10 BENEFITS THAT ONLY AN INTEGRATED PLATFORM SECURITY SOLUTION CAN BRING Kaspersky Lab’s Global IT Security Risk Report found that 94% of companies have experienced some form of external security incident in the past 12 months1. As the volume and sophistication of threats increases exponentially, businesses of all sizes are developing a better understanding of IT security risks, particularly targeted attacks, and how they can protect themselves from specific threats, rather than adopting a random, broad approach to a generalized notion of ‘malware.’ Too bad that many IT security vendors are continuing with exactly this random, broad approach, buying in new technologies and stitching together disparate, often incompatible code bases, creating complexity and causing as many problems as they solve. The days of traditional endpoint security — discreet anti-malware, encryption, device and network controls — are coming to an end. Endpoint protection platforms (EPPs) promising tightly integrated security technologies are the growing trend in IT security, advanced threat prevention and data protection. But there’s a world of difference between “integration” and a genuine platform. And when it comes to integration, there are varying degrees of completeness. For many vendors, “integration” has become just another word for “compatible.” And for some vendors, “compatible” means cobbling together products bought in from as many as 40 acquisitions and trying to get them to work with their own code base — never mind their customers’ systems. There are plenty of vendors promising “integrated’ solutions. Dig a little deeper and you’ll see there’s a significant difference between “playing nicely” together and the true synergy that comes from insight-based product roadmaps and development. Some vendors are struggling to unify their business acquisitions — yet claim they can deliver truly integrated platforms. Buying up whatever looks like it’s the “next big thing” cannot deliver the same completeness of vision — or protection. 1 B2B International & Kaspersky Lab, Global IT Security Risk Report 2014 6. Common structure, look and feel — faster, easier reporting There are some benefits that only a genuinely, deeply integrated platform solution can bring. Kaspersky Endpoint Security for Business is uniquely placed to deliver the following benefits to IT administrators: ENDPOINT PROTECTION PLATFORM 1. One server, one console 2. Single agent architecture , simple installation * 3. The single policy advantage 4. The synergy effect — greater than the sum of its parts 5. Unified administrator rights management — increased audit and control capability through one console * Single agent architecture per platform (Windows, Linux, Mac) 7. A clearer, deeper view into data — integrated dashboards and reporting 8. Unified license management and control — drive efficiency, take control 9. Single code base, built in-house, drives deeper integration 10.Integrated purchase model — all the functionality you need in a single purchase ONE SERVER, ONE CONSOLE 1 ONE SERVER, ONE CONSOLE Kaspersky Lab’s solution is unique in offering a tightly integrated, single management server and console. The Kaspersky Security Center covers every aspect of endpoint security, from anti-malware to data protection, mobile device management and systems management. Security polices and reporting are managed through a single console, integrated with external resources such as Lightweight Directory Access Protocol (LDAP) directories and Microsoft Exchange. Hardware and software inventory databases as well as software vulnerabilities/updates are also included — driving further integration and synergy possibilities, as the same data can be used across multiple functions. No need to keep synching with different servers or data sets — everything is installed once, on the same server and managed through the same console. These deep integration and synergy capabilities give a distinct advantage over competing solutions, many of which comprise acquired technologies with multiple, separate databases that simply cannot offer the same depth of integration as Kaspersky’s platform. The benefits: •Fast, easy deployment: One management server, console installation and configuration process delivers completely integrated functionality, right out of the box. •Single management server hardware: No hassle with different hardware, system or additional component requirements for each separate administration server and console. Kaspersky requires only ONE server for most deployments. •Single management server software: Easy-to-manage infrastructure for small business, yet capable of scaling for larger deployments. — Some products require further packages to be installed following the initial rollout, just to deliver similar functionality to Kaspersky Lab. — For further convenience, Kaspersky’s platform includes additional applications (e.g. those required in a Microsoft environment) as part of the installation process and self-install, saving time and aggravation. It just works. SINGLE AGENT * ARCHITECTURE , SIMPLE INSTALLATION * Single agent architecture per platform (Windows, Linux, Mac) 2 SINGLE AGENT ARCHITECTURE*, SIMPLE INSTALLATION Kaspersky’s solution is unique in offering an endpoint agent that takes advantage of deep code integration to ensure complete, easily achieved compatibility and synergy across hardware and software configurations. Genuine endpoint protection platforms have streamlined