Kaspersky Endpoint Detection and Response OverviewUNIXBusinessApplication

Kaspersky Endpoint Detection and Response is the #11 ranked solution in EDR tools. PeerSpot users give Kaspersky Endpoint Detection and Response an average rating of 8.2 out of 10. Kaspersky Endpoint Detection and Response is most commonly compared to Trend Micro XDR: Kaspersky Endpoint Detection and Response vs Trend Micro XDR. Kaspersky Endpoint Detection and Response is popular among the large enterprise segment, accounting for 53% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 20% of all views.
Kaspersky Endpoint Detection and Response Buyer's Guide

Download the Kaspersky Endpoint Detection and Response Buyer's Guide including reviews and more. Updated: January 2023

What is Kaspersky Endpoint Detection and Response?

Digitally transforming enterprises are valuable targets for cybercriminals. Today, just uncovering and blocking individual threats as they arise isn’t enough - defending yourself successfully against complex threats at the earliest possible stage requires root cause analysis. Implementing the full endpoint protection cycle, from automatic threat blocking to complex incident response, means supplementing preventive technologies with advanced defense capabilities. Kaspersky Endpoint Detection and Response (EDR) provides comprehensive visibility across all endpoints on the corporate network, enabling the automation of routine tasks in order to discover, prioritize, investigate and neutralize advanced threats. The result is a significant increase in the speed and effectiveness of incident processing, at no extra cost.

Kaspersky Endpoint Detection and Response was previously known as Kaspersky EDR.

Kaspersky Endpoint Detection and Response Customers
Ferrari, Insolar, Tael, Republic of Serbia
Kaspersky Endpoint Detection and Response Video

Kaspersky Endpoint Detection and Response Pricing Advice

What users are saying about Kaspersky Endpoint Detection and Response pricing:
  • "The solution isn't the cheapest considering what you get. I would rate the pricing as seven out of ten."
  • "The solution is worth its cost so I rate pricing a ten out of ten."
  • "There is an annual license to use Kaspersky Endpoint Detection and Response. The price overall is a bit expensive when compared to other solutions. There are not any additional fees other than the license."
  • Kaspersky Endpoint Detection and Response Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Sales Account Manager at a security firm with 11-50 employees
    Reseller
    Top 5Leaderboard
    Provides inbound and outbound scanning, data loss protection, and encryption
    Pros and Cons
    • "Encryption is the most valuable feature. It creates an encryption tunnel from your location to the delivery address."
    • "It's not a simple implementation."

    What is our primary use case?

    It's our primary, go-to product for email security. It covers our inbound and outbound mail. If somebody clicks on a bad link inside your company, it will automatically stop them from using that email to spread the rest of the phishing attempts. It checks outbound emails, not just inbound.

    The solution is deployed on the cloud.

    There are about 12 users in my organization. 

    If we get a new employee, we'll buy another license. Otherwise, we don't have plans to increase usage. It scales with the amount of staff that we have.

    How has it helped my organization?

    It doesn't matter from where you log in, you're going to go through the Barracuda gateway. It will protect and filter any incoming mail. There's also a sandboxing feature. If Barracuda picks up something that's a little bit fishy, it will detonate it in the sandbox.

    If it's not malicious, it'll pass it on. If it is malicious, it'll just quarantine it. The nice thing is that sometimes Barracuda doesn't know if the mail is good or bad for you. It gives you the option to allow delivery or to block delivery of that particular kind of mail.

    If someone is trying to send you mail but is being blocked by your gateway, you can go into your Barracuda portal, see the last mail that came in, and you can choose from different options: allow/don't allow, deliver, once only, block user, or whatever the case may be.

    In some cases, we can also restrict it, but only the admin can do that. If you have a problem and one of your clients can't send you mail, you need to contact the admin IT manager and tell them that you're expecting mail from a certain email address but you've been blocked. He will then allow the delivery of that. It gives you control over what gets delivered to your end users from an IT manager's point of view.

    What is most valuable?

    Encryption is the most valuable feature. It creates an encryption tunnel from your location to the delivery address. It's like a tunnel that can't be broken so that your mail can't be intercepted anywhere along the line. When you're using Barracuda as a gateway, your mail is guaranteed to be delivered as it was sent.

    The other nice thing about the solution is that it's an archiver, which most companies need for compliance.

    For e-discovery, a lot of legal companies need certain documents and for emails to be kept intact as they were sent. It acts as a paper trail.

