Kaspersky Endpoint Detection and Response Optimum Reviews

We internally use Kaspersky Endpoint Detection and Response Optimum, which is a highly recommended solution. We leverage it for our detection data box, particularly when working with Azure.

All the features work together to provide alerts and help evaluate potential issues related to the detected threats. It's difficult to single out one feature since they all contribute to creating a normal usage profile and detecting abnormal behavior within the business infrastructure. It's a comprehensive solution.

There are certainly some weaknesses. In terms of the product itself, the main weakness lies in the need for highly skilled personnel to operate it effectively. This is why I prefer to use Managed Detection and Response. 

The problem is that there are millions of people worldwide who lack the necessary security skills and resources to manage security issues. It's a specific challenge for each company. If you don't have your own Security Operations Center (SOC) and lack the complete set of competencies and skills to manage the hardware, using Managed Detection and Response instead of Endpoint Detection and Response allows you to delegate the high-scale layer to experts who will handle a part of the job. Then, you only need to decide whether to rely on their advice or not, which requires fewer skills. Therefore, the main weakness lies in the inherent complexity of the solution.

In future releases, I would like to see an eXDR layer for Kaspersky. It's something that is essential. 

I've been using it for more than a year now. We were one of the early adopters. We started using it fully internally about six or seven months ago for protection purposes.

When it comes to Kaspersky, it's not a simple yes or no answer. It depends on various factors. Kaspersky's concept allows you to work with different components to achieve a specific level of detection and response. You can integrate it with other consoles, which is missing in Azure. This includes analyzing the network and cloud. EDR focuses on endpoint information, but there are two crucial aspects missing: network security and cloud security. 

However, if you have EDR components and use QM, you can achieve a fully scalable solution. You can also integrate it with other products like a threat-hunting portal and link flows. In the future, there will be integration with Azure. Without incorporating Kaspersky Endpoint, it may not be completely scalable. So, to achieve full scalability, you'll need to integrate an XDR solution.

In our company, we have around 250 end users utilizing the MDR solutions for our external customers. It's quite a significant number.

Customer service and support are really good. We receive responses within hours. We have the option to contact the German or English-speaking team, which provides a good quality of service. 

Additionally, we can also reach out to the French support team without any issues. Most of the time, we receive prompt and helpful assistance, including detailed instructions to troubleshoot the problem effectively. 

The support is highly reliable compared to other providers like Sophos, which has the worst reputation. Personally, I would rate Kaspersky's support as excellent, although individual experiences may vary. The quality of support is crucial and Kaspersky delivers in this regard.

Positive

From a technical point of view, I don't see any reason why I need to prefer competitors over the solutions provided by Kaspersky at the moment.

The initial setup was easy. Once you have the advanced solution point protection from Kaspersky, you just need to set up the technology through the web console. It's a yearly business license that needs to be activated on the endpoint. We had no issues with that. It's a critical aspect for us, and the deployment process was straightforward.

We only have one full-time administrator managing the solution. Although we are three people who are capable of administering it, in reality, it's a full-time job that requires less than half an hour per day. This includes selling the project, checking alerts, and handling the EDR component. The setup is designed to be efficient.

The deployment took less than a day, and there were no specific prerequisites. I read the solution and the manual, asked some questions, and within eight hours, the deployment was complete. 

There was a main point of contact who assisted throughout the process. It went smoothly. However, if you start from scratch without any existing enterprise protection, it may require more guidance. 

Managing the endpoint protection feature is the main priority. If you're starting from scratch, it might take around a week to deploy the Kaspersky Security Center, which is a preconfigured web or MST component. After that, you'll need some skills to create a strategy and deploy it on the data points. 

Initially, it might seem challenging, but once you understand the basics and have the necessary knowledge about Kaspersky products and endpoint relations, you'll be able to handle it. I would estimate around forty hours for someone unfamiliar with the system to complete the deployment, which is quite impressive.

It's a yearly business license that needs to be activated on the endpoint. We had no issues with that. It's a critical aspect of the deployment. 

The pricing is totally reasonable. However, you need to consider the cost of the yearly solution and also the enterprise protection. Currently, you cannot use the NDR solution without the endpoint protection. But in terms of the product portfolio, the pricing is very fair. After the events surrounding the invasion of Ukraine, some of our customers asked us to explore alternative solutions because they didn't want to work with Russian products anymore. So we conducted comparisons based on pricing. In the best-case scenario, the prices of other solutions were two or three times higher than Kaspersky. To be honest, Kaspersky is significantly cheaper while maintaining high-quality solutions. It's a bit more challenging to compare only the EDR solution since there are considerable differences between different EDR solutions as well as endpoint protection. 