architecture, reducing complexity and deepening integration by using a minimum of discreet agents to run tasks. Related functions such as vulnerability scanning, application updates and patching — along with protection modules such as anti-malware and encryption — have a single agent architecture — streamlining performance and reducing your management footprint. Many competing offerings require multiple agents on the same machine for functions and features such as patching, application control or encryption. This creates potential problems around agent compatibility and requires additional testing. The benefits: •Saves time on initial deployment and updates: Just a simple installation task to control, with no dependencies and no requirements for numerous re-boots. •No hassle with different system requirements: It’s no secret that growth by acquisition creates software compatibility challenges. Bought-in functionality can create new, separate support requirements in addition to the software it’s been bundled with. Too bad you only find this out when you start a deployment. Only an organic, integrated development approach can guarantee seamless compatibility for different software components for managed endpoint platforms/devices. This also means less client-side compatibility testing. •Reduced impact: On system performance and management footprint •Вasis for synergy scenarios development: Deep integration allows for flexibility and greater functionality. Extend capabilities without enlarging the resource footprint. * Single agent architecture per platform (Windows, Linux, Mac) THE SINGLE POLICY ADVANTAGE 3 THE SINGLE POLICY ADVANTAGE The benefits: Complexity is the enemy of security, yet managing every aspect of information security across an organization often involves dealing with multiple, very different, solutions. The more you can simplify management processes, the more clarity and less risk you can have. •Simplified policy and task management: Thanks to a single set of shared parameters and prerequisites — managed groups, delivery settings, notifications, policy implementation is optimized, eliminating redundant processes and tasks for the IT administrator. A true Endpoint Protection Platform controls discovery, deployment, policy configuration and updating of endpoints throughout the corporate infrastructure. Kaspersky Endpoint Security’s single agent per platform means administrators can set one active policy for a managed group, covering all required components but without the need for multiple policy review or correlation. •Easier control over policy and task implementation: Single dashboard and reporting on deployment and execution, provides a comprehensive, at-a-glance view of policy status and compliance over the entire network. The “network agent” connects the endpoint with the administration server, performing systems management tasks (such as software and hardware inventory, vulnerability scanning and patch management), allowing for true flexibility and synergy between functions. •Streamlined policy and task changes: Modifications are made in a single step. Automatic policy assignment can cover several security parameters at once, from various protection settings, to application, device and web controls, as well as encryption policies. THE SYNERGY EFFECT — GREATER THAN THE SUM OF ITS PARTS 4 THE SYNERGY EFFECT — GREATER THAN THE SUM OF ITS PARTS Integrated endpoint protection features form the core of Kaspersky’s secure platform, making even complex, advanced security management scenarios easy to implement. True integration delivers security beyond each feature’s constituent parts, for example: To implement comprehensive protection from Internet-based threats, alongside policy-based web traffic and downloaded file scanning, a business could use Kaspersky’s application control feature to enforce the use of only one, IT-approved browser. This browser can, in turn, be further secured by enforcing automatic, high-priority vulnerability patching and protected against zero-day attacks by Automatic Exploit Prevention. In this way, Kaspersky’s integrated features provide a canopy of security against a very large attack vector — that’s what we mean by the “synergy effect.” The benefits: •Cross-sharing of security management practices and information collected from different functions, for example: — Information collected about removable devices is used for device control and encryption — Information about applications has input into application control and encryption policies. — Mobile device management (MDM) is integrated with data security on devices. — Patch management decisions can be based on vulnerability assessment. The “synergy effect” is not limited to the scenarios outlined above — Kaspersky’s deep code integration ensures complete, easily achieved compatibility and synergy across hardware and software configurations. With Kaspersky’s platform, security is extended beyond each feature’s constituent parts. UNIFIED ADMINISTRATOR RIGHTS MANAGEMENT — INCREASED AUDIT AND CONTROL CAPABILITY THROUGH ONE CONSOLE 5 UNIFIED ADMINISTRATOR RIGHTS MANAGEMENT — INCREASED AUDIT AND CONTROL CAPABILITY THROUGH ONE CONSOLE The benefits: Understaffed IT departments are a common problem for many mid-sized and larger organizations. Economic cutbacks and increased IT complexity mean IT administrators have more tasks and less time to perform them. •Easy to define and control permissions: In a typical midsized business where ‘the IT-guy’ looks