Kaspersky Endpoint Detection and Response Optimum Reviews

Kaspersky Endpoint Detection and Response Optimum are used for extensive endpoint detection and response. It can take action if there's any attack on the system and use its cloud console to isolate any network which is being compromised and provides the root-cause analysis of it.

The solution is on a cloud and it is Kaspersky's own cloud, it is a subscription-type service.

One of the most valuable features of Kaspersky Endpoint Detection and Response Optimum is its cloud console allows users to remotely isolate a single computer from a network in the event of an attack, enabling them to perform root cause analysis without disrupting the entire network. This is particularly useful for organizations that may not have expert resources for endpoint detection and response.

An area for improvement in Kaspersky Endpoint Detection and Response Optimum would be to provide the cloud console platform to all users, regardless of the number of licenses a company has purchased. For example, a company with 50 employees should have access to the cloud console platform even if they have only purchased a certain number of licenses for the solution.

I have been using Kaspersky Endpoint Detection and Response Optimum for approximately six months.

The solution is highly stable.

I rate the stability of Kaspersky Endpoint Detection and Response Optimum a nine out of ten.

The scalability of Kaspersky Endpoint Detection and Response Optimum is good.

I rate the scalability of Kaspersky Endpoint Detection and Response Optimum a nine out of ten.

The support from Kaspersky Endpoint Detection and Response Optimum is great. They are responsive and their knowledge is good.

I rate the support from Kaspersky Endpoint Detection and Response Optimum a nine out of ten.

Positive

I have previously used Symantec. Symantec only offers pure EDR, not EDR Optimum, such as Kaspersky. I haven't personally worked with Symantec's EDR, but I have experience with Kaspersky's EDR Optimum feature, which is very good. I am not aware of any other vendors that offer a similar feature.

The main difference between Symantec and Kaspersky in terms of endpoint security is that Symantec is easier to use and install, and allows you to create policies, while Kaspersky can be more difficult to work with in terms of endpoint security.

The initial setup of Kaspersky Endpoint Detection and Response Optimum is easy. It took approximately five days for the full deployment. I had to make policies and do other configurations for the Endpoint Security for Business Advance and EDR.

I rate the initial setup of Kaspersky Endpoint Detection and Response Optimum an eight out of ten.

I did the implementation of the solution with the help of senior staff.

Kaspersky Endpoint Detection and Response Optimum is affordability, even for companies with limited budgets, such as those in the Pakistani market. It is a subscription-based license.

We have approximately 200 licenses and the additional features cost more.

I rate the price of Kaspersky Endpoint Detection and Response Optimum a seven out of ten.

There is maintenance required for the solution, such as patches, updating, and policy making.

I have had one customer using this solution. Kaspersky should start marketing and pushing its DLP solutions in Pakistan and in other regions.

I recommend Kaspersky Endpoint Detection and Response Optimum because it is important for businesses in Pakistan to prioritize security in order to protect against the increasing threat of malware, ransomware, and bot attacks in 2023. While it may not be a complete solution, it is important to take all necessary precautions to safeguard against these risks. It is better to take action rather than do nothing to protect against these potential threats.

I rate Kaspersky Endpoint Detection and Response Optimum a nine out of ten.

People need a basic anti-malware solution, so they use Kaspersky Endpoint Detection and Response Optimum.

The encryption feature that allows you complete control of your device is what I found most valuable in Kaspersky Endpoint Detection and Response Optimum.

The encryption feature in most antivirus or IDS solutions doesn't come with complete device control. Kaspersky Endpoint Detection and Response Optimum allows you to encrypt the device while protecting the endpoint. You can select the vendors, too.

I'm a person who wants everything to communicate or integrate into a single pane of glass. This is a challenge with Kaspersky Endpoint Detection and Response Optimum because there's no basic segmentation. I propose implementing a firewall to start basic segmentation, and I like to integrate everything with the firewall. For example, I like my endpoint solution to talk with my firewall directly to exchange threat feeds and possible malware information. 

There needs to be a unified conversation between all of my products, such as the base products, next-generation firewall, endpoint protection, my net, and the analyzers, which all need to be in a single spot to talk to each other. I need a product that manages all the different products I'm using.

I've been using Fortinet for a long time, and I mainly like it because I can manage FortiGate, FortiSwitch, and EMS in FortiManager in a single pane of glass. I can even automate and script. I can do anything. You can't do this in Cisco and Kaspersky, though I know Cisco is trying to change that reality now. Cisco is trying to do it the way Fortinet does it. I'm more of a Forcepoint and Fortinet guy.