    What do I think about the stability of the solution?

    It's pretty stable. It's older than Mimecast. The management tool is web-based, so it's also convenient.

    It's managed on Barracuda Cloud Control. It covers spam, email viruses, email malware, phishing, undelivered mail, unsecured emails, and denial of service attacks. It's agentless and because it's an all-in-one product, it covers basically everything.

    Buyer's Guide
    Kaspersky Endpoint Detection and Response
    January 2023
    Learn what your peers think about Kaspersky Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: January 2023.
    670,400 professionals have used our research since 2012.

    What do I think about the scalability of the solution?

    I would rate the scalability as 10 out of 10.

    How was the initial setup?

    The difficulty of setup will depend on the number of users. It's scalable with the amount of users that you have. Setup with 1,000 users will obviously take longer than 10 users.

    There is a labor cost involved in implementation. It takes about seven hours to deploy. There are a lot of different aspects involved in setup. It's not a simple implementation.

    Once implemented, it's easy to maintain. Once the setup is done, it's fairly easy.

    If you've given all your users rights, they can decide what mail comes through what doesn't. This makes an IT manager's job a lot easier. If you've kept the retention and everything needs to come through the admin or IT office but you send the alerts to the customer, then it's going to be pretty intensive depending on how many users you have.

    What's my experience with pricing, setup cost, and licensing?

    The solution isn't the cheapest considering what you get. I would rate the pricing as seven out of ten.

    The cost depends on what features you want. If you want to add advanced email security and compliance, advanced threat protection, cloud archiving services, and data loss protection, then there will be an additional cost.

    What other advice do I have?

    I would rate the solution as nine out of ten. 

    I would recommend complete compliance for most customers because it offers you email security services. It provides inbound and outbound scanning, blocking, and sandboxing.

    It gives you data loss protection, encryption, and link and typosquatting protection. It also gives you advanced threat protection and cloud archiving services. That is all-in-one email protection.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    Flag as inappropriate
    PeerSpot user
    Founding Partner at Xmartlab
    Real User
    Easy to manage, simple to set up, and expands well
    Pros and Cons
    • "The solution is scalable."
    • "I would like better integration with other products."

    What is our primary use case?

    Clients are using this product to protect their desktops and laptops and to respond adequately when some vulnerabilities are detected as exploited.

    What is most valuable?

    We like the automated change of policies, given some scenarios. It is wonderful. You can rely upon your automated policies being activated if you need to. If you are under attack, or maybe some ransomware is spreading across your network, and you want your endpoints to become more secure given that threat, you get good protection. It's maybe the most important feature of Kaspersky Endpoint Detection and Response.

    It's easy to set up. 

    The solution is scalable.

    It's easy to manage and monitor the endpoints. 

    What needs improvement?

    I would like better integration with other products. For example, I would like to have another view in SolarWinds or Datadog. Integration is not easy. I'd like it to be simplified. 

    We do not need any additional features. 

    The business plan maybe could be improved. They need to change the way they sell the product. They could be better friends with their partners. A partner is not somebody who sells this product. It is usually somebody who manages this product for the end user or the end company that is predicting the assets. The role that a partner plays in this interaction is very important. They need to work to build that relationship to benefit the solution and the client. They should also offer better margins.

    For how long have I used the solution?

    We've been dealing with the solution since 2019. It's been around three years. 

    What do I think about the stability of the solution?

    It is a very stable solution. The most important thing about stability is not if the product runs or stops running, it is the time window you need to be prepared for new threats. They offer good protection, which makes the product very stable. Kaspersky's usually the first in distributing the indicators of compromise of the newest threats.

    What do I think about the scalability of the solution?

    The solution can scale well.  It is easy to deploy and manage a large number of endpoints running just a few tasks. You are very aware of what is happening with the threats in your institution. There's a lot of visibility.

    How are customer service and support?

    Technical support can be improved. When you need support, when you call for support, and you present the evidence in a ticket, they always come back with more questions. They ask you for more evidence, and you have to go and collect it. You get to a point where you want to say, "Oh, just forget it, I don't need more support from you. You always ask me for more, more, more data." 

    I would like to see a solution. I don't want to do all of this legwork and not get any help. 

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The console is very easy. The deployment is easy as well. If you have an active directory or something like that, or if you have previously installed the Kaspersky network agent, it's quite simple. If not, even if you don't have any of those, maybe if you have some software policy to deploy over your assets, it should also be easy. Otherwise, you have to go endpoint by endpoint running the agents. That can take time.

