KASPERSKY TOTAL SECURITY FOR BUSINESS
OUR FINAL SECURITY AND SYSTEM MANAGEMENT SOLUTION
- Protects against known, unknown, and advanced threats
- Protects laptops, desktops, servers and mobile devices
- Identifies vulnerabilities and distributes patches
- Provides extended system management capabilities
- Protects web gateway, e-mail and collaboration
First-rate security for complex IT environments including laptops, desktops, file servers, mobile devices and BYODs, web gateways, email systems and collaboration systems, in conjunction with extended system management functionality
- Protection of Windows, Linux and Mac-
Offering multi-layer security
Our latest antimalware engine combines signature-based security, heuristic and behavioral analysis, and cloud-assisted technologies to protect your enterprise against known, unknown, and advanced threats. It can defend any combination of desktops and Mac, Linux and Windows laptops.
Security update more efficiently
Because cybercriminals are continually launching new and more complex malware, we provide database updates much more frequently than any other security vendor. In addition, we use a number of advanced security technologies to ensure that we provide significantly improved detection rates by reducing the size of updates so that a larger portion of the broadband for communication is available for other tasks.
Protection against advanced and unknown threats
When a new item malware item is revealed to the world, there is a high risk period. To provide zero-hour protection against these threats, Kaspersky Lab's technologies and threat intelligence are constantly evolving to ensure that your organization is protected from new threats, even the most sophisticated ones.
Detection of suspicious behavior
Whenever an application boots into your corporate network, the System Inspector module monitors its behavior. If suspicious behavior is detected, System Inspector will automatically block the application. In addition, because the System Inspector maintains a dynamic registry of the operating system, registry, etc., it automatically reverses the malicious actions that the malware implemented before it was blocked.
Protection against exploitation
Innovative AutomaticExploitPrevention (AEP) technology helps ensure that malware can not exploit the vulnerabilities of operating systems or applications running on the network. AEP specifically monitors target applications such as Adobe Reader, Internet Explorer, Microsoft Office, Java and many others to provide an extra layer of protection and security monitoring against unknown threats.
Application control and connectivity
For some applications, even though applications may not be classified as malicious, their activities may be considered high-risk. In many cases, it is advisable that these activities be restricted. The Host-BasedIntrusionPrevention System (HIPS) restricts activities at the endpoint, according to the "trust level" assigned to the application. HIPS works in conjunction with the application-level personal firewall, which restricts network activity.
Network Attack Blocking
Network AttackBlocker technology detects and monitors suspicious activity on your corporate network and allows you to preconfigure how systems respond if suspicious behavior is encountered.
Using cloud power for even better security
With millions of users letting the cloud-based Kaspersky Security Network (KSN) receive data on suspicious behavior on their computers, your company may benefit from improved protection against the latest malware. This real-time data stream ensures your customers can benefit from a rapid response to new attacks and help reduce the incidence of "false positives."
* Not all features are available on all platforms.
- Protection of file servers-
Protection of heterogeneous environments
Our award-winning security protects file servers running Windows, Linux or FreeBSD. Optimized verification processes help ensure a minimal impact on the performance of your servers. In addition to protecting cluster servers, we also protect Microsoft and Citrix terminal servers.
Reliable protection guarantee
In the event that one of your file servers fails, the security technologies will be automatically restarted as soon as the file server is restarted.
Increased management capacity
Every minute spent on administration and reporting could be devoted to strategically important activities. That's why we provide a centralized console that lets you manage security across endpoints (file servers, workstations, and mobile devices) and makes it easy to generate detailed reports.
- Increased security and extension of systems management-
Elimination of known vulnerabilities
Our technologies scan the entire network to identify vulnerabilities that result from uncorrected applications or operating systems. Detected vulnerabilities can be automatically prioritized, and patches and updates can be automatically distributed. Because we distribute new fixes faster than several other fix solutions, we help you eliminate vulnerabilities in a shorter period.
Managing your hardware and software assets
All devices and software on the network are automatically discovered and recorded in a hardware inventory and software inventory. Hardware inventory includes detailed information about each device, and software inventory helps you control the use of software and block unauthorized applications.
Even guest devices displayed on your network can be automatically discovered and given access privileges without compromising the security of your systems and corporate data.