What I want to be added to Kaspersky Endpoint Detection and Response Optimum is a single pane of glass management, where everything is integrated into a single pane of glass.

I also want Kaspersky to have a firewall product because it only has EDR and antivirus solutions currently.

Companies I've worked for used and stuck to Kaspersky Endpoint Detection and Response Optimum for a long time, particularly for five or six years. However, it's not my personal preference.

I once spoke with the Kaspersky Endpoint Detection and Response Optimum technical support team while trying to keep the solution in the large bank I used to work for in Angola. Still, the support, including the feedback, wasn't very good then, so I went with Fortinet EMS.

Overall, compared to Fortinet, which had terrible support, the Kaspersky support team is excellent, so I'm rating it as nine.

Positive

Here in Angola, we have a lot of vendors offering Kaspersky Endpoint Detection and Response Optimum, and the solution is easy to purchase. The most solid security products here fall under Kaspersky, so we went with Kaspersky Endpoint Detection and Response Optimum, even though we have no local Kaspersky support in Angola.

There's no difficulty in setting up Kaspersky Endpoint Detection and Response Optimum. It's an easy setup.

I didn't watch how the solution was set up in the enterprise I'm in currently, but deployment time usually depends on the company size. The previous company I was in had three thousand users, so it took at least five to six days to fully deploy Kaspersky Endpoint Detection and Response Optimum.

Total deployment time also depends on your network topology, but for one company, it took three to five days because of some offline stations. Still, the solution was straightforward to deploy, and I have no complaints.

Kaspersky Endpoint Detection and Response Optimum is more affordable than the endpoint security product of Fortinet. Whether it's worth the money depends on your security strategy.

Whether you should use Kaspersky Endpoint Detection and Response Optimum depends on your security strategy. Suppose I were to base my advice on my security strategy. In that case, I'd tell you not to use Kaspersky Endpoint Detection and Response Optimum because I don't want to manage a standalone product.

Suppose Kaspersky Endpoint Detection and Response Optimum detected a threat that your next-generation firewall missed or is unaware of. In that case, the two products can't correlate nor talk to each other to exchange and compare findings. The result would be that you won't be able to determine or decide whether that's a real threat or a false positive; in that case, I would drop the product. I want my security baseline to be products that can speak the same language and interact with each other, which I have on Fortinet.

Kaspersky Endpoint Detection and Response Optimum is a good product, so I'm rating it eight out of ten. My security strategy doesn't match its vision, but I find it a good solution. Kaspersky Endpoint Detection and Response Optimum has its issues, but I want to be fair, so overall, it's an eight out of ten for me.

My current company is a Kaspersky customer.

We use it to direct detected computer malware, analyze and diagnose the problems. We can also link it with the antivirus for malware and virus detection.

I mostly like how they capture particular files and submit them to other files, and they have the solution console. And for example, we are using the one in for

an application, like, on the RansomFree, if there are any vulnerabilities in patches coming, in the future, they fix these.

For improvement, they should make the scanning process faster. The scanning and updating take more time.

I have been using Kaspersky Endpoint Detection for six months. 

I would rate the stability of this solution nine out of ten. The customers use Endpoint Detection and Response Optimum as it is very stable.

The scalability of this solution is great, but Defender is better.

However, once one of our systems got affected by malware, updating and saving our site through Kaspersky helped us.

The technical support team is good. We had to create a ticket now. Once we created a ticket, and then we need to send the full consolidated part or the infection computer or infection assistant. Then they will find a solution.

Positive

The initial setup was straightforward. Since we were already familiar with the configuration and sector, we didn’t find the product setup difficult. The solution was deployed within fifteen minutes.

The deployment was done by a vendor team from the client side.

Kaspersky gives a consolidated price with a good solution. If we choose something else, we need to add other options on our own.

Yes, we used McAfee but it isn't listing anymore, so we switched to Kaspersky.

I rate the overall solution a nine out of ten.

We internally use Kaspersky Endpoint Detection and Response Optimum, which is a highly recommended solution. We leverage it for our detection data box, particularly when working with Azure.

All the features work together to provide alerts and help evaluate potential issues related to the detected threats. It's difficult to single out one feature since they all contribute to creating a normal usage profile and detecting abnormal behavior within the business infrastructure. It's a comprehensive solution.