One crucial factor to consider is the quality of the threat center, and Kaspersky is widely recognized as one of the best threat intelligence providers globally. When choosing a security solution, the quality of the solution heavily relies on the expertise of the individuals working on-site to identify threats and assess their severity. 

I recently analyzed a few phishing attacks targeting iOS devices. The exploit patch was released in 2019, and Kaspersky's EDR played a vital role in identifying and mitigating the malware. No other security solution around the world was able to detect this iOS issue, despite the fact that it had been present since 2019. Kaspersky's EDR was the first to uncover the problem, which was later confirmed by the XDR network analysis component of their solution. This is a testament to the product's quality because no other vendors or iOS solutions managed to detect the issue. These are facts that speak for themselves and provide strong evidence of the product's superiority compared to others.

We offer a range of products, including Endpoint Protection, MDR, XDR, password manager, VPN clients, email protection, email gateway, Internet gateway, and Azure automation. 

In addition, we provide CITO and DITC services for IT crews.  Our main focus is on business customers, both final customers and managed direction. We prefer to provide them with the necessary expertise and knowledge since they may lack the resources to handle intense situations and make informed decisions.

The main advantage that competitors have over Kaspersky is that they are not limited by software versions. One issue I have with Kaspersky is that some customer requirements may involve sharing specific details with us, which can pose challenges in certain projects.  And that is one of the recent projects that may be a problem. The only advantage I see over other competitors is that. 

Overall, I would rate it around nine out of ten at the moment.

We use it to direct detected computer malware, analyze and diagnose the problems. We can also link it with the antivirus for malware and virus detection.

I mostly like how they capture particular files and submit them to other files, and they have the solution console. And for example, we are using the one in for

an application, like, on the RansomFree, if there are any vulnerabilities in patches coming, in the future, they fix these.

For improvement, they should make the scanning process faster. The scanning and updating take more time.

I have been using Kaspersky Endpoint Detection for six months. 

I would rate the stability of this solution nine out of ten. The customers use Endpoint Detection and Response Optimum as it is very stable.

The scalability of this solution is great, but Defender is better.

However, once one of our systems got affected by malware, updating and saving our site through Kaspersky helped us.

The technical support team is good. We had to create a ticket now. Once we created a ticket, and then we need to send the full consolidated part or the infection computer or infection assistant. Then they will find a solution.

Positive

The initial setup was straightforward. Since we were already familiar with the configuration and sector, we didn’t find the product setup difficult. The solution was deployed within fifteen minutes.

The deployment was done by a vendor team from the client side.

Kaspersky gives a consolidated price with a good solution. If we choose something else, we need to add other options on our own.

Yes, we used McAfee but it isn't listing anymore, so we switched to Kaspersky.

I rate the overall solution a nine out of ten.

People need a basic anti-malware solution, so they use Kaspersky Endpoint Detection and Response Optimum.

The encryption feature that allows you complete control of your device is what I found most valuable in Kaspersky Endpoint Detection and Response Optimum.

The encryption feature in most antivirus or IDS solutions doesn't come with complete device control. Kaspersky Endpoint Detection and Response Optimum allows you to encrypt the device while protecting the endpoint. You can select the vendors, too.

I'm a person who wants everything to communicate or integrate into a single pane of glass. This is a challenge with Kaspersky Endpoint Detection and Response Optimum because there's no basic segmentation. I propose implementing a firewall to start basic segmentation, and I like to integrate everything with the firewall. For example, I like my endpoint solution to talk with my firewall directly to exchange threat feeds and possible malware information. 

There needs to be a unified conversation between all of my products, such as the base products, next-generation firewall, endpoint protection, my net, and the analyzers, which all need to be in a single spot to talk to each other. I need a product that manages all the different products I'm using.

I've been using Fortinet for a long time, and I mainly like it because I can manage FortiGate, FortiSwitch, and EMS in FortiManager in a single pane of glass. I can even automate and script. I can do anything. You can't do this in Cisco and Kaspersky, though I know Cisco is trying to change that reality now. Cisco is trying to do it the way Fortinet does it. I'm more of a Forcepoint and Fortinet guy.

What I want to be added to Kaspersky Endpoint Detection and Response Optimum is a single pane of glass management, where everything is integrated into a single pane of glass.

I also want Kaspersky to have a firewall product because it only has EDR and antivirus solutions currently.