Application distribution optimization
You can deploy software under your command or schedule it for after-hours. For some installers, you can specify additional parameters to customize the software package to be installed. Using secure and remote connections to any desktop or client computer helps you solve problems quickly, and an authorization mechanism prevents unauthorized remote access. For traceability, all activities during a remote access session are logged.
Automation and optimization of OS deployment
Our technologies automate and centralize the creation, storage and cloning of protected system images. The images are kept in a special inventory, ready to be accessed during implementation. The implementation of images on client workstations can be done with PXE servers (PreebooteXecutionEnvironment), which were used before in the network, or with the use of our own resources. Using Wake-on-LAN signals allows you to automatically distribute the images after hours. UEFI support is also included.
Traffic Reduction - Remote Distribution
If you need to distribute software or fixes to a remote office, a local workstation can act as the upgrade agent for the entire remote office to reduce levels of network traffic.
Integration with SIEM systems
Because security information and event management systems (SIEM) can play a vital role in helping large enterprises monitor in real-time, we have included integration with two of the best-known SIEM products - HP ArcSight and IBM QRadar.
- Mobile device protection - Android, iOS and Windows Phone * -
Robust mobile security
Combining the industry's most advanced technologies, we offer protection against the latest mobile threats. Antiphishing offers protection against websites that attempt to steal information or identity details, and antispam helps filter out unwanted text and calls.
Flexible control tools allow you to block the execution of unauthorized applications and access to dangerous websites. Incident tracking and blocking are detected automatically, and the devices are blocked.
Separation of corporate and personal data
Our "application packaging" technology allows you to configure special containers on each device. Enterprise applications are stored in the containers - completely separate from the user's personal data. You can apply encryption to all containerized data and prevent data from being copied and pasted out of the container. In addition, you can request additional user authorization before the container applications are allowed to run.
If an employee leaves the company, the remotely operated selective Cleanup feature will allow deletion of the corporate container, without excluding the settings and personal data of the device owner.
Support for common MDM platforms
With improved mobile device management (MDM) capabilities, it makes it easy to apply group or individual MDM policies to Microsoft Exchange ActiveSync and iOS MDM devices through a single interface. Support for Samsung KNOX allows you to manage various configurations of Samsung devices.
Lock, clean and locate missing devices
Remotely operated security features help protect enterprise data on the missing devices. Administrators and users can lock the device, delete business data, and identify their location. If a thief changes the SIM card, the Chip Check feature will send the new phone number so that you can still perform the anti-theft features. Support for Google Cloud Messaging (GCM) helps ensure that users are productive during working hours - and their 'data in motion' policies are complied with - Device Control also allows you to specify the times during which specific controls are applied. The Android phones receive hands-free commits.
Self-service portal
The Self-Service Portal makes it easy to activate personal mobile devices on the corporate network. In addition, the portal gives users remote access to key anti-theft features so users can quickly respond to the loss of a device and reduce the risk of data loss without overloading administrators.
Reducing overhead on IT administrators
A single centralized console enables you to manage mobile devices (and their security) and makes it easy to enforce consistent policies across different mobile platforms. In addition, the Web Console enables you to manage your mobile devices and their security, as well as the security of other endpoints, from anywhere you can be online.
* Some features are not available for some of the supported mobile platforms.
- Control of applications, devices and Internet access-
Dynamic White Stripes - to complement security
Application Control is the most comprehensive implementation in the industry. We are the only security vendor that has invested in the creation of its own Whitelist Lab, which verifies application security risks. Our whitelisted application database contains more than 1.3 billion unique files and is growing by more than 1 million files per day. Application Control and Dynamic White Stripes make it easy to run a Default Deny policy that blocks all applications unless they are on your whitelist.
If you are looking to introduce or update a Default Deny policy, the new test mode will allow you to configure the policy in a test environment so that you can verify that the policy is set up correctly before it "goes live."
Disabling connection of unauthorized devices
Device control tools make it easy to manage devices that are allowed to access your corporate network. You can configure controls based on the time of day, geographic location, or device type. You can also align controls with Active Directory - for granular administration and policy assignment. Administrators can also use masks in creating device control rules so that multiple devices can be easily included in white lists for use.
