Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 00:00:07 - 00:09:39 Kaspersky Endpoint Security Cloud provides all essential technologies needed to protect and administer not so big infrastructures, full fledged protection against threats for windows and macOS workstations and servers, protection for Android devices, anti-malware protection from phishing. Factory reset protection for iOS devices. Factory reset. Remote wipe protection for office 365. Malware protection. Quarantine protection against mail exploits and ghost spoofing. Data discovery. Kaspersky Endpoint Security Cloud is available in three versions Kaspersky Endpoint Security Cloud, Kaspersky Endpoint Security Cloud Plus, and Kaspersky Endpoint Security Cloud Pro. They differ in the set of included components. Kaspersky Endpoint Security Cloud ensures fundamental protection, Kaspersky Endpoint Security Cloud Plus features extended security management and controls, and Kaspersky Endpoint Security. Cloud Pro additionally provides incident investigation and response components as well as information security training. Let's start with the Kaspersky Endpoint Security for windows application. It protects devices against threats and helps control user's actions. The protection components are most numerous. They provide the following functionality. Virus scanning. File threat protection. Mail threat protection. Web threat protection. File threat protection constantly monitors files opened on the device and scans them for malware prior to allowing the user to access them. This is the most important protection component because it blocks most malware. Never disable it. Mail Threat Protection scans email messages and checks for malicious attachments on the fly. If mail threat protection is disabled, an attachment will be scanned by file Threat protection when the user tries to open it. However, it is easier to delete a malicious file before it is saved to disk. Besides, on the fly, scanning consumes fewer resources. Web threat protection intercepts web traffic and scans downloaded files for malware does not allow the user to open phishing websites or websites that spread malware. Disabling web threat protection makes the user vulnerable to phishing attacks. System scanning does not intercept anything. It runs on schedule and thoroughly scans files on the hard drive. Some components of Kaspersky Endpoint Security for windows do not search for malware. Instead, they help defend devices by reducing attack opportunities. Malicious files can get into the system in various ways. The user can download them from a suspicious site, receive them via email, copy them from an infected removable drive, and so on. To make matters worse, some malicious programs actively look for ways to get on a device they try to propagate throughout the network, or exploit a vulnerability to gain access to various resources. A firewall can block unnecessary connections. This is another popular method of dealing with attack opportunities. A laptop or workstation rarely needs to accept inbound connections. Usually it establishes outbound connections to websites, local servers, mail servers, and so on. A firewall prevents active network attacks by restricting incoming connections to the computer. The firewall in Kaspersky Endpoint Security for windows includes pre-set rules that block potentially dangerous connections, especially inbound connections from the internet. The Network Threat Protection component complements the firewall. Network Threat Protection analyzes information received over the network and compares it with signatures of known network attacks. If a match is detected, the connection is blocked. We can group Kaspersky Endpoint Security components as follows. Components responsible for static protection. Components responsible for dynamic protection in additional components. File mail and web threat protection pertain to static protection. They scan objects before they are launched and prevent the downloading of dangerous objects. Behavior detection, exploit prevention, remediation, engine and intrusion prevention play the main role here. The control components in the firewall also play their part. It is crucial to detect malicious objects. To solve this task, the behavior detection component monitors all software activities and compares them with dangerous behavior patterns. It controls file access operations, network connections, and system calls. Intrusion prevention categorizes applications into groups according to their trust level. Trusted. Low. Restricted, high. Restricted, and untrusted. Kaspersky Endpoint Security assigns a trust category to each application when it is launched for the first time. The main categorization tool is Kaspersky Security Network. Intrusion prevention restricts each application's interactions with other software depending on its trust category. Exploit prevention protects against various attacks when adversaries exploit vulnerable software to obtain administrator privileges or conceal the execution of malicious code, exploit prevention controls, application launch operations, and when a vulnerable application starts another application without an explicit user command, the launch is blocked. Remediation. An engine rolls back actions performed by malware detected by file threat protection, virus scan, and behavior detection. Any changes to the file system creating, moving, or renaming files or registry values. Creating registry entries will be canceled. The database that contains malware descriptions helps detect most malicious files when scanning objects for malicious code. Kaspersky Endpoint Security checks whether the database contains similar descriptions. When a new malicious object appears, Kaspersky adds a new description to the database to ensure reliable protection. The most recent version of the database must be available on the device. A special update module is responsible for this. It automatically checks for updates and downloads the very latest data to the device. To be assured of protection, update the database regularly. It is also important to allow Kaspersky Endpoint Security to use the Kaspersky Security Network. Kaspersky Security Network CSN is a cloud technology that improves accuracy of decisions made by the protection components. Kaspersky Security Network receives information about files from protected devices, analyzes it using machine learning, takes into account when a file was first detected, whether it is widespread and in which regions, whether it is signed with a certificate, what certificate, and so on. Kaspersky experts also analyzed numerous suspicious files after the analysis. Each file is placed into one of the trust groups that we mentioned earlier. For each trust group, Kaspersky analysts have developed scenarios what a file is allowed to do and what is forbidden depending on the group's reputation. File encrypting ransomware is Trojan malware that encrypts files on the computer and demands a ransom for their decryption. File encrypting ransomware gets on a device through email messages and websites. When you open a questionable attachment or click an infected banner to allay suspicions. Adversaries often forge messages from banks and tax organizations as soon as encrypting ransomware gets on the computer, it connects to its command and control server and sometimes requests an encryption key from it. Then, the ransomware encrypts files in local and network folders and deletes the originals along with the encryption key. As a result, only the attackers have a copy of the key. When encryption is completed, the ransomware displays a message demanding the user pay a ransom in cryptocurrency for decryption. Kaspersky Endpoint Security Cloud protects against encrypting ransomware at all stages of an attack. It intercepts infected messages and links to sites that distribute malware, prohibits saving of malicious objects to the drive, prevents questionable applications from accessing files. Does not allow the user to run suspicious files. Kaspersky Endpoint Security Cloud features two control components device control and web control. Device control restricts the connection of certain devices such as removable drives, modems, or printers to the computer. Device control reduces the risk of not only infections, but also data leakage if it is forbidden to connect. Drives and printers to the computer, then it will be impossible to copy or print sensitive data. Web control can be compared to parental control in the business context. Web control can prohibit users from visiting social networks, job sites, the sites of arms or drug dealers, and viewing adult content. You can also prohibit the downloading of audio, video, and executable files from the internet. In addition to reducing the chances of infection, this component increases work efficiency by preventing distractions. Kaspersky Endpoint Security Cloud allows you to enforce encryption on managed windows and macOS devices. Encryption prevents unauthorized access to data stored on the device. Windows devices are encrypted using BitLocker. This is a Microsoft windows security and encryption feature. When managed via Kaspersky Endpoint Security, BitLocker encrypts all logical partitions. Recovery keys are stored in the Kaspersky Endpoint Security Cloud infrastructure. Encryption management is available starting with Kaspersky Endpoint Security Cloud Plus. You can use Kaspersky Endpoint Security Cloud to install software updates that fix vulnerabilities found on protected windows devices. Update management is also available starting with Kaspersky Endpoint Security Cloud Plus. Kaspersky Endpoint Security for Mac differs from Kaspersky Endpoint Security for windows. macOS is considered to be a more secure system, and fewer components are used, namely virus scanning. File threat protection. Web threat protection. Network threat protection. Filevault encryption.9948