after everything, it should be easy to perform all security-related tasks — including setting permissions for read/modify, access etc. Kaspersky’s Endpoint Protection Platform addresses this challenge, providing unified management tools for day-to-day security tasks. Deep integration allows privilege control and logs to be managed from just one console. One log records all actions — unlike competitor products, which often have to draw data from separate consoles and servers. •Rapid incident response and unified event log: IT administrators are only human; mistakes are made and, in the event of a security incident, rapid response is essential. Functionality that enables rapid changing or blocking of admissions is vital, along with the capacity to track those changes. With separate solutions, complex incidents can require the creation of multiple analysis processes. Kaspersky eliminates complexity, covering all changes to endpoint security, policies and management activities in a single log file, provided from a single management console interface. Unified rights management and logging allow for more effective control and insight into staff actions, supporting more effective permissions management. The result: Increased security and audit control over management from a single console. COMMON STRUCTURE, LOOK AND FEEL — FASTER, EASIER REPORTING 6 COMMON STRUCTURE, LOOK AND FEEL — FASTER, EASIER REPORTING Under-pressure administrators will take any opportunity they can to save time or make a task easier to perform. Endpoint Protection Platforms with unified, integrated features and a common interface make reporting, analysis and incident management easier — a similar report structure with a common look and feel is generated by Kaspersky Security Center. An IT administrator’s work day typically involves a plethora of routine-yet-vital tasks, all of which need to be monitored and reported. In a mixed solution environment, this entails a diverse number of dashboards, all generating reports in different formats, from PDF to HTML and direct email. Who has time to look at all that AND make sure everything’s running as it should be? In this environment, even the smallest improvement in usability or efficiency can save a lot of time and reduce the workload (not to mention the stress) on already overloaded IT security administrators. Common reporting with a common look and feel can make analysis and appraisal easier, improving incident management and supporting a proactive approach to IT security. The benefits: •Easier, faster report analysis: The same terminology and structure is used across report templates. ‘Computer, PC, node, machine’ — all are synonyms for the same managed endpoint. All are used interchangeably across products and vendor literature; add enough products to the mix, and things can get a little confusing. What if each of the security components in your mixed solution environment had a similar language problem? And what if every parameter of every one of those components had ‘same, just different’ names? In such a complicated environment, conducting investigations into threats or other incidents becomes a lot more complicated than it needs to be — even for administrators who are familiar with the set up. It’s one thing for admins to accept complexity, but what about a situation involving external investigators, such as auditors or regulators? Offer them a confused overview of your infrastructure and you’re likely to create the wrong impression. •Simplified incident management: Easily recognize similar incidents across different IT infrastructure nodes, such as malware or policy breaches. A CLEARER, DEEPER VIEW INTO DATA — INTEGRATED DASHBOARDS AND REPORTING 7 A CLEARER, DEEPER VIEW INTO DATA — INTEGRATED DASHBOARDS AND REPORTING The benefits: Endpoint Protection Platforms should provide a holistic approach to dashboards and reporting. True integration goes beyond the look and feel of the interface — for example, clicking on a single “endpoint properties” tab in an administration console should deliver information on all the security aspects of the managed client, such as policies applied, status updates and incidents. •Single pane of glass for all endpoint security components: A “cup of coffee” dashboard that doesn’t take the entire morning to look at, includes most important information about managed endpoints status, deployment tasks execution and license control, as well as major security events and incidents. Dashboards and reports should also ease the investigation process and create greater visibility into the endpoint — integration allows for information to be gathered across multiple components, making this much easier. •Streamlined drilling and analysis: Drill into interdependent reports to analyze and collect data from a variety of angles, including endpoint management, vulnerability assessment and patching, hardware and application inventory and user accounts created. Easy visibility into protection status and incidents, including malware detection and data encryption status. This makes security analysis and investigation a streamlined, easy process. •Executive reporting out of the box: Executive reporting is a core component of an IT security administrator’s responsibilities. Creating comprehensive reports from multiple consoles and datasets is time-consuming and a real headache. That’s why Kaspersky’s Endpoint Security Platform gives you executive reporting functionality right out of the box. No need for