Solution architecture

Kaspersky Endpoint Detection and Response Optimum 2.3 includes the following components:

• EPP applications that support Kaspersky Endpoint Detection and Response Optimum functionality and are installed on separate devices in the IT infrastructure. These applications continuously monitor the processes running on protected devices, open network connections, and files being modified.

  An application included in a protection system for endpoint devices (Endpoint Protection Platform, or EPP). EPP applications are installed on endpoint devices within the IT infrastructure of an organization (for example, mobile devices, computers, or laptops). An example of an EPP application is Kaspersky Endpoint Security for Windows, as part of the EPP solution Kaspersky Endpoint Security for Business.

  An integrated system of complex protection for endpoint devices (for example, mobile devices, computers, or laptops) that includes various security technologies. An example of an Endpoint Protection Platform is Kaspersky Endpoint Security for Business.

• Solution for centralized network security management (Kaspersky Security Center or Kaspersky Security Center Cloud Console).
• Kaspersky Sandbox (optional component, distributed separately) is intended for additional inspection of suspicious objects detected by an EPP application. For detailed information about Kaspersky Sandbox, refer to the Kaspersky Sandbox Help.
• Threat Intelligence:
  • Kaspersky Security Network (KSN) cloud infrastructure that provides access to the online Kaspersky Knowledge Base, which contains information about the reputation of files, web resources, and software. Using data from Kaspersky Security Network ensures that Kaspersky applications respond more quickly to threats, improves the performance of some protection components, and reduces the likelihood of false positives.
  • Integration with Kaspersky Private Security Network (KPSN) that lets users access KSN reputation databases, as well as other statistics without submitting data to KSN from their devices.
  • Integration with Kaspersky Threat Intelligence Portal platform, which contains and displays information about the reputation of files and URLs.
  • Kaspersky Threats database.