Kaspersky optimum security

Optimum Security

The optimal combination of tools and technologies for building a security system in companies with a small information security department. The solution provides automatic detection and prompt response to hidden threats and reflects the principles of Kaspersky Lab’s stepwise approach to building a cybersecurity strategy.

Technologies of the Kaspersky Optimum Security level provide information security specialists with tools for automated detection and elimination of threats that try to bypass workplace protection.

The level includes basic EDR-class technologies to save resources and independently counter hidden threats, provide detailed information about incidents and advanced security management capabilities.

Kaspersky Optimum Security assumes that information security specialists have threat intelligence skills and can, for example, conduct their own root cause analysis of an incident and investigate potentially dangerous objects using the Kaspersky Threat Intelligence portal. However, Kaspersky Lab’s experts can always assist in an investigation or make detailed recommendations on how to respond to threats within the Kaspersky Managed Detection and Response service.

Basic EDR tools

Basic EDR-class tools complement traditional workplace protection by providing an improved overview of what is happening in the infrastructure and the ability to conduct a simplified root-cause analysis of the incident. As a result, your specialists have the necessary information to understand the cause of the attack and respond accurately to it.

Analysis of objects in the sandbox

Sandbox automatically protects your systems from evasive threats that try to bypass your defenses. Built on dynamic threat emulation technology, Kaspersky Lab’s sandbox launches potentially malicious objects in an isolated environment and has built-in automated responses so your teams don’t have to constantly review incidents manually.

Robust endpoint protection

Advanced protection and flexible control tools that keep workstations and servers secure. Thanks to the cloud-based security network — Kaspersky Security Network — information about malicious objects is distributed around the world in a matter of seconds, which allows you to automatically prevent new attacks.

There are more and more threats that can bypass protection. Implementing Kaspersky Optimum Security will help you detect hidden threats and respond to them in one click.

Kaspersky for Business Standard
Business is changing and going digital, so it’s important to keep every server, laptop, and mobile device secure. A next-generation solution with a single management console will help you reliably protect all workplaces of your organization from cyber threats.
Kaspersky for Business Advanced
This Solution contains a large number of features that enhance security and simplify protection management. Built-in encryption, patch management, centralized deployment of operating systems and software, these tools and more, combined with next-generation security technologies, enable your organization to effectively respond to threats and grow your business despite the ever-increasing number of workplace threats.
Kaspersky Total Security for Business
A solution for large companies that care about the security of not only end devices and servers, but also other nodes of the corporate network. Includes all the features and benefits of the Kaspersky Endpoint Security for Business Advanced level, and also provides protection for mail servers, Internet gateways, and collaboration platforms.

The optimal combination of tools and technologies for building a security system in companies with a small information security department. The solution provides automatic detection and prompt response to hidden threats.
Kaspersky Optimum Security
The optimal combination of tools and technologies for building a security system in companies with a small information security department. The solution provides automatic detection and prompt response to hidden threats and reflects the principles of Kaspersky Lab’s stepwise approach to building a cybersecurity strategy.

Reduce cybersecurity risks
Maintain business as usual with strong security that reduces the chance of successful cloaking attacks.
Eliminate the possibility of errors
Flexible control tools reduce the likelihood of errors on the part of employees.
Save resources
With automated protection and response, you save resources for your teams.

Technologies of the Kaspersky Optimum Security level provide information security specialists with tools for automated detection and elimination of threats that try to bypass workplace protection.
The level includes basic EDR-class technologies for saving resources and independently countering hidden threats, provides detailed information about incidents and advanced security management capabilities.
Kaspersky Optimum Security assumes that information security specialists have the skills of threat analysis and can, for example, conduct their own analysis of the root causes of an incident and investigate potentially dangerous objects using the Kaspersky Threat Intelligence portal. However, Kaspersky Lab’s experts can always assist in an investigation or make detailed recommendations on how to respond to threats within the Kaspersky Managed Detection and Response service.

Contents of the Kaspersky Optimum Security solution

Basic EDR tools
Core EDR tools complement traditional workplace protection by providing improved visibility into what is happening in the infrastructure and the ability to conduct a simplified root-cause analysis of an incident. As a result, your specialists have the necessary information to understand the cause of the attack and respond accurately to it.
Analyzing objects in a sandbox
The sandbox automatically protects your systems from evasive threats that try to bypass your defenses. Built on dynamic threat emulation technology, Kaspersky Lab’s sandbox launches potentially malicious objects in an isolated environment and has built-in automated responses so your teams don’t have to constantly review incidents manually.
Robust endpoint protection
Advanced protection and flexible control tools that ensure the security of workstations and servers. Thanks to the cloud-based security network — Kaspersky Security Network — information about malicious objects is distributed around the world in a matter of seconds, which allows you to automatically prevent new attacks.

