Kaspersky Next EDR Expert Reviews

We use the product to monitor behaviors for endpoints to detect malware attacks and fraudulent activities.

The product has an easy-to-use EDR module based on signature-based antivirus detection. It is a complete software.

They could provide a source of visualization for the product. It needs to be easier to use for searches and activities. Additionally, they should work on an incident response module.

We have been using Kaspersky Endpoint Detection and Response Expert for three years.

I rate the product's stability an eight out of ten. It has more features than other EDR solutions.

The product has good scalability. We can size and schedule it as per requirements.

The initial setup process is straightforward. It takes two to three hours to work on configuration, installation, and implementation.

The product is worth the investment for small and medium businesses. Large enterprises can use it as an antivirus software rather than a complete EDR solution.

The product has a valuable pricing model. We need to purchase its monthly subscription.

The product is more advanced and scalable than other EDR solutions.

It is a nice EDR product. It works well for small and medium businesses than enterprises. I rate it a seven out of ten.

We use Kaspersky Endpoint Detection and Response for different in-depth solutions. It's a useful tool when you want everything in one module and you don't have a big budget for security. Other use cases are behavior detection, policy management, assessments, and patch fixings.

The most valuable features for me in Kaspersky are good security and performance. This solution is quite responsive and the tech support engineers are kind and good.

My opinion is that behavior detection could work better. This feature gets a high rate of false positives. This service is painful for network administrators.

I would like for this solution to better integrate with other solutions, especially with our network solution. I would also like for the support response time to be better.

I have been using this solution for about five years now.

I would say that the stability of this solution is quite good.

I would say that the scalability of this solution is good as your deployment and better if you have several management consoles. As of recently, in my console, there were about 110 points and several servers. We also have plans to increase usage in the future, depending on how much our company grows.

We do use the technical support of this solution and even though they are late to answer, especially via email, they are quite effective most of the time. The only thing that I think should improve is the time delay.

I would say that the initial setup process is complex. The amount of time it takes to deploy largely depends on the size of your network. It usually takes about two or three months, depending on the size of the endpoint and networks. 

Our model of deployment is on-premises. It took about one week to deploy the central management console and the full features and the policies, but the endpoints which connected to the central management console took longer. You also must have administration staff for the maintenance.

How much of an ROI a company has from this solution will vary. If there are no IT or security users in a company, the ROI is going to be very low. There must be at least one endpoint solution for a company to see ROI. The ROI is good for medium-sized networks.

My impression of the pricing plan is that it's good and reasonable. The license annual.

I would recommend this solution to other people as it's a good and useful tool.

I would rate this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

Our company uses the solution for endpoint detection. We started with the cloud service but our experience was not very positive so we moved to the on-premises solution. 

The detection engine running on endpoints works very well and provides a good protection level. We had several infection attempts but all were captured and blocked by the solution with no ransomware or malware running wild in our network.

The SD engine is very powerful and profound. 

The solution can integrate with external SIM solutions or external SOCs like CrowdStrike or Microsoft Defender.  

The interfacing for remote endpoints could be improved because it does not work very smoothly. 

It is not easy to follow the kill chain of a potential infection or malware. We would like to be able to roll back and analyze all the steps in the chain. 

The on-premises solution is not fully aligned with the web-based option that includes a feature-rich interface. For example, you can analyze better on the web console than with the on-premises management console. 

It is complex to implement remote endpoints for visitors who have devices that are outside the control of your network but are on-premises. The solution did not even offer this until recently but instead provided an additional solution for integrating the functionality. The solution needs to focus on providing a completely cloud-based solution like CrowdStrike, SentinelOne, and Microsoft Defender.

The solution still works on the old signature-based antivirus format but modern options like CrowdStrike, SentinelOne, and Microsoft Defender are behavioral analysis tools that are completely signature-less. The solution is losing customers because it has not reacted quickly enough to the modern format. 

I have been using the solution for three years. 

The solution is stable. We had a couple of issues with the SD engine failing which caused users to experience a lowering of endpoint service. 

The solution is a very mature product and not a new player like CrowdStrike. Features have been added on a rather old engine or structure that runs on 32 bits. 

If you have a 64-bit operating system like the newer Windows, you need an engine aligned with this architecture. 

We have 150 endpoints so have not reached a level where we need to scale up. The next level is at 500 or 1,000 endpoints. 

We are lucky to have direct access with Kaspersky. 

We opened tickets with support a couple of times and their reactiveness was fine but not first level. 

Neutral

I had prior experience with the solution so setup was easy because the management console has not changed much over the years. 

In general, the initial setup is a bit cumbersome. You can start easily but might need help creating different profiles, accessing old features, or realizing the solution's full potential. 

It is useful to have guidance from a business partner or the vendor directly. In our case, we were lucky to have support from the vendor. 

We worked with the vendor for our implementation. 

Ongoing maintenance is easily managed by two technicians. 

The solution is worth its cost so I rate pricing a ten out of ten. 

We did a comparison before provisioning the solution, but it was not profound. We needed to move from our prior solution due to regulatory issues and constraints so had to make a quick decision. 