Monitoring and control of Internet access
Web Control tools allow you to configure Internet access policies and monitor Internet usage. It is easy to prohibit, limit, allow or audit users' activities on individual sites or categories of sites, such as gaming, betting or social networking sites. Geolocation and time of day controls can be aligned with Active Directory - to help with administration and policy definition.
- How to protect your corporate email and prevent data leakage-
Multi-platform protection
With support for multiple email servers - including Microsoft Exchange, IBM Lotus Notes / Domino, Sendmail, qmail, Postfix, Exim and CommuniGate Pro - our email server security technologies protect email traffic and Groupware servers against malware and spam. Kaspersky Total Security for Business can also be used to configure a dedicated email gateway.
Spam filtering
Effective spam filtering can help your business increase efficiency and productivity. Our intelligent spam filtering technology helps to avoid receiving spam messages that cause distraction in the user's inbox. It achieves a very low false positive rate and reduces traffic on the corporate network.
Complexity management
Easy-to-use tools simplify management of email server security, including:
Frequent automatic updates ensure the latest protections against spam and malware.
Helps in preserving performance
With enhanced scanning and the option to exclude specific items from a scan, our email server protection also supports the load balancing of server resources. This means that you benefit from highly effective protection without any significant performance impact.
Increase data protection and compliance
Our technologies analyze the content of outgoing emails and automatically block messages and attachments that contain corporate data or confidential information about employees. In addition to searching for words in our pre-installed glossaries or in the administrator's custom glossary, we also look for structured data. *
* Data loss protection features are only available for Microsoft Exchange servers and are licensed separately.
- Protection of Web-
Traffic protection
Our security technologies provide protection for traffic flow through the most popular Windows-based and Linux-based gateways, automatically removing malicious and dangerous programs that appear in HTTP (S), FTP, SMTP, and POP3 traffic. With frequent updates, Kaspersky Total Security for Business helps protect against known and unknown threats.
Email protection
Kaspersky Security for Business can protect the flow of corporate messages in Microsoft Forefront TMG or Microsoft ISA Server.
Offering high detection rates
With intelligent and optimized scanning, in addition to load balancing, Kaspersky Total Security for Business offers high detection rates without any significant impact on system performance.
Improved management capacity
Easy-to-use anti-malware protection and file and content filtering allow you to centrally manage the protection of a complete Microsoft SharePoint server farm - from a single console.
- How to protect collaboration and prevent data leakage-
Protection of SharePoint environments
Text
Easy-to-use security and file and content filtering enable you to centrally manage the protection of a complete Microsoft SharePoint farm server - from a single console. Our protection technologies minimally affect the performance of your systems.
Help to optimize storage
Text
To help you make more efficient use of your data storage, our file filtering technologies help you eliminate unnecessary file storage, making it easy to enforce your document storage policies. You can create lists with extensions and forbidden file names, and we also provide pre-defined file type profiles that let you implement music, video, executable files, and more quickly.
Text
By looking at the actual file formats regardless of the file extension name, our technology ensures that the security policies will not be violated by files that prevent the use of a prohibited file extension.
Provision of flexible content filtering
When you scan all documents against banned content lists - including explicit words / phrases and offensive language usage - content filtering helps you control and assign internal collaboration policies. With pre-installed dictionaries / categories - and the ability to create your own list of banned words and phrases - it's easy to set up content filtering, which is tailored to your requirements.
Provision of real-time status information
Our dashboard provides real-time access to real-time data, including IT security status, database version, and license status for all protected servers. In addition, Kaspersky Total Security for Business makes it easy to report on events and security status.
Increases data protection and compliance
Kaspersky Total Security for Business analyzes the content of documents stored in Microsoft SharePoint Server and automatically logs and blocks anyone who has identified sensitive business data or sensitive information. In addition to searching for words in pre-installed glossaries or in the administrator's custom glossary, it also looks for structured data. *
* Data loss protection features are licensed separately.
- Centralization of management-
Enabling you to control all functions from a console
Kaspersky Security for Business includes Kaspersky Security Center, a single, unified management console that provides visibility and control of all the Kaspersky Lab endpoint security technologies you are running. Kaspersky Security Center lets you manage the security of your mobile devices, laptops, desktops, file servers, virtual machines and more with the convenience of a single-pane console.