There are certainly some weaknesses. In terms of the product itself, the main weakness lies in the need for highly skilled personnel to operate it effectively. This is why I prefer to use Managed Detection and Response. 

The problem is that there are millions of people worldwide who lack the necessary security skills and resources to manage security issues. It's a specific challenge for each company. If you don't have your own Security Operations Center (SOC) and lack the complete set of competencies and skills to manage the hardware, using Managed Detection and Response instead of Endpoint Detection and Response allows you to delegate the high-scale layer to experts who will handle a part of the job. Then, you only need to decide whether to rely on their advice or not, which requires fewer skills. Therefore, the main weakness lies in the inherent complexity of the solution.

In future releases, I would like to see an eXDR layer for Kaspersky. It's something that is essential. 

I've been using it for more than a year now. We were one of the early adopters. We started using it fully internally about six or seven months ago for protection purposes.

When it comes to Kaspersky, it's not a simple yes or no answer. It depends on various factors. Kaspersky's concept allows you to work with different components to achieve a specific level of detection and response. You can integrate it with other consoles, which is missing in Azure. This includes analyzing the network and cloud. EDR focuses on endpoint information, but there are two crucial aspects missing: network security and cloud security. 

However, if you have EDR components and use QM, you can achieve a fully scalable solution. You can also integrate it with other products like a threat-hunting portal and link flows. In the future, there will be integration with Azure. Without incorporating Kaspersky Endpoint, it may not be completely scalable. So, to achieve full scalability, you'll need to integrate an XDR solution.

In our company, we have around 250 end users utilizing the MDR solutions for our external customers. It's quite a significant number.

Customer service and support are really good. We receive responses within hours. We have the option to contact the German or English-speaking team, which provides a good quality of service. 

Additionally, we can also reach out to the French support team without any issues. Most of the time, we receive prompt and helpful assistance, including detailed instructions to troubleshoot the problem effectively. 

The support is highly reliable compared to other providers like Sophos, which has the worst reputation. Personally, I would rate Kaspersky's support as excellent, although individual experiences may vary. The quality of support is crucial and Kaspersky delivers in this regard.

Positive

From a technical point of view, I don't see any reason why I need to prefer competitors over the solutions provided by Kaspersky at the moment.

The initial setup was easy. Once you have the advanced solution point protection from Kaspersky, you just need to set up the technology through the web console. It's a yearly business license that needs to be activated on the endpoint. We had no issues with that. It's a critical aspect for us, and the deployment process was straightforward.

We only have one full-time administrator managing the solution. Although we are three people who are capable of administering it, in reality, it's a full-time job that requires less than half an hour per day. This includes selling the project, checking alerts, and handling the EDR component. The setup is designed to be efficient.

The deployment took less than a day, and there were no specific prerequisites. I read the solution and the manual, asked some questions, and within eight hours, the deployment was complete. 

There was a main point of contact who assisted throughout the process. It went smoothly. However, if you start from scratch without any existing enterprise protection, it may require more guidance. 

Managing the endpoint protection feature is the main priority. If you're starting from scratch, it might take around a week to deploy the Kaspersky Security Center, which is a preconfigured web or MST component. After that, you'll need some skills to create a strategy and deploy it on the data points. 

Initially, it might seem challenging, but once you understand the basics and have the necessary knowledge about Kaspersky products and endpoint relations, you'll be able to handle it. I would estimate around forty hours for someone unfamiliar with the system to complete the deployment, which is quite impressive.

It's a yearly business license that needs to be activated on the endpoint. We had no issues with that. It's a critical aspect of the deployment. 

The pricing is totally reasonable. However, you need to consider the cost of the yearly solution and also the enterprise protection. Currently, you cannot use the NDR solution without the endpoint protection. But in terms of the product portfolio, the pricing is very fair. After the events surrounding the invasion of Ukraine, some of our customers asked us to explore alternative solutions because they didn't want to work with Russian products anymore. So we conducted comparisons based on pricing. In the best-case scenario, the prices of other solutions were two or three times higher than Kaspersky. To be honest, Kaspersky is significantly cheaper while maintaining high-quality solutions. It's a bit more challenging to compare only the EDR solution since there are considerable differences between different EDR solutions as well as endpoint protection. 

One crucial factor to consider is the quality of the threat center, and Kaspersky is widely recognized as one of the best threat intelligence providers globally. When choosing a security solution, the quality of the solution heavily relies on the expertise of the individuals working on-site to identify threats and assess their severity. 

