Kaspersky Kaspersky Endpoint Security for Linux
For workstations and servers
Although the number of threats targeting Linux is lower compared to those targeting other platforms, attacks against it are on the increase: there are more than 100,000 malicious files registered in Kaspersky databases.
Kaspersky Endpoint Security for Linux provides next-generation, multi-layered protection against all types of cyberthreats, on the widest range of Linux platforms. It delivers reliable protection with minimal impact on performance. It’s available within our comprehensive product portfolio – including Kaspersky Endpoint Security for Business – and provides complete protection in hybrid environments, ensuring all systems are managed and protected, all the time.
Kaspersky Endpoint Security for Linux provides built-in technologies to:
- Eliminate redundant scanning and protect valuable data and business applications
- Identify and block the latest, emerging threats
- Deliver optimal security with minimal impact on other applications or overall system performance.
Learn more about True Cybersecurity for Business, and what our customers are saying about our technologies here.
Agile, centralized management – for ease of use even in mixed IT environments
Spend less time and resources managing IT assets and security: Kaspersky Security Center's 'single pane of glass' console provides powerful security controls and management for all Linux endpoints.
Generate reports, configure group or individual tasks and universal policies, manage scan settings, etc., from the same console that manages Kaspersky security for other platforms, including Windows, Mac OS and Android.
Simplify deployment and kernel update process
Application installation takes just a few minutes on x86 and x64 platforms and requires only one package. No additional compatibility packages required to run on x64 workstations or servers.
No need to reinstall or setup following kernel updates on workstations or servers – reliable protection against malware is up and running without the need for administrator involvement.
Customize scanning tasks and distribute configuration settings
Customize Linux protection across the business in a structured, efficient way using Kaspersky Security Center for group tasks and policies. Import/export capabilities can be used to replicate settings and policies across different environments, without using Kaspersky Security Center.
React quickly to alerts
Where something out of the ordinary occurs on the endpoint, the status protection on both the application and the Kaspersky Security Center console changes, sending an email alert to admin. Monitor operation history by reviewing Kaspersky Security Center event logs and use flexible tools and filters to search large volumes of data.
Kaspersky Security for Linux is integrated with syslog, enabling the transfer of incident data to a SIEM event correlation system or other solution.
Control network risks from a single place
Configure and manage built-in Linux OS firewall settings: Kaspersky Endpoint Security for Linux enables the creation of firewall rules policy, network activity logs and security incident review from one place.
Enforce network policy to all endpoints from Kaspersky Security Center, your single point of security management and control.
Low footprint for high-performance protection
Kaspersky Endpoint Security for Linux is specifically designed to have minimal impact on other programs and overall system performance. The graphical user interface is optimized for Linux and together with improved command line management capabilities this simplifies task execution and daily reporting.
Load balance performance at kernel level
Resources load balancing and optimized scanning technology – with the option to exclude trusted processes – enhances overall performance while reducing system requirements for protection. (System resources are reallocated when PC or server load is low or heavily loaded). Kaspersky Endpoint Security for Linux provides exceptional scanning performance with fanotify (kernel internal object) compatibility for on-access scanning.
Security scanning can be performed in background mode while server software is being updated, helping to reduce server downtime.
Eliminate unnecessary resource consumption
Kaspersky Endpoint Security for Linux optimizes resource usage with on-demand and scheduled scanning of local hard disks, media drives, shared file systems and distributed file systems.
A wide range of settings ensures high protection levels without sacrificing performance, for example:
- Schedule file scanning for unprivileged users
- Adjust the level of anti-malware protection
- Specify exceptions to enable selective scanning
Kaspersky Endpoint Security for Linux monitors and controls network shares and scans automatically when files are changed, ensuring that resources are optimized.
True protection against next-generation threats
Kaspersky Endpoint Security for Linux is built on the world's most tested, most awarded security. It combines the very best of human expertise with big data threat intelligence and robotic machine learning. Multiple layers of security detect known and advanced threats – even in memory or boot sectors.
Cloud-assisted threat intelligence from Kaspersky Security Network (KSN) enables near real-time, rapid detection and response to known, unknown and emerging Linux and other OS threats, with minimum false positives and workflow disruption.
Real-time protection from zero-day attacks
Rapid response to zero-day malware is a critical part of Kaspersky's true cybersecurity capability. Kaspersky Security Network (KSN) is our advanced cloud system that processes anonymized threat data from millions of nodes worldwide, using advanced data science technologies to deliver near real-time threat intelligence to every user.
This agility means that, even in zero-day attack situations, where threat information is not yet available to the endpoint, KSN works with Kaspersky Endpoint Security for Linux to stop the threat. Big data processing of massive volumes of threat metadata from suspicious files makes it possible to make rapid, accurate decisions about their safety without having to completely analyze their content – with response times as low as 0.02 seconds, it's a significant additional layer of security for *nix endpoints.
While all the information processed by KSN is completely anonymized and disassociated from its source, Kaspersky recognizes that some organizations – for compliance or company policy reasons – prefer to keep all data completely inside their perimeter. Kaspersky Private Security Network allows companies to benefit from most of the advantages of KSN without any information leaving their perimeter. It can be hosted on their own network or on that of their chosen provider.
In 2017 alone, Kaspersky detected 38 new families of cryptors with over 96,000 modifications. Kaspersky applications were among the first to offer dedicated protection of endpoints from encrypting ransomware. Servers are rarely attacked directly, but with cryptors becoming a pandemic, they regularly suffer from remotely initiated encryption of data stored on file shares.
Kaspersky Security for Linux contains a unique anti-cryptor mechanism capable of blocking encryption of files on shared resources from a malicious process running on another machine on the same network. This system constantly watches over the protected shared folders, tracking the state of the stored files. As soon as encryption activity is detected, the system blocks the attack source machine from accessing the server, stopping the encryption process and preventing the loss of corporate data.
Help meet regulatory requirements
The safety of sensitive data is at the top of every business's security agenda. Kaspersky Security for Linux supports this with essential functionality to strengthen security and aid compliance with key principles such as PCI DSS and SWIFT usage requirements. File Integrity Monitor can guarantee the integrity of system files, logs and critical applications by tracking unauthorized changes in important files and directories.
In case of malfunction or forced termination, Kaspersky Endpoint Security for Linux restarts automatically so your endpoints are instantly protected without the need for administrator intervention.
How to buy
Kaspersky Endpoint Security for Linux is included in the following products:
For the most complete, up-to-date requirements, please refer to Kaspersky Knowledge Base.
- 1 GB of hard drive space for installation, storing temporary files and log files.
- An Internet connection for activating the application and updating databases and application modules
- Intel Core 2 Duo 1.86 GHz or higher processor
- RAM: 1 GB for a 32-bit OS (2 GB for a 64-bit OS)
- Swap partition of at least 1 GB
- CentOS-6.9 x86 / x64
- Debian GNU/Linux 8.9 x86 / x64 or higher
- Red Hat® Enterprise Linux® 7.4 x64 or higher
- Ubuntu Server 16.04 LTS x64 or higher
- openSUSE® 42.3 or higher
- Perl interpreter: version 5.1 or higher (www.perl.org).
- Installed Which utility (from the OS installer).
- Installed packages for compiling applications (gcc, binutils, glibc, glibc-devel, make, ld), source code for the operating system kernel – for compiling modules of Kaspersky Endpoint Security 10 for Linux in operating systems that do not support fanotify.
- Kaspersky Endpoint Security for Linux is compatible with Kaspersky Security Center. To ensure proper functioning of the Kaspersky Endpoint Security for Linux administration plug-in, Microsoft Visual C++ 2015 Redistributable Update 3 RC (https://www.microsoft.com/en-us/download/details.aspx?id=52685) must be installed.
Version requirements for subscription
- This application is available as part of Kaspersky Endpoint Security for Business and can be purchased on subscription with flexible monthly licensing. Please check with your local partner about subscription availability in your country and application system requirements here.
World class protection and confidential data security for servers and workstations running *nix operating systems on a corporate network.
Kaspersky Lab's unique combination of big data threat intelligence, machine learning and human expertise enables agile, responsive protection against any kind of threat — with minimal management overheads.