Kaspersky Endpoint Security Cloud Plus - Review 2022

Since our terminal review, Kaspersky Endpoint Security Cloud (ESC) has significantly improved its UI and setup experience. It has consistently excelled at protecting systems, and now with the add-on of the EDR Preview, it's starting to get a more competitive endpoint protection solution—though only if you pay considerably more than than for the entry-level tier. That said, at that place seems to be some inexplicable lag in the threat and configuration parts of the awarding, which keep it behind our Editors' Pick winners in this space, Bitdefender GravityZone Ultra, F-Secure Elements, and Sophos Intercept X.

Kaspersky ESC Pricing and Plans

The base of operations tier of Kaspersky ESC starts at $202.50 per year for v users, though an introductory price of $150 was available for new customers at the time of this writing. Businesses looking for basic EDR protection, however, will need the more expensive ESC Plus tier, which goes for $325 per 5 users yearly (similarly discounted as of this writing, to $240). The Plus tier was the one we reviewed.

Kaspersky'south per-user pricing is advantageous considering a modern user is probable to have more than i device that needs protecting. Some competing vendors, including Editors' Choice winners Bitdefender and F-Secure, license their software per device.

Catering more to midsized businesses, in that location is also an ESC Select tier that costs $400 for 10 nodes yearly (discounted to $335). This looks similar to Plus but with additional functioning features on the endpoint side. The top tier is ESC Avant-garde. You lot'll pay $770 annually for every 10 nodes at this tier (discounted to $575), but it includes everything in the other tiers plus patch management, additional vulnerability scanning, and automation features, among other things.

Comparing these numbers to our other contenders puts Kaspersky at the higher terminate of toll per device, though it's still competitive. Our discounted Plus tier pricing breaks down to $48 per device per yr, which is a niggling more than Sophos only significantly less than Bitdefender. Then again, both of those products accept much deeper feature sets than ESC at those price points. To rival what our Editors' Choice winners offer, y'all'll demand to get for ESC Advanced, which breaks downward to $57.50 per device per twelvemonth, with the discount. That's more expensive than Sophos and roughly tied with Bitdefender, the latter of which still offers advantages that Kaspersky doesn't yet have.

If you desire to evaluate ESC yourself, y'all can download a free trial version from Kaspersky'due south website.

Getting Started With Kaspersky Endpoint Security Deject

Kaspersky ESC is primarily desktop-oriented, supporting both macOS and Windows. Nevertheless, it does offer mobile device management (MDM) features for iOS and Android. Android has better antivirus protection than iOS, though this is a limitation of iOS, rather than an oversight on Kaspersky's part.

Kaspersky ESC main dashboard

Later creating your business relationship and signing in, it takes a while for the workspace to set up. This was a slight annoyance, just the procedure only took around five minutes or and then. In one case yous're in the workspace, you're presented with several pages of agreements to have. Later that, you'll proceed to the principal entire interface, which has been entirely updated and remodeled.

The Getting Started tab appears beginning. This offers some quick links to add users, configure notifications, connect devices, and some other setup features. Unfortunately, while nosotros thought it would be nice to be able to default to the Monitoring tab instead, that'southward not possible.

The Monitoring tab has been completely redesigned, and virtually items on it are eligible for drill-down.

Kaspersky ESC device management

Also new in this version is the ability to add devices without creating a user commencement manually. Previous versions required you to create users offset, and while this is nonetheless recommended, adding devices without assigning them to users is a refreshing way to rapidly deploy the software to many machines. If yous practice decide to add users first, this is easily done from the Users screen. Just the power to bind users subsequently is a not bad compromise that shows how hard Kaspersky has been focusing on user experience.

The Event Log tab is where you'll notice the bulk of the actionable information. It quickly breaks downward any logged event into Critical, Functional Failure, Warning, Info, and All. Since none of the attempted attacks succeeded in our testing, it was difficult to properly test this section, only we institute information technology comparable to the overview dashboards in other products.

