On January 30, 2013 Kaspersky Lab announced the commercial release of Kaspersky Endpoint Security 10 for Windows version 10.1.0.867.
Kaspersky Endpoint Security 10 for Windows is an all-in-one tool for protecting data of an organization against digital threats.
Kaspersky Endpoint Security 10 for Windows offers extensive encryption features for data protection. Encryption reduces the risk of data leaks when a laptop or removable drive is lost or stolen, and prevents unauthorized access.
The application offers the following encryption features:
- File level encryption (FLE) for files on local drives and removable drives;
- Full disk encryption (FDE) for hard drives and removable drives.
File level encryption (FLE) features:
- Encryption of files on local computer drives. You can create encryption lists of files by extension or group of extensions and encryption lists of folders on local computer drives.
- Encryption of files on removable drives. You can specify a default encryption rule by which the application applies the same action to all removable drives, or configure encryption rules for files stored on individual removable drives.
The application supports several file encryption modes for removable drives: encryption of all files stored on removable drives, or encryption of new files only as they are saved or created on removable drives.
Files on removable drives can also be encrypted in portable mode. It allows access to encrypted files on removable drives that are connected to computers without Kaspersky Endpoint Security installed.
- Encryption of files created or modified by specific applications. You can create a list of applications to have Kaspersky Endpoint Security encrypt all files that such applications create or modify on both hard drives and removable drives.
- Management of rules of application access to encrypted files. You can define an encrypted file access rule for any application. It blocks access to encrypted files or allows access to encrypted files as ciphertext only. By default, if no rules of access to encrypted files have been specified, programs are granted direct access to the files.
- Creation of encrypted packages for safe data sharing. You can create encrypted packages and protect access to such packages with a password. The contents of an encrypted package can be accessed only by entering the password. Such packages can be safely transmitted over networks or via removable drives.
Full disk encryption (FDE) for hard drives and removable drives features:
- Encryption of hard drives. You can specify the default hard drive encryption rule and create a list of hard drives to be excluded from encryption. After the hard drives have been encrypted, the user must pass authentication by the Authentication Agent before data on the hard drives can be accessed and the operating system loaded.
- Encryption of removable drives. As with file level encryption of removable drives, you can specify a default encryption rule by which the application applies the same action to all removable drives, or configure encryption rules for individual removable drives.
- Manage user rights to boot an OS on computers with encrypted hard drives. You can create user accounts with settings that allow or block user access to data stored on encrypted hard drives, after users pass authentication by the Authentication Agent.
- Restoration of encrypted devices. If an encrypted hard drive or removable drive is corrupted, you can restore your device's data using a special Restore Utility.
Different application modes depending on license type
Kaspersky Endpoint Security 10 for Windows can operate in the following modes depending on the type of license:
- Basic protection (Core). Provides minimum protection with the following functionality: File Anti-Virus, Mail Anti-Virus, Web Anti-Virus, IM Anti-Virus, network protection, Vulnerability Scan, Vulnerability Monitor, computer scan tasks, Advanced Disinfection technology, and System Watcher.
- Standard protection (Select). Provides standard protection that combines basic protection features with the following control components: Application Privilege Control, Application Startup Control, Web Control, and Device Control.
- Advanced protection. Provides maximum protection by combining standard protection functionality with data encryption features.
During application installation, the user is offered to choose the type of installation (basic, standard, full), or perform custom installation. If the active license covers more components than are currently installed, the application prompts the user to install the missing components. When the user activates a license that downgrades the current level of protection, the components that are not covered by this license behave in the same way as they do when the active license expires or the user chooses not to use a license.
Feature updates were implemented for Application Startup Control, Device Control, and Web Control components.
To install the application, run the setup file and follow the instructions of the Setup Wizard.
If you have the previous version of Kaspersky Endpoint Security 10 for Windows (Beta) installed, you must remove it before upgrading, after decrypting encrypted areas and hard drives.
During installation, Kaspersky Endpoint Security 10 for Windows detects and allows you to uninstall programs that may affect the performance of the user's computer (up to complete inoperability) when running concurrently with the application.
The application is compatible with Kaspersky Security Center 10 or higher.