    The maintenance is pretty straightforward. If I have 5,000 endpoints, I need one engineer to handle the console installation for, maybe a week's worth of work. The endpoints could take two or three people to deploy in the company. If you can centralize the deployment, it will only take two or three days for one engineer to handle the setup.

    What was our ROI?

    I don't have any details in regard to ROI. 

    What other advice do I have?

    We are a partner of Kaspersky.

    We always work with the latest version of the solution.

    It's a wonderful product if you have a proper partner to handle it. If you let the product run by itself, by itself, it won't protect you. You need someone on this product with a hand on it every day, checking policies and seeing how it works. That's the only way to be protected from threats.

    I'd rate the solution nine out of ten. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Kaspersky Endpoint Detection and Response
    January 2023
    Learn what your peers think about Kaspersky Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: January 2023.
    670,400 professionals have used our research since 2012.
    Paolo Cozzi - PeerSpot reviewer
    ICT Manager at a manufacturing company with 51-200 employees
    Real User
    Top 20
    The SD engine is powerful but the 32-bit, signature-based format is outdated
    Pros and Cons
    • "The detection engine running on endpoints works very well and provides a good protection level."
    • "It is not easy to follow the kill chain of a potential infection or malware."

    What is our primary use case?

    Our company uses the solution for endpoint detection. We started with the cloud service but our experience was not very positive so we moved to the on-premises solution. 

    What is most valuable?

    The detection engine running on endpoints works very well and provides a good protection level. We had several infection attempts but all were captured and blocked by the solution with no ransomware or malware running wild in our network.

    The SD engine is very powerful and profound. 

    The solution can integrate with external SIM solutions or external SOCs like CrowdStrike or Microsoft Defender.  

    What needs improvement?

    The interfacing for remote endpoints could be improved because it does not work very smoothly. 

    It is not easy to follow the kill chain of a potential infection or malware. We would like to be able to roll back and analyze all the steps in the chain. 

    The on-premises solution is not fully aligned with the web-based option that includes a feature-rich interface. For example, you can analyze better on the web console than with the on-premises management console. 

    It is complex to implement remote endpoints for visitors who have devices that are outside the control of your network but are on-premises. The solution did not even offer this until recently but instead provided an additional solution for integrating the functionality. The solution needs to focus on providing a completely cloud-based solution like CrowdStrike, SentinelOne, and Microsoft Defender.

    The solution still works on the old signature-based antivirus format but modern options like CrowdStrike, SentinelOne, and Microsoft Defender are behavioral analysis tools that are completely signature-less. The solution is losing customers because it has not reacted quickly enough to the modern format. 

    For how long have I used the solution?

    I have been using the solution for three years. 

    What do I think about the stability of the solution?

    The solution is stable. We had a couple of issues with the SD engine failing which caused users to experience a lowering of endpoint service. 

    The solution is a very mature product and not a new player like CrowdStrike. Features have been added on a rather old engine or structure that runs on 32 bits. 

    If you have a 64-bit operating system like the newer Windows, you need an engine aligned with this architecture. 

    What do I think about the scalability of the solution?

    We have 150 endpoints so have not reached a level where we need to scale up. The next level is at 500 or 1,000 endpoints. 

    How are customer service and support?

    We are lucky to have direct access with Kaspersky. 

    We opened tickets with support a couple of times and their reactiveness was fine but not first level. 

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    I had prior experience with the solution so setup was easy because the management console has not changed much over the years. 

    In general, the initial setup is a bit cumbersome. You can start easily but might need help creating different profiles, accessing old features, or realizing the solution's full potential. 

    It is useful to have guidance from a business partner or the vendor directly. In our case, we were lucky to have support from the vendor. 

    What about the implementation team?

    We worked with the vendor for our implementation. 

    Ongoing maintenance is easily managed by two technicians. 

    What's my experience with pricing, setup cost, and licensing?

    The solution is worth its cost so I rate pricing a ten out of ten. 

    Which other solutions did I evaluate?

    We did a comparison before provisioning the solution, but it was not profound. We needed to move from our prior solution due to regulatory issues and constraints so had to make a quick decision. 

    We are currently evaluating other options, not from a technical point of view but because of the war. Companies in Ukraine have constraints that are forcing us to move from Russian software providers. 

    What other advice do I have?