We are currently evaluating other options, not from a technical point of view but because of the war. Companies in Ukraine have constraints that are forcing us to move from Russian software providers. 

I rate the solution a six out of ten. 

We use Kaspersky Endpoint Detection and Response for threat protection.

Kaspersky Endpoint Detection and Response has helped our company in many ways. Since we have been using this solution has have not had issues compared to other solutions we have used.

The most valuable features of Kaspersky Endpoint Detection and Response are all the features. The features have all helped us and most recently malware has been an issue in our company and malware protection has been effective. 

Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit.

I have been using Kaspersky Endpoint Detection and Response for approximately four years.

The stability of Kaspersky Endpoint Detection and Response is good.

Kaspersky Endpoint Detection and Response is scalable.

We have approximately 250 end-user accounts with ten servers using this solution. we have a combination of people using the solutions, such as IT specialists, business users, operation staff, marketing personnel, marketing team, compliance officers, finance, and general IT personnel.

Next year, we will look at the number of new users, and what's required for the company. The company is in the process of improving the business, opening more and more branches in Ireland. There are another 30 to 40 users to be added to the package in the future.

The support we are receiving from Kaspersky Endpoint Detection and Response has been very good.

We were previously using ESET Antivirus and we were having a lot of problems. Since we migrated to Kaspersky Endpoint Detection and Response we have been protected very well.

Kaspersky Endpoint Detection and Response has a simple setup. We deployed the solution in approximately one day.

We have a separate server receiving day-to-day, updates and patches. Then we have in Ireland, a branch network where it is connected. We have an agent server that is connected to the main server. From the main server, it pushes the day-to-day update to the particular agent server. From the agent server, it will push to the endpoint user devices.

We used a vendor support team of two people and our IT team of two for the implementation of the solution.

I have not quantified the ROI. However, I was using another solution previously with a potential for user data loss and now I do not experience this. We have been clean since we have been using Kaspersky Endpoint Detection and Response and in this sense, we have received a return on investment benefit.

There is an annual license to use Kaspersky Endpoint Detection and Response. The price overall is a bit expensive when compared to other solutions. There are not any additional fees other than the license.

I rate the price of Kaspersky Endpoint Detection and Response a three out of five.

We did evaluate other solutions before choosing Kaspersky Endpoint Detection and Response.

I would recommend others to use this solution.

I rate Kaspersky Endpoint Detection and Response an eight out of ten.

I cannot give a security solution a ten out of ten because the threat stage is always changing and the protection could fail at any time. There is always room for improvement.

We use the solution for the new threat landscape since personal endpoints are not enough for protection. So customers are looking for, you know, endpoint detection and response. So they can centrally manage all endpoints and communicate data across every endpoint that they have on the network. So we have been using, like, the normal endpoint detection, endpoint protection. And after that, we deployed EDR and Azure for a few customers, which are kind of separate products. Actually, the experience was not that great in terms of the approach to EDR for Kaspersky because it wasn't one product. It's two different products that are working together. They kind of integrated, like, two products integrating with each other. But the performance and the administration become a headache for the administrators.

In terms of the protection itself, Kaspersky has been doing a great job. It's just the approach, the technology itself, performance, and impact on the systems it's protecting, that are more of a concern. The concern is significant, especially when compared to alternatives that are more lightweight and available on a cloud platform. So, the aforementioned areas should be considered for improvement.

I have been using Kaspersky Endpoint Detection and Response Expert for two years. My company is a reseller of Kaspersky. We have been working with Kaspersky for almost ten years now.

It is a stable solution.

It is a scalable solution. I recommend the solution for small to medium businesses since its deployment and management are complex and bigger enterprises could go for cloud-based or move towards the next-gen solutions rather than Kaspersky.

I am not happy with Kaspersky's support since basic support is very cool unless you pay for some advanced support, in which you get better responses and feedback from Kaspersky's team. In my opinion, right from the start, they should offer good support.

The solution's initial setup process was complex when considering that it's just to get in the integration right from the start .So, there have been some issues where we had to contact Kaspersky and have the engineers work it out for us. So, it could have been a much simpler way to do it. The deployment process took two weeks with the help of three to four engineers who normally handle such stuff.

Kaspersky helped us with the implementation part.

Kaspersky's pricing is very competitive when it comes to comparison with the other solutions.

Overall, I rate the solution a seven out of ten.

We use the solution to create a test scenario for detecting a potential threat in the network.

The solution's cybersecurity policies help us protect some extensions of the primary documents in case of a ransomware attack. Also, in case endpoint servers get compromised, it protects them. Thus, we can manage exclusive and essential extensions for systems using it.

The solution's most valuable feature is machine learning. It monitors the traffic and events to detect suspicious activity.

They should include XDR features in the solution. It would help us collect data metrics from different endpoints. Thus, we could identify the origin of the ransomware or malware attacks within the network. Also, they should include sandboxing features.

We have been using the solution for three years.

I rate the solution's stability an eight.

The solution's deployment process involves configuring the network and changing the active directory. The most challenging part here is opening specific ports and blocking or allowing certain services through firewall settings.

The solution's cost is reasonable compared to other vendors.