I recently analyzed a few phishing attacks targeting iOS devices. The exploit patch was released in 2019, and Kaspersky's EDR played a vital role in identifying and mitigating the malware. No other security solution around the world was able to detect this iOS issue, despite the fact that it had been present since 2019. Kaspersky's EDR was the first to uncover the problem, which was later confirmed by the XDR network analysis component of their solution. This is a testament to the product's quality because no other vendors or iOS solutions managed to detect the issue. These are facts that speak for themselves and provide strong evidence of the product's superiority compared to others.

We offer a range of products, including Endpoint Protection, MDR, XDR, password manager, VPN clients, email protection, email gateway, Internet gateway, and Azure automation. 

In addition, we provide CITO and DITC services for IT crews.  Our main focus is on business customers, both final customers and managed direction. We prefer to provide them with the necessary expertise and knowledge since they may lack the resources to handle intense situations and make informed decisions.

The main advantage that competitors have over Kaspersky is that they are not limited by software versions. One issue I have with Kaspersky is that some customer requirements may involve sharing specific details with us, which can pose challenges in certain projects.  And that is one of the recent projects that may be a problem. The only advantage I see over other competitors is that. 

Overall, I would rate it around nine out of ten at the moment.

We use the solution as an endpoint protection in HR, finance, accounting, etc. 

The product is lightweight and does not slow down the PC. The malware and virus detection rate is also very good. 

The solution needs to give more control to users on firewalls. 

I have been working with the solution for three years. 

I would rate the product's stability an eight out of ten. 

I would rate the product's scalability an eight out of ten. We have mainly small business customers with about 100 computers. We have four to five clients who have around 80 users for the product. 

We use email communication to contact the support team. We have a team who is very knowledgeable and hence haven't had much experience with the support team. 

Neutral

The tool is easy to setup and I would rate it a nine out of ten. The tool took three to four hours to deploy. We have an engineering team who manually installs the solution on the PC. The tool's deployment is a regular software installation process. 

I would rate the product's pricing a nine out of ten. You need to pay about 80,000 rupees yearly for the tool. There are no additional costs associated with the product. 

I would rate the product a nine out of ten. The solution offers reliable security. Our customers are usually SMB companies. Since the past three years, we didn't have any complaints regarding the product. It is a good solution with a high detection rate. The product is competitive compared to others. 

Kaspersky Endpoint Detection and Response Optimum provide real-time monitoring and detection for different operating systems. It is compatible with Linux, and Mac can use the server. It offers real-time monitoring for antivirus, ransomware, and other intrusion attacks.

It also has EDR capabilities. I was initially looking for a solution with EDR, and I discovered that Kaspersky offers EDR, possibly through its EDR Optimum feature. We might consider acquiring this license or exploring other options like CrowdStrike or Clearix.

We find it particularly useful for enhancing the security of our endpoints and gaining real-time visibility and context during incidents. 

Additionally, it offers features like system hardening, vulnerability management, patch management, and device control, which are not present in other solutions.

So, from our perspective, it ticks all the boxes. However, we are also considering other options like CrowdStrike or TrendPoint for extended detection and response capabilities.

For EDR, it should provide us with a comprehensive view. Currently, it gives us a process-oriented view, but we need a broader view like Crowdstrike. It needs to provide a complete picture, including IoT connections between devices, and it should be more intuitive.

Support can be considered another area for improvement. It could have faster response times.

I have been working on this solution for three years. I'm using version 11.8 of Kaspersky Endpoint Detection and Response Optimum.

It's fine. It's good, but not completely stable.

I would rate the stability an eight out of ten. 

For scalability, we would need to request the vendor to increase the license or purchase an upgraded license file. It's a straightforward process, I believe, but it's not something I have personally experienced.

The support team does respond to us, but it takes time. They are not instant; maybe on the second day they would be more helpful. 

There is no live support available. Overall it's fine, but I would give them an eight. But considering the response time, maybe it's more like an eight if we prioritize faster support.

Positive

I'm familiar with the product, so it's easy for me. Maybe a seven or eight. Although there is a lot of documentation, some areas could use improvement.

I use it more on a weekly basis, maybe twice a week. Since there are administrators responsible for daily administration and any antivirus solution, there are daily tasks for support and auditing purposes.

For the new servers, the deployment process involved installation, configuration, and testing. We followed an implementation policy and defined tasks and pilot testing for about one to two weeks to ensure everything was working properly before moving to production. So this is all the process. 

The price is good, not too high. I would rate it an eight, like in the middle.