    I rate the solution a six out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Gaman Kithsiri - PeerSpot reviewer
    Chief Information Officer at Ideal Group
    Real User
    Top 20
    Plenty of features, reliable, and helpful support
    Pros and Cons
    • "The most valuable features of Kaspersky Endpoint Detection and Response are all the features. The features have all helped us and most recently malware has been an issue in our company and malware protection has been effective."
    • "Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit."

    What is our primary use case?

    We use Kaspersky Endpoint Detection and Response for threat protection.

    How has it helped my organization?

    Kaspersky Endpoint Detection and Response has helped our company in many ways. Since we have been using this solution has have not had issues compared to other solutions we have used.

    What is most valuable?

    The most valuable features of Kaspersky Endpoint Detection and Response are all the features. The features have all helped us and most recently malware has been an issue in our company and malware protection has been effective. 

    What needs improvement?

    Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit.

    For how long have I used the solution?

    I have been using Kaspersky Endpoint Detection and Response for approximately four years.

    What do I think about the stability of the solution?

    The stability of Kaspersky Endpoint Detection and Response is good.

    What do I think about the scalability of the solution?

    Kaspersky Endpoint Detection and Response is scalable.

    We have approximately 250 end-user accounts with ten servers using this solution. we have a combination of people using the solutions, such as IT specialists, business users, operation staff, marketing personnel, marketing team, compliance officers, finance, and general IT personnel.

    Next year, we will look at the number of new users, and what's required for the company. The company is in the process of improving the business, opening more and more branches in Ireland. There are another 30 to 40 users to be added to the package in the future.

    How are customer service and support?

    The support we are receiving from Kaspersky Endpoint Detection and Response has been very good.

    Which solution did I use previously and why did I switch?

    We were previously using ESET Antivirus and we were having a lot of problems. Since we migrated to Kaspersky Endpoint Detection and Response we have been protected very well.

    How was the initial setup?

    Kaspersky Endpoint Detection and Response has a simple setup. We deployed the solution in approximately one day.

    We have a separate server receiving day-to-day, updates and patches. Then we have in Ireland, a branch network where it is connected. We have an agent server that is connected to the main server. From the main server, it pushes the day-to-day update to the particular agent server. From the agent server, it will push to the endpoint user devices.

    What about the implementation team?

    We used a vendor support team of two people and our IT team of two for the implementation of the solution.

    What was our ROI?

    I have not quantified the ROI. However, I was using another solution previously with a potential for user data loss and now I do not experience this. We have been clean since we have been using Kaspersky Endpoint Detection and Response and in this sense, we have received a return on investment benefit.

    What's my experience with pricing, setup cost, and licensing?

    There is an annual license to use Kaspersky Endpoint Detection and Response. The price overall is a bit expensive when compared to other solutions. There are not any additional fees other than the license.

    I rate the price of Kaspersky Endpoint Detection and Response a three out of five.

    Which other solutions did I evaluate?

    We did evaluate other solutions before choosing Kaspersky Endpoint Detection and Response.

    What other advice do I have?

    I would recommend others to use this solution.

    I rate Kaspersky Endpoint Detection and Response an eight out of ten.

    I cannot give a security solution a ten out of ten because the threat stage is always changing and the protection could fail at any time. There is always room for improvement.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Udom In - PeerSpot reviewer
    Information Technology Manager at The Olympia Medical hub
    Real User
    Top 5
    Good blocking capabilities and patching but needs better support
    Pros and Cons
    • "The performance for Kaspersky is good, and it's not impacted our client performance."
    • "There are some cases that take three days to deal with. It's too long."

    What is our primary use case?

    We primarily use the solution for endpoint protection. 

    What is most valuable?

    In the software that I use at Kaspersky, we have some options that we made to our client LiDAR for the block patching, and we can close the high chain. 

    The endpoint protection can update the patching from this server directly to the client, and every employee. 

    The performance for Kaspersky is good, and it's not impacted our client performance.

    It offers good blocking capabilities.

    The upper patching is excellent.

    What needs improvement?

    We have some problems with LiDAR. When we do the install, or reinstall the server console, or server endpoint protection, I don't know why we need to reinstall it. 

    Even though we installed, or did a new install for the server endpoint protection features, we use some small PDO or some patching to upgrade it in the employee protection clients if that's in.

    I need a local expert. I'm looking for more experts to be able to apply it to certain solutions that we understand already. In order to meet our requirements, we need more experts. 

