visibility
Easy management
Great support

Ease of Use

As far as I could see (year ago more or less), detection was great. However, I am not sure that analyzing or automating threat response was so easy. Many times the detection name was... a little bit extrange, some kind of "default" detection or name. Also as I have tested other products, I have find automation much easier

Performance

Performance was fine, but not great. As said before, some users complained about resource consumption.
On the administration and reporting side, although the console was a little bit "old-fashioned", it loaded mostly quickly, and reports were generated mostly fast, so no complains on that side.
As we managed Kaspersky since version 10, using Kaspersky EDR Optimum was really easy to use and understand.

Alternatives Considered

Sophos Intercept X, CrowdStrike Falcon and Trend Micro Apex One

I do not currently use Kaspersky any more (it was a business decision, not a technical one). However, having the knowledge now, I believe it would not be the winner.
However, it will be definetly above Trend Micro (for many reasons). However, it might be a balance between performance and price.

Key Insights

Do you think Kaspersky EDR Optimum delivers good value for the price?

Yes

Are you happy with Kaspersky EDR Optimum's feature set?

Yes

Did Kaspersky EDR Optimum live up to sales and marketing promises?

Yes

Did implementation of Kaspersky EDR Optimum go as expected?

Yes

Would you buy Kaspersky EDR Optimum again?

Yes

Other Software Used

CrowdStrike Falcon, Netskope CASB, Netskope Private Access

Likelihood to Recommend

I managed to get it working properly and with no issues in a mostly Windows Enviroment, both workstations and servers.
Some users, specially developers, complained about resource consumption, but I suppose that is the way it works. From my perspective, it worked pretty well for 99% of the users.
If you have some Russian concerns, maybe it's not the best option for you, although it's a great product

Users and Roles

5000 - The main function for the product is protecting the endpoint, as it was the antivirus and EDR on the hosts. We used to add another functionalities to it, as shadow IT management, vulnerability management, USB device control, some kind of web filtering when out of office (no proxy deployed), and so on.

Support Headcount Required

3 - In order to be able to manage the product, you should have at least minimum knowledge of the operating systems you're going to protect (for example, windows or linux), and some basic system administrator skills. The product is not hard to manage, as long as you have all your equipment organized, you can be as granular as you want on the configurations made.

Business Processes Supported

Endpoint Protection
Endpoint detect and response tool
USB device control

Innovative Uses

Web filtering (Out of Office)
Host firewall
Installed application inventory

Future Planned Uses

Maybe identity protection
Managed detection and response
Updates management

Likelihood to Renew

At the moment and unfortunately we'll not renew our licenses, due to the Russian conflict and the company policy that has forced us to get rid of any Russian related product. Before that incident, we were very happy with the product and we did not even think once about changing it... Maybe on the future...

Nice traditional AV evolved to EDR

Overall Satisfaction with Kaspersky EDR Optimum