Item: Kaspersky Endpoint Security
Rating: 9
Author: Karen Thompson

Use Cases and Deployment Scope

Kaspersky Endpoint Security is used by my organization across multiple sites. I am only responding to my site which has close to 1,000 employees. There are around 300 workstations and a few dozen servers protected by Kaspersky Endpoint Security at my site. It is used to protect our workstations and servers against malicious programs and attacks. it has other benefits such as reporting what software is installed on our systems, deploying software, and other monitoring. Our Kaspersky security center uses MS SQL Express and has no issues. We did not need to attach it to any full version of [the] SQL server.

Pros and Cons

Antivirus/malware protection
Software deployment

It could be easier to detect workstation name changes.
It automatically detects new systems and will even place them in organizational containers that you specify, but sometimes it doesn't pick up new systems.

Most Important Features

Security (virus and malware prevention)
Inventory/system information of the clients
Remote software deployment

Return on Investment

Inventory feature helps with answering audit questions easily
Reduces time with software deployment
Peace of mind - no viruses or malware after installing
Easily scan systems remotely

Alternatives Considered

VMware Carbon Black Cloud Endpoint Standard (formerly Cb Defense) and Bitdefender GravityZone

I've used the cloud version of CarbonBlack and Bitdefender. They both say they automatically scan files as soon as they appear on your computer. The user/administrator is left to trust that the technology works. With Bitdefender, it at least allows an on-demand scan, but it still never reports to the user if the file was clean. Kaspersky automatically scans and notifies the user that it has been scanned AND the results of the scan. In IT we know we can't always trust the technology to perform as designed. I NEED confirmation to feel at ease. Kaspersky makes it easy to run an on-demand scan of a workstation if there is suspicion of an infection. Another thing is that I have not [seen] in Bitdefender, and I know CarbonBlack does not provide inventory information for the administrators like Kasperky. Kaspersky gives detailed information about the systems it scan and lists every software installed. You can even filter and search for specific installations in your network through the Kaspersky Server Center (KSC). It helps know what licenses are used and where.

Key Insights

Do you think Kaspersky Endpoint Security delivers good value for the price?

Yes

Are you happy with Kaspersky Endpoint Security's feature set?

Yes

Did Kaspersky Endpoint Security live up to sales and marketing promises?

Yes

Did implementation of Kaspersky Endpoint Security go as expected?

Yes

Would you buy Kaspersky Endpoint Security again?

Yes

Other Software Used

WatchGuard Network Security, Ubiquiti Networks UniFi, GIMP

Likelihood to Recommend

I think Kaspersky is well suited for large and small companies. Larger companies can take advantage of the KSC (Kaspersky Security Center) servers to help manage a large network. The KSC has many good features to help monitor the health of the organization. It does a good job with updating and deploying remotely. It has inventory features, and can even deploy non-Kaspersky software packages uploaded to the center. KSC can become a source of good information about [your] network that can be seen at a glance. IT departments are normally smaller than they need to be. KSC helps with larger and smaller companies because of this. A small company would appreciate the amount of information and management that can be done through KSC without needing extra help. If the company is small enough that they don't have servers on-site, there is a cloud version. I have not used that to know how it differs from the local KSC.

Users and Roles

300 - Kaspersky is deployed in North America. I would guess there are 10K+ users. My site has 1K employees but only 300 users. We are a manufacturing organization. Most of the users are administrative, but Kaspersky is deployed on the systems on the manufacturing lines as well.

Support Headcount Required

2 - Two IT members. One administers the server. This one installs and updates the central server software. This member sets up the schedules for updates, scans, etc. The initial systems settings are implemented by the server administrator. The other member does the deployment. This one ensures all workstations are protected and monitors the health of the overall network.

Business Processes Supported

Effectiveness - 0 infections over several years
Cost
Ease of administering

Innovative Uses

Inventory information (software and hardware recorded during scans). We're required to do many audits and answer many questions about the devices on our network. The central server is a [lifesaver] with that.
Deploying non-Kaspersky software by creating install packages in the administration server.
Sending messages to workstations through the administration server. You can send messages that pop up on the user's screens if there is something that needs to be communicated quickly. When you deploy updates, you can have it say that they need to restart, and give details.

Likelihood to Renew

The reason we buy antivirus is to protect from viruses and malware. We have not had any infections in years. I like using this product better than others I've used and it is cost-effective.

Scalability

You can create groups and create different policies for each group. You can customize many parts of the software before it is deployed. You can create different tasks and schedules based on the groups. It is customizable.

Reliability and Availability

I've used the on-premise server. I've only experienced one time that we couldn't open the console, and that was a server issue. It seems to be a dependable solution. It's there, and it's stable.

Performance

Users don't notice any slowdown with the antivirus running on their systems. There have been issues when the systems have missed a scheduled scan, and it was checked to run at [a] first available time, they will start a full scan at startup. This has caused some lag. Normally there are also some issues with the workstation, but it is something to note.

Upgrade Process

Yes - I've never had issues upgrading Kaspersky. It automatically pulls in any settings and even packages created with the previous version. Deploying updates to workstations is easy. It's basically a click of a button and the workstations upgrade as well. You can send out messages to the users if needed through the application.

Upgrade Benefits

Better security, I'm not aware of any drastic changes with the updates.

Kaspersky - my choice for protection

Overall Satisfaction with Kaspersky Endpoint Security