I suggest a cost versus-benefit analysis to others while looking for EDR and XDR solutions. Considering the advantages of Kaspersky, it offers patch and vulnerability management. It takes time to deploy initially. But once you deploy it correctly, you will get a lot of features. I rate it as an eight.

Kaspersky EDR is an advanced version of the company's standard security solution that provides some enhanced detection and response features. Cost-wise, it's not much more than their other solution. 

Kaspersky is trying to push clients to adopt EDR because they plan to consolidate everything into one solution. EDR incorporates all the features available in Kaspersky's other products. 

If a customer wants to use Kaspersky on-prem, they'll need to spend a lot on the hardware. Their server must be strong because EDR is a heavy product. You need excellent hardware to run it. It might make sense to deploy the solution in the cloud. If they add features, it will only make the product heavier and increase the hardware costs. 

I have used Kaspersky EDR for about three years.

I rate Kaspersky EDR seven out of 10 for stability.

I rate Kaspersky EDR seven out of 10 for scalability.

I rate Kaspersky support eight out of 10. It depends on your SLA. You need to wait in line with standard support, but you get help immediately if you purchase business support.

Positive

I wouldn't say that Kaspersky is a walk in the park to install, but it isn't too complex. Anyone with a little training and knowledge can install and configure it. 

I rate Kaspersky EDR seven out of 10 for affordability. Kaspersky EDR isn't cheap, but it shouldn't be out of reach for most medium-sized enterprises. It is a small price jump from their advanced endpoint security solution. Small companies may not be able to spend that much. It should be within the budget of any company with more than 300 employees should.

We compared Kaspersky and Trend Micro. The latter is significantly more expensive. That's the main difference. 

I rate Kaspersky EDR eight out of 10. It's one of the top three solutions, but it isn't my No. 1. 

It's our primary, go-to product for email security. It covers our inbound and outbound mail. If somebody clicks on a bad link inside your company, it will automatically stop them from using that email to spread the rest of the phishing attempts. It checks outbound emails, not just inbound.

The solution is deployed on the cloud.

There are about 12 users in my organization. 

If we get a new employee, we'll buy another license. Otherwise, we don't have plans to increase usage. It scales with the amount of staff that we have.

It doesn't matter from where you log in, you're going to go through the Barracuda gateway. It will protect and filter any incoming mail. There's also a sandboxing feature. If Barracuda picks up something that's a little bit fishy, it will detonate it in the sandbox.

If it's not malicious, it'll pass it on. If it is malicious, it'll just quarantine it. The nice thing is that sometimes Barracuda doesn't know if the mail is good or bad for you. It gives you the option to allow delivery or to block delivery of that particular kind of mail.

If someone is trying to send you mail but is being blocked by your gateway, you can go into your Barracuda portal, see the last mail that came in, and you can choose from different options: allow/don't allow, deliver, once only, block user, or whatever the case may be.

In some cases, we can also restrict it, but only the admin can do that. If you have a problem and one of your clients can't send you mail, you need to contact the admin IT manager and tell them that you're expecting mail from a certain email address but you've been blocked. He will then allow the delivery of that. It gives you control over what gets delivered to your end users from an IT manager's point of view.

Encryption is the most valuable feature. It creates an encryption tunnel from your location to the delivery address. It's like a tunnel that can't be broken so that your mail can't be intercepted anywhere along the line. When you're using Barracuda as a gateway, your mail is guaranteed to be delivered as it was sent.

The other nice thing about the solution is that it's an archiver, which most companies need for compliance.

For e-discovery, a lot of legal companies need certain documents and for emails to be kept intact as they were sent. It acts as a paper trail.

It's pretty stable. It's older than Mimecast. The management tool is web-based, so it's also convenient.

It's managed on Barracuda Cloud Control. It covers spam, email viruses, email malware, phishing, undelivered mail, unsecured emails, and denial of service attacks. It's agentless and because it's an all-in-one product, it covers basically everything.

I would rate the scalability as 10 out of 10.

The difficulty of setup will depend on the number of users. It's scalable with the amount of users that you have. Setup with 1,000 users will obviously take longer than 10 users.

There is a labor cost involved in implementation. It takes about seven hours to deploy. There are a lot of different aspects involved in setup. It's not a simple implementation.

Once implemented, it's easy to maintain. Once the setup is done, it's fairly easy.

If you've given all your users rights, they can decide what mail comes through what doesn't. This makes an IT manager's job a lot easier. If you've kept the retention and everything needs to come through the admin or IT office but you send the alerts to the customer, then it's going to be pretty intensive depending on how many users you have.

The solution isn't the cheapest considering what you get. I would rate the pricing as seven out of ten.

The cost depends on what features you want. If you want to add advanced email security and compliance, advanced threat protection, cloud archiving services, and data loss protection, then there will be an additional cost.

I would rate the solution as nine out of ten. 

I would recommend complete compliance for most customers because it offers you email security services. It provides inbound and outbound scanning, blocking, and sandboxing.

It gives you data loss protection, encryption, and link and typosquatting protection. It also gives you advanced threat protection and cloud archiving services. That is all-in-one email protection.