customized reports using thirdparty tools, giving you more time to focus on other projects. UNIFIED LICENSE MANAGEMENT AND CONTROL — DRIVE EFFICIENCY, TAKE CONTROL 8 UNIFIED LICENSE MANAGEMENT AND CONTROL — DRIVE EFFICIENCY, TAKE CONTROL Managing licenses for all security solutions across the entire corporate network has never been easier. With Kaspersky Lab, all — and we really do mean ALL — functions are activated using a single license: endpoint security, data protection, mobile device management and system management. This single license is easily distributed across the corporate endpoint infrastructure, regardless of state or location; physical or virtual machines on any network, fixed or mobile. Kaspersky’s integrated license management functionality allows you to make more effective use of what you’re paying for, while keeping tighter control over license validity. The benefits: •Single pane of glass for license auditing: No need to refer to different license control tools to monitor and check status. •Efficient license usage: Reduce costs through flexible distribution across a changing IT environment. For example, migrating from traditional PCs and notebooks to mobile devices with concurrent functionality. •Easy upgrade of your security solution: With Kaspersky’s Endpoint Protection Platform, you can increase security functionality according to your needs. Begin with endpoint security and simply activate features such as encryption or systems management by adding a new license. SINGLE CODE BASE, BUILT IN-HOUSE, DRIVES DEEPER INTEGRATION 9 SINGLE CODE BASE, BUILT IN-HOUSE, DRIVES DEEPER INTEGRATION Kaspersky’s single code base, built and maintained in-house, is at the heart of our integrated Endpoint Protection Platform. Where other vendors have followed acquisition strategies to increase their product offering in a rapidly changing threat landscape, Kaspersky is unique in developing and maintaining everything in-house. Unlike other vendors, this supports deep integration from the code-base level, allowing us to deliver the many benefits described earlier in this document. The benefits: •Single management server and administration console; •Single endpoint client architecture; •Single policies and unified tasks; •Synergy effect of integrated functionality; •Integrated dashboards and reporting. The same code base and development process facilitates faster updates and patching — Kaspersky users can update a single application, instead of the two or more applications (and the components that go with them) needed in many competing products. INTEGRATED PURCHASE MODEL — ALL THE FUNCTIONALITY YOU NEED IN A SINGLE PURCHASE 10 INTEGRATED PURCHASE MODEL — ALL THE FUNCTIONALITY YOU NEED IN A SINGLE PURCHASE One order covers all your security needs and functions; one license will activate everything. The benefits: •Address different needs through one package: Kaspersky users can acquire different levels and types of integrated functionality, addressing different customer needs — all using only one license package. This is unique. FINALLY… With Kaspersky Lab, users get a genuine Endpoint Protection Platform, developed from beginning to end, using the same code-base and R&D. Our integrated anti-malware and software vulnerability technologies are developed by our in-house, dedicated research group who constantly studies how modern threats are penetrating systems in order to develop more effective protection. Kaspersky Lab’s own application whitelisting and vulnerability research group manages our ecosystem of partners and vendors, delivering a constantly updated database of legitimate software, while giving the most up-to-date information on available patches. The convergence of endpoint security and client/systems management technology is a growing trend. Kaspersky Lab, with its entirely in-house code base and development process, is uniquely placed to exploit the obvious synergies between security functions and those traditionally seen as components of systems management. Kaspersky Lab integration delivers a true Endpoint Protection Platform. Protection is optimal, not optional. Learn more at www.kaspersky.com/business GET STARTED NOW: FREE 30 DAY TRIAL Discover how our premium security can protect your business from malware and cybercrime with a no-obligation trial. Register today to download full product versions and evaluate how successfully they protect your IT infrastructure, endpoints and confidential business data. GET FREE TRIAL NOW ABOUT KASPERSKY LAB Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users2. Throughout its more than 17- year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. With its holding company registered in the United Kingdom, Kaspersky Lab operates in almost 200 countries and territories, providing protection for over 400 million users worldwide. 2 The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2013. The rating was published in the IDC report “Worldwide Endpoint Security 2014– 2018 Forecast and 2013 Vendor Shares” (August 2014, IDC #250210). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2013. JOIN THE CONVERSATION #securebiz Watch us on YouTube Like us on Facebook Follow us on Twitter Join us on LinkedIn KASPERSKY CYBERSECURITY KNOWLEDGE CENTER View us on Slideshare Read our blog Visit our NEW Knowledge Center Contact us at 800.876.3507 [email protected] © 2015 Kaspersky Lab ZAO. All rights reserved. Registered trademarks and service marks are the property of their respective owners.