    There are some cases that take three days to deal with. It's too long.

    For how long have I used the solution?

    I've used the solution for as long as I've been at the company - about one year. 

    What do I think about the stability of the solution?

    While the client is stable, for the console management, we have some problems with LiDAR. Sometimes, we installed it and had a problem and we need to reinstall it. In the last hour, the client can not do the configuration yet we need to add clients into the platform.

    What do I think about the scalability of the solution?

    We don't find it to have enough space.

    We have below 100 people on the solution.

    How are customer service and support?

    Technical support is not too bad. I can say that it is in the middle of the road. They can be slow to respond.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The initial setup is very straightforward. 

    What about the implementation team?

    We used either an integrator or consultant. We had help from a third party and didn't handle the entire implementation ourselves. 

    What's my experience with pricing, setup cost, and licensing?

    The pricing is good. I'd rate it four out of five in terms of affordability.

    Which other solutions did I evaluate?

    We did compare Kaspersky EDR with other software vendors.

    What other advice do I have?

    I'm a customer and end-user.

    I would rate the solution a seven out of ten. If we had more local expertise and better support, it would be better.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Muhammad Ali Aziz - PeerSpot reviewer
    Senior Manager Cyber Security Services & Solutions at a tech vendor with 51-200 employees
    Reseller
    Top 5
    Their products are generally effective in guessing attacks or thwarting different types of unknown malicious techniques
    Pros and Cons
    • "The most valuable feature of Kaspersky EDR is its simplicity. The console is easy to use and not very complex."
    • "Kaspersky EDR currently has limited OS support. They only focus on Windows Server and Windows. Kaspersky recently released a Linux version, but it's rudimentary. It does not have any advanced features available on Windows platforms. They should increase their footprint on the Linux side and support other operating systems on the market, like MacOS."

    What is our primary use case?

    Kaspersky EDR is a targeted solution that collects telemetry and forensics data as well as end-to-end IoCs. It does not use any signatures.

    What is most valuable?

    The most valuable feature of Kaspersky EDR is its simplicity. The console is easy to use and not very complex.

    What needs improvement?

    Kaspersky EDR currently has limited OS support. They only focus on Windows Server and Windows. Kaspersky recently released a Linux version, but it's rudimentary. It does not have any advanced features available on Windows platforms. They should increase their footprint on the Linux side and support other operating systems on the market, like MacOS.

    For how long have I used the solution?

    I have been using Kaspersky EDR for about four or five years.

    What do I think about the stability of the solution?

    Performance is one area where Kaspersky has room for improvement. The solution must be fast when it's acquiring telemetry data because the attack surface is unforgiving. The solution must be extremely fast with a high response time.

    What do I think about the scalability of the solution?

    Kaspersky is scalable, but it lacks built-in high availability and disaster recovery. Currently, you need a third-party solution to provide high availability.

    How are customer service and support?

    I rate Kaspersky support eight out of 10. We have never had any serious issues with their support. They take some time to respond, but they always provide the best solution.  

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    Setting up Kaspersky isn't straightforward, but their guide is good. The documentation is fairly well-defined, so we just need to follow that. At the same time, it isn't easy because sometimes there are errors. I rate Kaspersky EDR six out of 10 for ease of installation.

    What's my experience with pricing, setup cost, and licensing?

    The license is competitive. Pricing is another Kaspersky advantage.

    Which other solutions did I evaluate?

    There is a lot of competition in the EDR category. As resellers in the industry for so long, we're aware of the various products to choose from. Kaspersky's strong point is detection. They have a huge threat intelligence and R&D team. Their threat detection is among the industry's best. Their products are generally effective in guessing attacks or detecting different types of unknown malicious techniques.  They also have a great sandbox with their EDR solution.

    Their weakness is performance, but detection is one of the best in the industry, if not the best. Kaspersky is always at the top of any third-party analysis of EDR products.

    What other advice do I have?

    I rate Kaspersky Endpoint Detection and Response eight out of 10. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator / Reseller
    Flag as inappropriate
    PeerSpot user
    Information Security Officer at a financial services firm with 51-200 employees
    Real User
    Top 5Leaderboard
    Helped us prevent ATM looting
    Pros and Cons
    • "My impression of the stability of this solution is good. We have not had any issues with stability."
    • "I would like to integrate Kaspersky with my Log Collector SIEM. Right now that's not possible."