I would rate the pricing model a five out of ten. 

We are evaluating our options to ensure we have the best solution for our needs. So we may acquire another license or explore different too

I think for others; it is important to depend on and read different use cases. This way, they can evaluate the different solutions and capabilities. 

It's stable, and Kaspersky has many years in the market. So there is trust, and they are reliable. 

Overall, I would say it's an eight. It is a good solution for us, but there is still room for improvement. 

I have opted for Kaspersky Endpoint Detection and Response Optimum to provide comprehensive protection since EPP only relies on signatures, and it cannot safeguard our needs. In contrast, EDR offers protection against various threats, making it a more robust security solution.

The most beneficial aspect of Kaspersky Endpoint Detection and Response Optimum is its protection capabilities, followed by its device management capabilities. The ability to remotely install software is highly advantageous, making it a convenient and helpful feature.

The solution can improve the uninstallation process. The removal of the agent can be difficult. The purpose is for security, but it requires a lot of time and sometimes a special tool.

If it were necessary to incur additional costs, it would be acceptable for the solution to possess more comprehensive integrated functionalities.

I have been using Kaspersky Endpoint Detection and Response Optimum for approximately four years.

Kaspersky Endpoint Detection and Response Optimum is a stable solution.

Our clients have approximately 400 endpoints using this solution. In our company, we have approximately 1,000 endpoints using the solution.

The scalability of the solution is good.

We contact a third party for support. We only contact the vendor for solution updates

The initial setup of Kaspersky Endpoint Detection and Response Optimum is simple. The installation process duration can vary depending on the network speed since we are installing it from the network. It's estimated to take approximately thirty minutes to an hour.

The price of the solution is reasonable. It cost approximately €10,000 annually.

I would recommend this solution to others because it is reasonably priced.

I rate Kaspersky Endpoint Detection and Response Optimum an eight out of ten.

I recently conducted a demo for a client.

The customer's environment had 350+ endpoints and Kaspersky Business Select was in use. They needed something efficient enough for their environment to detect and respond to critical ransomware attacks. The most critical part for the customer was how it will isolate a single PC from the environment remotely and how it will help get the root cause analysis without having to worry about the virus penetration in the network? 

I suggested Kaspersky EDR-Optimum along with the existing Kaspersky Business Select solution to get a better and comprehensive view of network attacks and get more control in case of a cyber attack. The customer was quite satisfied with the product in the demo and is now a happy customer of Kaspersky EDR-Optimum.

Since the deployment of the solutions, the organization has been proactive in its IT operations and has tackled quite a few critical scenarios since the solution has been operational.

The IT team now responds to threats and it has changed the IT security workflow. Instead of having to wait for alerts, the IT security team can actively hunt for threats by proactively scanning endpoints to spot anomalies and security breaches.

Moreover, the automated threat identification and response helps them to utilize their time effectively and respond to threats without downtime and disruption of the business operations.

The most important feature is its capability to remotely monitor the network and, in case of attack, remotely isolate the network. We can work on getting to the root cause of the attack without worrying about the attack penetrating the network.                                                                                 

A great catch for EDR is its excellent threat hunting capability. Using a centralized database and a broad range of automated responses helps organizations to avoid traditional and hectic remediation processes.

In terms of the Pakistani market and talking from a salesperson's perspective, I'd suggest that Kaspersky introduce a bundle of Kaspersky EDR-Optimum or Kaspersky EDR-Expert along with its Business Select/Advance suite.

When I say this, I understand the Pakistani market and how slow and less eager organizations are to invest in IT and internet security. Most of them don't invest until or unless they face any attack or network failure. 

However, in addition to the product, Kaspersky should give EDR-Optimum on the cloud for less than 300 users as well, in case any customer has its whole network on the cloud. That way they can easily use it.    

I have been pitching the solution to customers for over a year or so. The solution is comprehensive enough for customers to buy it.

The product is a market-leading product, so there is no doubt about its stability.

The solution is highly scalable. You can also use it in "Pay/additional user" mode.

Support is excellent. The tech comes on time.

Positive

The EDR project was initiated for the first time, and the organization did not have any other EDR solutions before.

The initial setup is easy and simple.

We, as cyber security consultant vendors, deployed on our customer's network.

The ROI can be justified in a short period of time.

The pricing is economical as compared to other options, and licensing is a subscription based on the user/year.

We evaluated Symantec EDR as well, however, it was expensive.

When you deploy it, use it with its full potential. Otherwise, it won't give perfect results.