24/7 technical support
Extended technical support, which can be included in a license of any level of Kaspersky Security for Business, will help your company respond faster to incidents and receive priority responses from technical specialists.

Transition to the online store of Datasystems — the official Supplier of Kaspersky Lab in the Russian Federation.

Time to read

The creators of such services not only offer their customers a convenient tool management console for unauthorized intrusion into someone else’s IT infrastructure, but are also always ready to provide technical support if the user of the service «gets confused in the pedals.» This practice has made the threshold for using sophisticated targeted attacks minimal, with attackers typically targeting those who have something to take from. And this, of course, is primarily a company.

EDR class solutions

A flurry of targeted attacks has led to the emergence of a special type of information security tools called EDR (Endpoint Detection and Response). EDR activity is aimed at protecting the end nodes of the corporate network, which most often become the entrance gates of an attack. The main tasks of EDR are to detect signs of an intrusion, generate an automatic response to an attack, enable specialists to quickly determine the scale of the threat and its source, and collect data for subsequent investigation of the incident.

The functionality of EDR is based on the ability of this type of software to conduct detailed event analysis and proactive search for threats, automate repetitive daily protection tasks, and centrally collect endpoint monitoring data. All this helps to increase the productivity of information security specialists working, for example, in the SOC (Security operations center) of a large company.

Kaspersky Endpoint Detection and Response

A few years ago, Kaspersky Lab entered the EDR market with its own Kaspersky Endpoint Detection and Response (KEDR) solution, which has earned itself a good reputation in the eyes of industry experts. Companies that seriously care about information security usually use KEDR as part of an integrated solution that includes KEDR itself, the Kaspersky Anti Targeted Attack (KATA) platform, and the Managed Detection and Response (MDR) service.

Such a combination allows cybersecurity specialists to effectively counter the most advanced and advanced types of modern attacks. As a rule, such solutions are resorted to by Enterprise-level organizations that have their own SOC or at least a separate small security department. The cost of the required licenses for software and services is quite high, but if we are talking, for example, about a national bank, then the potential risks greatly exceed the costs of providing information security.

Optimal EDR for medium business

Often, mid-sized companies cannot afford to maintain their own SOC or keep several specialized specialists on staff. However, they are of course also interested in the opportunities offered by EDR solutions. Especially for such clients, Kaspersky Lab has recently released the product «Kaspersky EDR for Business OPTIMAL».

In just six months, this product has gained well-deserved popularity. It is part of the so-called. «Optimal IT Security Framework», developed by the vendor specifically for customers who cannot afford expensive specialized programs to deal with complex cyber attacks.

In addition to the aforementioned “Kaspersky EDR for Business OPTIMAL”, which includes EPP (Endpoint Protection Platform) class technologies and basic EDR technologies, the framework also includes the Kaspersky Sandbox tool and the Kaspersky MDR Optimum service.

Here are the key features of Kaspersky EDR for Business OPTIMAL. Its main function is to monitor end devices, detect emerging threats and collect information about them.

For each detected incident, an attack development graph is compiled, supplemented with information about the device and the activity of its operating system. To search for threats or traces of previous attacks, the product may use indicators of compromise (IoC) identified during the course of the investigation or downloaded from external sources.

The reaction of defense mechanisms to a detected threat can be configured based on the nature of the attack: isolating network hosts, quarantining or deleting infected file system objects, blocking or prohibiting the launch of certain processes in the operating system, etc.

The functionality of the product can be significantly expanded thanks to integration tools with other Kaspersky Lab products — the Kaspersky Security Network cloud service, the Kaspersky Threat Intelligence Portal information system, and the Kaspersky Threats database. These technologies and services are included in the license price (KSN) or are provided free of charge (OpenTIP, Kaspersky Threats).

Architecture and deployment

Deployment of Kaspersky EDR for Business OPTIMAL on a corporate network does not require large computing resources. All end devices must have Kaspersky Endpoint Security installed with the Endpoint Agent component enabled, compatible with any Windows operating system, starting with Windows 7 SP1/Windows Server 2008 R2 and occupying no more than 2 GB of disk space. For its full operation, a single-core processor with a clock frequency of 1.4 GHz and 1 GB (x86), 2 GB (x64) of RAM is enough.