Companies I've worked for used and stuck to Kaspersky Endpoint Detection and Response Optimum for a long time, particularly for five or six years. However, it's not my personal preference.

I once spoke with the Kaspersky Endpoint Detection and Response Optimum technical support team while trying to keep the solution in the large bank I used to work for in Angola. Still, the support, including the feedback, wasn't very good then, so I went with Fortinet EMS.

Overall, compared to Fortinet, which had terrible support, the Kaspersky support team is excellent, so I'm rating it as nine.

Positive

Here in Angola, we have a lot of vendors offering Kaspersky Endpoint Detection and Response Optimum, and the solution is easy to purchase. The most solid security products here fall under Kaspersky, so we went with Kaspersky Endpoint Detection and Response Optimum, even though we have no local Kaspersky support in Angola.

There's no difficulty in setting up Kaspersky Endpoint Detection and Response Optimum. It's an easy setup.

I didn't watch how the solution was set up in the enterprise I'm in currently, but deployment time usually depends on the company size. The previous company I was in had three thousand users, so it took at least five to six days to fully deploy Kaspersky Endpoint Detection and Response Optimum.

Total deployment time also depends on your network topology, but for one company, it took three to five days because of some offline stations. Still, the solution was straightforward to deploy, and I have no complaints.

Kaspersky Endpoint Detection and Response Optimum is more affordable than the endpoint security product of Fortinet. Whether it's worth the money depends on your security strategy.

Whether you should use Kaspersky Endpoint Detection and Response Optimum depends on your security strategy. Suppose I were to base my advice on my security strategy. In that case, I'd tell you not to use Kaspersky Endpoint Detection and Response Optimum because I don't want to manage a standalone product.

Suppose Kaspersky Endpoint Detection and Response Optimum detected a threat that your next-generation firewall missed or is unaware of. In that case, the two products can't correlate nor talk to each other to exchange and compare findings. The result would be that you won't be able to determine or decide whether that's a real threat or a false positive; in that case, I would drop the product. I want my security baseline to be products that can speak the same language and interact with each other, which I have on Fortinet.

Kaspersky Endpoint Detection and Response Optimum is a good product, so I'm rating it eight out of ten. My security strategy doesn't match its vision, but I find it a good solution. Kaspersky Endpoint Detection and Response Optimum has its issues, but I want to be fair, so overall, it's an eight out of ten for me.

My current company is a Kaspersky customer.

Kaspersky Endpoint Detection and Response Optimum provide real-time monitoring and detection for different operating systems. It is compatible with Linux, and Mac can use the server. It offers real-time monitoring for antivirus, ransomware, and other intrusion attacks.

It also has EDR capabilities. I was initially looking for a solution with EDR, and I discovered that Kaspersky offers EDR, possibly through its EDR Optimum feature. We might consider acquiring this license or exploring other options like CrowdStrike or Clearix.

We find it particularly useful for enhancing the security of our endpoints and gaining real-time visibility and context during incidents. 

Additionally, it offers features like system hardening, vulnerability management, patch management, and device control, which are not present in other solutions.

So, from our perspective, it ticks all the boxes. However, we are also considering other options like CrowdStrike or TrendPoint for extended detection and response capabilities.

For EDR, it should provide us with a comprehensive view. Currently, it gives us a process-oriented view, but we need a broader view like Crowdstrike. It needs to provide a complete picture, including IoT connections between devices, and it should be more intuitive.

Support can be considered another area for improvement. It could have faster response times.

I have been working on this solution for three years. I'm using version 11.8 of Kaspersky Endpoint Detection and Response Optimum.

It's fine. It's good, but not completely stable.

I would rate the stability an eight out of ten. 

For scalability, we would need to request the vendor to increase the license or purchase an upgraded license file. It's a straightforward process, I believe, but it's not something I have personally experienced.

The support team does respond to us, but it takes time. They are not instant; maybe on the second day they would be more helpful. 

There is no live support available. Overall it's fine, but I would give them an eight. But considering the response time, maybe it's more like an eight if we prioritize faster support.

Positive

I'm familiar with the product, so it's easy for me. Maybe a seven or eight. Although there is a lot of documentation, some areas could use improvement.

I use it more on a weekly basis, maybe twice a week. Since there are administrators responsible for daily administration and any antivirus solution, there are daily tasks for support and auditing purposes.

For the new servers, the deployment process involved installation, configuration, and testing. We followed an implementation policy and defined tasks and pilot testing for about one to two weeks to ensure everything was working properly before moving to production. So this is all the process. 

