Kaspersky Security for Windows Server
Complex corporate IT networks require the highest levels of protection – a single piece of malware can spread rapidly across a network, disrupting business processes and destroying IT infrastructure. Servers need dedicated security solutions to protect critical data against the latest malware threats, performing continuously under the heaviest load conditions, with minimal impact on resources.
Kaspersky Security for Windows Server was developed specifically to protect complex networks and ensure that valuable corporate resources are efficiently secured. With prompt threat detection and response and exceptional resilience, together with launch control and exploit prevention against emerging threats, it delivers advanced server protection to businesses of all sizes.
Advanced server protection
Next-generation protection against the latest malware
Based on Kaspersky Lab's unique HuMachine framework, Kaspersky Security for Windows Server's multi-layered threat protection system detects all types of malware, including advanced, sophisticated and emerging threats. Despite its power, it has minimal impact on server performance and provides different optimization capabilities depending on server role (for example, by configuring application priority or excluding business-critical trusted processes from scanning).
Cloud-assisted server protection
Kaspersky Security Network (KSN) delivers a faster-than-ever response to new threats, improving the performance of protection components and minimizing the risk of false positives.
NEW: Exploit prevention
Kaspersky Security for Windows Server comprises a powerful Exploit Prevention mechanism that protects process memory from exploits. It watches over protected processes and prevents attempts to exploit unpatched or even zero-day vulnerabilities in system components and applications.
NEW: System hardening
The most reliable resilience against data breaches is attained by implementing the Default Deny scenario using Application Launch Control. By prohibiting the use of any application other than trusted system components and specified programs or services, most malware types are automatically blocked from starting. Together with Device Control running in Default Deny mode ruling out the use of any unsolicited storage, these components considerably reduce the attack surface and boost the security of the server protected by Kaspersky Lab.
Making sure critical system components and processes (as well as mission-critical applications) remain intact is as important for the server's smooth functioning as for the security of the sensitive data processed on it.
Kaspersky Security for Windows Server takes care of this, providing features such as File Integrity Monitor and Log Inspection which help to not only prevent unwanted changes to the system but also to detect certain indicators of a security breach and complying with a number of regulations such as PCI/DSS.
Protection for terminal servers
Kaspersky Security for Windows Server protects a wide range of remote access environments including Microsoft Terminal Services and Citrix XenApp/Xen Desktop:
- End users sessions in desktop publishing modes remain secured against malware threats, including ransomware. The new Traffic Security component of Kaspersky Security for Windows Server provides anti-virus and anti-phishing protection for web and mail traffic on the Terminal Server.
- Security controls, specifically Application and Web Controls with Kaspersky categories restrict the use of unsolicited resources, reducing the risk of a data breach.
NEW: Support for Microsoft Windows Server containers
The rapid spread of Docker-based container virtualization requires specific protection, taking into account containers using the same kernel as other server processes. Kaspersky Security for Windows Servers secures Windows Server containers, making sure that compromised containers you may encounter won't harm your business
Support for virtualized environments
Kaspersky Security for Windows Server delivers reliable security for any kind of virtualized or hybrid infrastructure - private, hosted or in a public cloud.
NEW: External traffic security
This new system delivers traffic malware filtering, web links verification and web-resource control, based on Kaspersky categories for any external system supporting the ICAP protocol like proxy servers, storage or any other ICAP-supporting system.
'Always-on' multi-layered protection for storage
Kaspersky Security for Windows Servers supports a wide range of storage systems from the most prominent vendors, including Hitachi, EMC², IBM, Dell, Oracle and NetApp. It supports both on-access scanning (when a launched file is modified) and on-demand scanning (either by request or scheduled). For NetApp Storage, unique Anti-Cryptor functionality is available. This technology secures data on NAS shares from ransomware and blocks any attempt to encrypt data on storage from any connected host machine with running crypto-malware.
Protecting shared folders and storages from crypto-malware (Anti-Cryptor)
Kaspersky Lab products were one of the first to offer dedicated protection of endpoints from encrypting ransomware. Servers are rarely attacked directly, but with cryptors now becoming a pandemic, they regularly suffer from remotely initiated encryption of the data stored on file shares.
Kaspersky Security for Windows Servers contains a unique anti-cryptor mechanism capable of blocking encryption of files on shared resources from a malicious process running on another machine on the same network. This system constantly watches over the protected shared folders, tracking the state of the stored files. As soon as encryption activity is detected, the system blocks the attack source machine from accessing the server, stopping the encryption process and preventing the loss of corporate data. This functionality is available for Windows and NetApp storage systems.
Flexible, easy management
Control over administrator privileges
Choose the appropriate privilege level for each server's administrator, making it easy to comply with security requirements specific to different departments and roles.
Notifications can be sent to administrators via messaging service or email. Kaspersky Security for Windows Server is integrated with Simple Network Management Protocol (SNMP) and can operate with System Center Operations Manager (SCOM). Alternatively, monitor operations by reviewing Microsoft Windows or Kaspersky Security Center event logs.