Slightly higher system requirements for the computer from which the solution will be managed. This is a local Kaspersky Security Center server equipped with an administration console, but you can also use the Kaspersky Security Center Cloud Console cloud service. In both cases, product management is accessed through a web browser. To operate the local server of Kaspersky Security Center, you will need access to the Microsoft SQL Server or MySQL DBMS.

Kaspersky Security Center is deployed using the installation wizard and does not take much time. During installation, a folder is created to store installation packages and updates, and the administration server is configured.

Альтернативным способом распространения Kaspersky Endpoint Security с включенным компонентом Endpoint Agent по сети может быть использование групповых политик Windows.
С выходом «Kaspersky EDR для бизнеса ОПТИМАЛЬНЫЙ» компании получили возможность использовать современные инструменты обнаружения и реагирования на угрозы без необходимости инвестирования в собственную службу ИБ.

Решение вполне может обслуживаться силами системных администраторов заказчика, для повышения квалификации которых «Лаборатория Касперского» подготовила соответствующие тренинги.

More Visibility
More Power
More Control

Didn’t think you were EDR ready. Well you are now

Kaspersky Optimum Security lets you upgrade protection against new, unknown and evasive threats, through effective threat detection and response and 24/7 security monitoring, without prohibitive costs or complexity.

Enhance your protection

If you’re committed to a cloud-first strategy, get cloud-enabled, EDR-class security, all under the control of a single cloud-enabled console

Unified product suite

Secure your business exactly how you want to. Get award-winning protection that best fits your needs with our unified, cutting-edge product suite

If you want in-house EDR and/or need to offload key security tasks like 24/7 managed threat hunting and guided response, we’ve got you covered

Threat landscape is changing

Cybercriminals’ tactics are evolving. Costs of attacks are reducing. Remote working is making corporate perimeters harder to defend.

Upgrade your defenses

Your endpoint protection platform (EPP) protects your business against commodity threats. But you also need to protect against new, unknown and evasive attacks that can bypass the EPP.

Keep security efficient

Minimize risk by supplementing EPP with fast, scalable, turnkey endpoint detection and response (EDR). Automate routine tasks while avoiding additional overheads on your IT security resources.

End the tyranny of your ‘to do’ list

Reduce complexity by managing key cybersecurity components from a single cloud-enabled console, and extend advanced workload protection across your on-premises, cloud and hybrid infrastructure.

Kaspersky EDR Optimum

Prevent business disruption and damage through enhanced threat visibility and visualization, simplified root cause analysis, quick automated response, and automation of routine tasks.

Kaspersky scores highly across all product capabilities for EDR solutions in Gartner Peer Insights, with an overall score of 4.9 across all reviews, as of 12th January, 2021.

Kaspersky Endpoint Security for Business

Kaspersky Optimum Security is built on a solid foundation with adaptive endpoint security including server hardening to enhance high-performance protection, plus application, web and device controls to prevent corporate data theft.

Kaspersky has been recognized by Gartner with a Customers’ Choice in the Endpoint Protection Platforms market with a rating of (4.8/5) in the last 12 months as of 7th December, 2020 & based on 477 reviews.

Kaspersky MDR Optimum

Offload key tasks like detection, guided response and managed threat hunting, and get round-the-clock protection from threats that can otherwise bypass automated security barriers.

Further enhance your cybersecurity

Enrich your investigations by checking suspicious files, file hashes, IP and web addresses, to validate and prioritize associated security alerts and ensure timely threat response.

Kaspersky Sandbox

Counter evasive threats that stay dormant in the presence of your EPP, but which are activated once a host becomes vulnerable, by automatically analyzing them in a controlled, isolated environment.

Kaspersky Security Awareness

Address gaps in cybersecurity awareness and transform employee behaviors.

Kaspersky is the highest rated among all vendors in the Security Awareness Computer-Based Training market with a rating of 5.0/5.0 in the 12 months to 20th October 2020.*

Kaspersky Hybrid Cloud Security

Seamless, integrated endpoint protection securing physical, virtualized workloads and containers — on-premise, in a data center or in a public cloud (including AWS, Azure and GCP).

Kaspersky Professional Services

Maximize your return by engaging with experts who understand exactly how you can optimize your investment to meet the unique needs of your organization.

The global cybersecurity talent shortage has meant that for many organizations, EDR-class security has been beyond their reach.
But not anymore.

Choose automated in-house EDR and/or managed EDR-class defense and get all the protection you need, without additional
IT security resources.

A buyer’s guide to optimum level of security

Tested. Trusted. Proven. Awarded

“We needed to deploy a first-class security solution to match our first-class business– and that’s what we have with Kaspersky.”

Gökhan Zengin,
IT Manager, Collezione