Kaspersky Total Space Security
October 01, 2008
£8,250 for 500 users for one year (exc VAT)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Comparatively easy to deploy, strong centralised management, policy based security, good reporting and notification
- Weaknesses: Manuals galore, tedious licensing procedures, problems with Exchange component
- Verdict: Offers plenty of security features with huge platform support for a reasonable price
As anti-virus software vendors increase the number of platforms their various software products support it makes sense to be able to manage them centrally.
The latest Total Space Security (TSS) solution aims to bring together virtually everything Kaspersky owns and monitor the lot from an administrative console.
All of its anti-virus products are included. These range from Windows, NetWare and Samba servers to Windows and Linux workstations plus parts for Exchange and Notes whilst gateway protection extends support to ISA Server, Proxy Server and Check Point Firewall-1 systems.
Installation depends how many products you plan to use, but it involved plenty of manual reading as there are separate guides for each component. For testing we used a Dell PowerEdge 2900 equipped with dual-core Xeons and running Windows Server 2003 R2 and Exchange Server 2003. For our network clients we used a range of systems loaded with Windows XP and Vista. The admin console requires a SQL database and Kaspersky provides MSDE2000 if required.
TSS doesn't take long to install as you just add details about where you want your software deployment packages stored, how clients find the administrative server and how they authenticate with it.
The TSS console is an MMC snap-in. On first contact it starts a wizard to get you up and running where it builds a logical network based on its scans, sets up email notification, automatically creates a base protection policy for workstations and downloads the latest updates.
Another wizard deploys Kaspersky's network agent to all systems that are to be included in the management picture. Usefully, you can allow it to deploy to all systems discovered in the previous process or select them manually. Once the network agent is running you can deploy anti-virus packages to your users and the deployment wizard creates these from the downloaded executables.
Next you have to licence them but we found the file names and designations for the keys that Kaspersky supply make no reference to which component they were actually for, making this process extremely tedious.
Once this was sorted we could now create policies and tasks to control what operations we wanted to carry out on our client systems.
Policies determine what components of the client software are active and how they behave. During creation you select the application you want to manage and choose from the options presented.
For the workstation software you can decide on the level of protection to apply and there's plenty to choose from with file, mail and web anti-virus tools, anti-spyware, anti-spam and Kaspersky's proactive defense - which looks for suspicious program behaviour, protects the registry and keeps Office applications safe.
Policies can be applied as soon as they have been created or left inactive. The mobile option causes them to become active only when a system is disconnected from the main network.
Tasks push updates out from the central server and run applications with specific sets of parameters. Setting up automatic updates is easy enough as you choose an application, pick the predefined update task and schedule it to run at regular intervals, as soon as they are received by the central console or when an attack has been seen. The Exchange component cannot be deployed remotely and must be installed locally on the system running the mail server. This loads a separate local management console but also requires an extra plug-in for it to be able to communicate with the TSS console. A policy is used to remotely manage it. This allows you to decide what to do with infected objects and spam, how attachments should be treated and what notifications should be sent.
We encountered numerous problems as the original executable Kaspersky supplied happened to be the wrong one.
When we were given the correct file the plug-in was loaded but wouldn't talk to the console.
We passed the main server event logs to Kasperksy, and it came to the conclusion that an automatic Windows update that had occurred during the test had deemed some actions of the TSS components to be risky and had blocked them so stopping the plug-in from communicating with the console.
The integration of Total Space Security is not seamless and the plethora of manuals you need to peruse makes for a tiresome experience.
Kaspersky certainly offers a lot of features and platform support for the price but from our experiences needs refining.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry