It’s been little more than a year since the release of the previous version of our corporate product (Endpoint Security 8), but we’ve already rolled out a new (need I say it – much improved) one. Yesterday, as per tradition in New York, we had our global launch of Kaspersky Endpoint Security for Business (KESB) – a nifty bit of software kit in which all sorts of new stuff comes together – from a flock of new functionality to a new name and a new product line.
This post gives you a peak at all these newbie bits and bobs featured in KESB. But first, as a bit of background to make all the new stuff a little easier to get your head round (I hope), let me give you a historic overview what’s gone on in the past and which has brought us to this year’s culmination: KESB.
Sooo. In the beginning – there was antivirus. It’s hard to image now, but there was an AV-Stone Age when antivirus came as a stand-alone and often single file, which performed on-demand scanning of both the memory and hard drive in search of maliciousness. With time, naturally, AV adopted more and more advanced protection technologies, eventually turning into a multi-faceted “anti-everything” with many a bell and whistle featured as standard. This led to “modern antivirus” being able to not only detect and kill viruses, but also to protect against hacker attacks, spam, adult content, and all sorts of other malevolent malignancy on the net.
With this increased functionality the matter of how it should all be controlled became more and more relevant and important, which was only logical. Even in a just small organization all IT matters were general dealt with exclusively by system administrators – who besides security had to deal with a ton of other problems. Consequently, special admin consoles appeared via which the computer and/or security guy(s)/gal(s) could install, configure, update, and do a lot of other things with antivirus & Co. – all centrally.
Then, a few years ago two significant events occurred at once: First, the mobile revolution, which increased plenty-fold the headaches involved in protecting all the digital devices used for work purposes; and second, the world economic crisis, which forced companies (especially small and medium-sized ones) to cut costs – including IT and security ones. Thus, overly complex IT systems (= security enemy No. 1), which had grown organically in ad hoc ways, plus the world’s financial difficulties meant the industry was faced with a clear need to integrate antivirus with other fields – like security & Co.
Of course, from everyone’s point of view it’s much more convenient, simpler and cheaper to have a single product covering all the angles, or at least a single control console instead of a hodge-podge of consoles and security products.
A lot was talked about such single-ness for a long time, but nothing much came of it.
Some vendors tried to solve the problem by buying other companies (with the subsequent failure of technological and business integration). Beyond that, alas, the idea got no further. Enter KESB. It isn’t just another updated “more, faster, better” version; it’s a conceptually new corporate product – unique both in its degree of integration and manageability.
In addition to our core anti-malware competency and features found in the earlier incarnation of this product, in KESB there’s now the following:
- Mobile Device Management (datasheet) – for monitoring, managing and securing mobile devices, including remote configuration, security policies, application control, and even the ability to create a private corporate app store of authorized mobile applications;
- Cryptographic protection (datasheet) – for files, folders and discs (both local and removable) – fully transparent to the user;
- Systems Management (datasheet)- lots of useful knickknacks for the overall management of a corporate network, including remote OS installation and configuration, hardware/software inventorization and license management, vulnerability scanning, patch management, and NAC;
- Much improved Application Control, supporting Default Deny (datasheet). Here a lot of new features have been added, including proactive application conflict resolution, support for new categories of applications, multi-vector categorization, and a whitelist catalogue service, which allows admins to get info on applications directly from our cloud-based KSN database; and
- Automatic Exploit Prevention – already tried and tested and praised to the hilt in our home products. AEP incidentally was the tech that blocked the attack through the vulnerability used in operation Red October before the operation was uncovered. Neat.
What’s more, we did all the above by ourselves – with our own brainpower and hard work – without injections of brain from outside with its accompanying incompatibilities and other related problems. And naturally we’re very proud of this! But perhaps most importantly – it all works on Windows 8, and is all centrally managed from the Security Center – so no mish-mash of products and dozens of incompatible consoles! Nifty.
You’ve got the message by now: what we’ve got here is a really strong product, and on some points it’s got some industry firsts. Now, as any pioneer knows, being first can be a bit scary; but on the other hand, the feedback from testers has been real positive – reassuringly lowering the vanguard-fear.
In fact, all of the listed technologies are so eminently excellent that they’re all worthy of being discussed in much more detail. And that is indeed just what we’re gonna do on these here blog pages. Please expect separate posts on them all soon!…
Back to today…: What else is new in KESB? No less than a new product line!
This deserves talking about a bit more here:
Since the beginning of the 2000’s it somehow came about that we all of a sudden became the industry trendsetters in product marketing, in particular in creating new concepts for product lines. We were the first to introduce such categories as “anti-virus”, “anti-hacker”, and “anti-spam” and to combine them all into a single product. Around the same time we also customized our corporate products, enabling customers to choose the precise number of licenses as per their particular needs.
If my memory serves me correctly, our previous product line lasted a good six years. It was also unique: it allowed us to set our sniper-accuracy sights on different markets, comprised a superior technology mix, let us fine tune products according to the particular requirements of different segments, and was conveniently upgradable should a customer’s business grow. We offered not separate applications, but comprehensive overall protection of corporate networks at different levels (workstations, mail and web gateways, file server, etc.), and with time we steadily increased its tech-capabilities.
Still, no matter how nicely things were sitting with the previous product line, well, we couldn’t just rest on our laurels – that’s not how we do it at KL! No, we just had to get even better – and go for a new corporate product line… and – da-daaa! – here it is. For now, here’s what we have: four product versions, each of which features the following functionality:
In more detail, it looks like this:
Of course, to put the requirements of all different types and sizes of customers into a single product would be ignorant, foolish, insulting… even suicidal; therefore, we kept the traditional flexibility of the product line. For each version it’s possible to purchase additional modules (MDM, Systems Management, and targeted security solutions) and technologies.