NEW: SIEM integration
Kaspersky Security for Windows Server provides integration capabilities for different SIEM systems. The application can convert events in application logs into formats supported by the syslog server so that those events can be recognized and imported into a SIEM. The application supports conversion into structured data format and into JSON format.
NEW: Windows Firewall management
To improve the convenience of server security management, Kaspersky Security for Windows Servers allows the configuration of the local Windows firewalls of your servers directly from the unified console of Kaspersky Security Center.
Most awarded, most recognized, most appreciated protection
Ideal for mission-critical server scenarios
Kaspersky Security for Windows Servers was created to meet the most stringent requirements imposed by server scenarios. Its inherent low impact on system performance, high load tolerance and reduced demand for maintenance (including the need for rebooting) make it the perfect application for mission-critical servers.
Kaspersky Security for Windows Servers is suitable for a wide range of server roles and usage patterns, including protection for file servers, network storages and key elements of the corporate infrastructure, ensuring their smooth and secure functioning.
Ready for your company's cloud journey
Adapted for protection of physical as well as virtualized servers, Kaspersky Security for Windows Servers allows you to run your server workloads securely in any part of your hybrid infrastructure: on premises, in a datacenter or in a public cloud.
Centralized management – save time and money
Kaspersky Security for Windows Server is managed via your choice of unified console: Kaspersky Security Center or Kaspersky Endpoint Security Cloud. Whether you want ease of use or granular control over the entire infrastructure from a single viewpoint, you can adjust corporate security to your system's specifics and reduce operational overheads.
How to buy
Kaspersky Security for Windows Server is included in:
For the most complete, up-to-date requirements, please refer to Kaspersky Knowledge Base.
Hardware requirements for server protection
- x86-compatible systems in a single-processor or multiple-processor configuration
- x86-64-compatible systems in a single-processor or multiple-processor configuration
- For installation of all application components: 70 MB
- For storing objects in quarantine or in backup: 400 MB (recommended)
- For storing logs: 1 GB (recommended)
- For storing databases: 2 GB (recommended)
- Processor: 1Core, 1.4 GHz
- RAM: 1 GB
- Free space on the hard drive: 4 GB
- Processor: 4 Core, 2.4 GHz
- RAM: 2 GB
- Free space on the hard drive: 4 GB
Software requirements for the protected server
Kaspersky Security 10 for Windows Server should only be installed on servers running one of the following versions of Windows. Microsoft Windows Installer 3.1 is also required
- Microsoft Windows Server 2008 x86/x64 Standard / Enterprise / Datacenter SP1 or later (including Core mode)
- Microsoft Windows Server 2008 R2 Standard / Enterprise / Datacenter SP1 or later (including Core mode)
- Microsoft Windows Hyper-V Server 2008 R2 SP1 or later
- Microsoft Windows Server 2012 / 2012 R2 Essentials / Standard / Foundation / Datacenter (including Core mode)
- Microsoft Windows Hyper-V Server 2012 / 2012 R2 / 2016
- Windows Server 2016 Essentials / Standard / Datacenter / Core / Storage
Kaspersky Security 10 for Windows Server can be installed on the following terminal servers
- Microsoft Remote Desktop Services based on Windows 2008 Server
- Microsoft Remote Desktop Services based on Windows 2012 Server
- Microsoft Remote Desktop Services based on Windows 2012 Server R2
- Windows 2016 Server Microsoft Remote Desktop Services
- Citrix® XenApp® 6.0, 6.5, 7.0, 7.5 – 7.9, 7.15
- Citrix XenDesktop® 7.0, 7.1, 7.5, 7.5 – 7.9, 7.15
Requirements for specific storage platforms
- NetApp Clustered Data ONTAP 8.x and 9.x
- NetApp Data ONTAP 7.x and 8.x in 7-mode
EMC Celerra / VNX
- EMC DART 6.0.36
- Celerra Anti-Virus Agent (CAVA) 220.127.116.11
- EMC Isilon OneFS 7.0
- HNAS 3080 / 3090 / 4040 / 4060 / 4080 / 4100.
- VSP G200 / G400 / G600 / G800 / G1000 / G1500
- IBM System Storage N series
- DELL FS8600 on FluidFS 6.x
- DELL FS8600 on FluidFS 5.x
- Oracle ZFS Storage Appliance
- ICAP-compliant or RPC-compliant NAS
Version requirements for subscription
This application is available as part of Kaspersky Endpoint Security for Business and can be purchased on subscription with flexible monthly licensing. Please check with your local partner about subscription availability in your country and application system requirements here.
Protect complex networks and ensure valuable corporate resources are secured effectively and efficiently. Secure shared folders from crypto-malware with server-based Anti-Cryptor technology.
Kaspersky Lab's unique combination of big data threat intelligence, machine learning and human expertise enables agile, responsive protection against any kind of threat — with minimal management overheads.