The price is good, not too high. I would rate it an eight, like in the middle.

I would rate the pricing model a five out of ten. 

We are evaluating our options to ensure we have the best solution for our needs. So we may acquire another license or explore different too

I think for others; it is important to depend on and read different use cases. This way, they can evaluate the different solutions and capabilities. 

It's stable, and Kaspersky has many years in the market. So there is trust, and they are reliable. 

Overall, I would say it's an eight. It is a good solution for us, but there is still room for improvement. 

I have opted for Kaspersky Endpoint Detection and Response Optimum to provide comprehensive protection since EPP only relies on signatures, and it cannot safeguard our needs. In contrast, EDR offers protection against various threats, making it a more robust security solution.

The most beneficial aspect of Kaspersky Endpoint Detection and Response Optimum is its protection capabilities, followed by its device management capabilities. The ability to remotely install software is highly advantageous, making it a convenient and helpful feature.

The solution can improve the uninstallation process. The removal of the agent can be difficult. The purpose is for security, but it requires a lot of time and sometimes a special tool.

If it were necessary to incur additional costs, it would be acceptable for the solution to possess more comprehensive integrated functionalities.

I have been using Kaspersky Endpoint Detection and Response Optimum for approximately four years.

Kaspersky Endpoint Detection and Response Optimum is a stable solution.

Our clients have approximately 400 endpoints using this solution. In our company, we have approximately 1,000 endpoints using the solution.

The scalability of the solution is good.

We contact a third party for support. We only contact the vendor for solution updates

The initial setup of Kaspersky Endpoint Detection and Response Optimum is simple. The installation process duration can vary depending on the network speed since we are installing it from the network. It's estimated to take approximately thirty minutes to an hour.

The price of the solution is reasonable. It cost approximately €10,000 annually.

I would recommend this solution to others because it is reasonably priced.

I rate Kaspersky Endpoint Detection and Response Optimum an eight out of ten.

We use the solution to protect PCs both in offices and home environments.

The solution's most valuable features are the advanced detection and anti-theft features.

The application should be made a bit lighter so that it does not slow down the PC.

I have been using the solution for ten years.

I rate the solution’s stability an eight out of ten.

Around 30 users were using the solution in my previous organization.

We haven't had any issues with the solution installed on the PC. When I was trying to install the tool on a server machine, we contacted the technical support team, who responded to our email and supported us.

The solution’s initial setup is simple. The solution's deployment depends on how fast your internet and machine is.

The solution offers measurable benefits. Kaspersky is among the top five antivirus and internet security solutions. The tool is also well-priced. In terms of functionality, the solution will protect you from data loss, phishing, and many other troubles.

The solution could be made a bit cheaper.

Just one person was needed for the solution's deployment and maintenance. After you install and enter the license, the environment performs constant scans. You can set it to be scanned daily at a particular time.

I would recommend the solution to other users because it is a good antivirus that protects the PC, prevents data theft, and detects the latest viruses.

We have seen different kinds of attacks, and Kaspersky has integrated very well. Suppose you connect a new computer to the network, and that particular computer has viruses. The solution tells you that this machine has some threats.

Overall, I rate the solution a nine out of ten.

The product's most valuable feature is the flexibility of installation with the console and a simple administration strategy.

There could be visibility for troubleshooting incidents. We are unable to find the root cause of the attack. They should provide more notifications for incidents and more clarification or information about malicious activity.

We have been using Kaspersky Endpoint Detection and Response Optimum for a year.

I rate the product's stability a six or seven out of ten. Sometimes, the agent suddenly disconnects.

We have 2500 Kaspersky Endpoint Detection and Response Optimum users in our organization. We would compare the solution with other products and then decide whether to increase the usage. I rate the product's scalability a seven out of ten.

The local support team could have essential expertise to resolve issues.

Neutral

I rate the initial setup process an eight out of ten. It is not time-consuming. However, we encounter issues during installation as it requires a reboot. We are unable to reboot the critical server in our environment. It requires two engineers to carry out the deployment of a huge infrastructure.

I rate Kaspersky Endpoint Detection and Response Optimum a seven out of ten.

We use this solution to protect against cyber threats against our servers, web, and mobile devices. 

The solution is very user friendly, which we appreciate.

We have also been very pleased with how easy the implementation of this solution was.

We would like more data to be available from this solution, in order for it to be usable in strategic decision making.

We have been working with this solution for over four years.

This solution is very easy to setup and implement; installing the policies is rule-based, which makes it very straightforward.

I would rate this solution a nine out of ten.