    What is our primary use case?

    We use Kaspersky for our cash machines, 200 of which we have around the country. We use it to control the USB ports so nobody can use them without authorization from the owner. 

    Currently, we implementing a new use case concerning our response when we get an alert.

    What is most valuable?

    In the past year, many banks have seen cases of ATM looting. We wanted to prevent that, which is why we implemented Kaspersky Endpoint Detection and Response. We are a bank and we haven't had any issues like the orders. Kaspersky helped us a lot. It helped up prevent unauthorized USB port usage. 

    What needs improvement?

    I would like to integrate Kaspersky with my Log Collector SIEM. Right now that's not possible. 

    Kaspersky Endpoint Detection and Response could also introduce a way to make working in teams more accessible. At the same time, it would be interesting to see them explore artificial intelligence solutions. 

    For how long have I used the solution?

    I have been using this solution for two years. 

    What do I think about the stability of the solution?

    My impression of the stability of this solution is good. We have not had any issues with stability. 

    What do I think about the scalability of the solution?

    We have not had any performance issues and our board really likes the solution. Our facility and technical support teams use this solution as they manage the cash machines. 

    How are customer service and technical support?

    I think they are good and we haven't had any problems with them. We haven't had any critical issues that would have required us to call the US technical support of US; we have only been in touch with local technical support.

    Which solution did I use previously and why did I switch?

    We previously used Sophos, Crowdstrike, and Microsoft Defender. The most important reason we transitioned to Kaspersky is the agent that is installed in the end points on the cash machine. The Kaspersky agent is really soft. With the others, we noticed that their agents would stop, so that made a big difference.

    What about the implementation team?

    We used three or four people to deploy and maintain the solution. 

    What's my experience with pricing, setup cost, and licensing?

    Our current monthly costs are $1,000. 

    What other advice do I have?

    You have to be really informed about the process of using this tool before deploying. With our use case with the cash machines, for example, implementing the white list could have been really hard work for us if we had not had previous experience with it.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Endpoint Specialist at a computer software company with 201-500 employees
    Real User
    Top 20Leaderboard
    Great machine learning and real-time protection with useful vulnerability reports
    Pros and Cons
    • "Has great behavior detection and a very good firmware scanner."
    • "Device control is lacking in EDR."

    What is our primary use case?

    We are Kaspersky partners and I'm an endpoint specialist. 

    What is most valuable?

    The major features I really like are behavior detection and the firmware scanner. The solution also has great threat prevention. Machine learning is also very good as is the real-time protection. The best thing is you can also get a vulnerability report. There are a couple of other features EDR has that are not available in other solutions and that includes the system-level device for controlling the UI which enables control of applications at the location level. There is also the IoC scanner that Symantec doesn't have. Finally, the threat intelligence portal gives me global visibility into threats and their interconnections which is great. 

    What needs improvement?

    The one thing Symantec has that EDR lacks is device control. I think Kaspersky has to increase its features when it comes to antivirus control. I'd like to see an increase in the 30-day retention period. 

    For how long have I used the solution?

    I've been using this particular solution for 3 years but have used other Kaspersky solutions for over 15 years. 

    What do I think about the stability of the solution?

    The solution is stable. 

    What do I think about the scalability of the solution?

    The scalability is good. Scaling is a matter of creating a new server and replicating all the data. It's not a big issue to do the migration or to upgrade hardware. We currently have around 20,000 users with that number increasing every day. 

    How are customer service and support?

    The technical support is really bad. They have three models of support and if you have the regular level of support, it can take days to get a response. It forces you to pay extra to get premium support, and then you hear from them within two hours. 

    How was the initial setup?

    The initial setup is straightforward. If you're deploying for customers then the deployment time will depend on the size of the organization and the level of preparation that has been done in advance. If you have 10,000 users, deployment will take about a day if everything is ready.  

    What's my experience with pricing, setup cost, and licensing?

    Licensing costs are very reasonable. This is not an expensive solution. 

    What other advice do I have?

    There are some features lacking in this solution and if I compare it with CrowdStrike or Microsoft, they are both better solutions than Kaspersky. I rate this solution eight out of 10. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Kaspersky Endpoint Detection and Response Report and get advice and tips from experienced pros sharing their opinions.
    Updated: January 2023
    Buyer's Guide
    Download our free Kaspersky Endpoint Detection and Response Report and get advice and tips from experienced pros sharing their opinions.