When threats were detected, there was a handy Endpoint Detection Response (EDR) Preview. While information technology doesn't take the full EDR capabilities that are available in the ESC Avant-garde tier and upwards, information technology does present a graphical view of the threat chain from start to finish. This is useful when attempting to trace where an attack originates, and it can help you place limits on activities that would upshot in re-infection. Our only complaint was that threats seem to show up for review inconsistently; sometimes they do, and sometimes they don't. There was too a considerable lag for any threat to bear witness in the cloud console, despite it being handled apace on the endpoint.

Kaspersky ESC profile management

Profiles and Reporting

Security profiles are one place where the simplicity of Kaspersky's new UI is graceful in its application. Virtually settings are a simple toggle. Where additional particular is required, such every bit with Device Control and Spider web Control, an Boosted Options button is quickly accessible to the right of the item. Furthermore, each operating system has its ain major heading, then at that place is no confusion about which features apply to which platform. In nearly instances, the default policy volition work just fine for new users, but y'all're too given a large degree of liberty to customize and tweak policies for your specific environment.

The Users tab is where both users and groups are managed. As with other endpoint protection products, you can assign security profiles to individual users or groups. This works well and doesn't require a lot of interpretation.

The quarantine manager is similarly like shooting fish in a barrel to use. Managing the quarantine is a simple matter of selecting the quarantined files and deleting or restoring them. You can also become some generic details about each threat, such as where it was detected, what blazon of threat it was, and what status the file was in. Some files may only be flagged as suspicious and y'all'll need to clear them manually, while others may be more obvious threats, in which case Kaspersky will clean them on the spot.

One matter that has improved significantly since earlier versions is the reporting module. It now offers existent reports that can be exported to PDF or CSV format. As well new is the ability to schedule upwards to 10 report deliveries. While this seems like a needlessly arbitrary number, x would be generous for most pocket-sized organizations. However, Kaspersky's reporting features are nevertheless fairly basic. The product includes some good reports on network attacks, current threats, vulnerabilities, and and then on, but ESET and Bitdefender, for instance, provide much more depth and detail than this.

Kaspersky ESC reporting overhaul

Threat Performance

Our standard endpoint testing suite always begins with an anti-phishing test. Kaspersky doesn't require a browser plugin for this, but we did need to ensure that Spider web Thread Protection was enabled in the security profile. For the test, nosotros pulled ten known phishing pages from PhishTank, a collection of suspected and verified phishing websites. Kaspersky detected and blocked all ten.

Nosotros next launched a browser-based assault against the system using Metasploit's AutoPwn 2 feature with a known vulnerable version of Chrome with the Java 1.vii runtime installed. None of the attacks succeeded, which is good, considering that whatsoever of them could take resulted in a remote shell exploit.

Kaspersky performed similarly well when we tried launching a version of Windows Calculator with a standard Meterpreter binary attached. The executable wasn't allowed to launch and Kaspersky removed it from the desktop. A prepare of Veil 3.0-encoded Meterpreter executables, including PowerShell, Auto-Information technology, Python, and Scarlet, all suffered a similar fate.

Finally, we cut our VM off from the network, extracted a set of known malware executables chosen TheZoo, and tried running them. Kaspersky'due south signature-based detection quarantined each of them earlier it could run, as information technology did with several versions of the CryptoLocker ransomware.

3rd-party testing underscores our own results. AV-Test awarded Kaspersky Endpoint Security Cloud Plus a 6 in its August of 2022 tests, which marks it every bit Outstanding. It blocked 100% of 0-day malware attacks in real-world testing using 303 samples, and it blocked 99.9% of widespread malware discovered in the four weeks prior to testing. That test used eighteen,402 samples.

Much-Improved And Easy to Manage

Kaspersky Endpoint Security Cloud has a height-notch detection engine that covers most major platforms. Information technology blocked every one of our attempts to compromise it, and information technology held up well in contained lab tests. And all the same, while it has made some improvements in its cloud console, information technology still has room to grow before information technology can match the feature sets of some of the more comprehensive solutions. We'd too like to run across it improve its inconsistent performance. Yet, forth with Avast Business Antivirus Pro Plus, it holds a solid place in the easy-to-manage crowd while all the same offering some more advanced features.