Kaspersky Endpoint Security for Windows offers the following features and improvements:
Integration of Endpoint Sensor, which is a component of Kaspersky Anti Targeted Attack Platform:
IoC scanner (Indicators of Compromise)
Incident response tools
Incident investigation capabilities
Support for server operating systems as part of the Behavior Detection, Remediation Engine, and Exploit Prevention components.
Protection of shared folders against remote encryption as part of the Behavior Detection component.
User interface improvements:
Grouping of protection components into the following sections:
Advanced Threat Protection.
Essential Threat Protection.
Naming of components in accordance with the current state of information security:
The File Anti-Virus component has been renamed to File Threat Protection.
The Mail Anti-Virus component has been renamed to Mail Threat Protection.
The Web Anti-Virus component has been renamed to Web Threat Protection.
The Network Attack Blocker component has been renamed to Network Threat Protection.
The System Watcher component has been split into the following components: Behavior Detection, Remediation Engine, Exploit Prevention.
The Application Privilege Control component has been renamed to Host Intrusion Prevention.
The Application Startup Control component has been renamed to Application Control.
Cloud mode for Threat Protection: condensed anti-virus databases when using Kaspersky Security Network require less RAM and hard drive space.
Device Control:
New Anti-Bridging feature (blocks unauthorized commuting between networks)
New capability to import/export a list of trusted devices (in XML format, which is convenient for manually reading and editing)
Application Control:
Enable test mode for individual rules
New KL category included in the Golden Image category: Trusted certificates.
You can use a simplified interface for Kaspersky Endpoint Security: you can bring up the context menu of the application icon in the taskbar. However, the main application window is unavailable from here.
The checksum (hash) of a detected file is sent to the Kaspersky Security Center Administration Server, is indicated in reports, and can be used for configuring exclusions (Trusted Zone).
Masks (*,?, **) are supported in Trusted zone settings.
Protection level indicator for a Kaspersky Security Center policy that notifies in case critically important protection components are disabled.
Various usability improvements:
Simplified Initial Configuration Wizard
Optimized license management
In Kaspersky Endpoint Security 11 for Windows, the following features are no longer supported: Quarantine, IM Anti-Virus, Vulnerability Scan.