K7 Endpoint Security (K7 EPS) provides comprehensive, multi-layered endpoint and server protection against cyber threats. Available in on-premises or cloud deployment models, the carrier-class solution protects businesses from brand erosion, financial loss, customer data loss, and IP theft due to

Administrative Features

Group & Policy Based Administration

Grouping of Endpoints Admins can create any number of groups and manage them with individual security policies for each group
Default and Customised Security  Policy Enforcement A standard security policy will be applied automatically by default; admins can create customized policies
Policy Override Global policy changes can be implemented easily across the organization, without having to edit multiple policies. The feature can be used to add to local policies or override selected settings in local policies
Group(s)/Branch specific Administrators Super admin can create other administrators with restricted or full access to manage specific groups of endpoints (on-premises)

Web-based Control

Web-based Admin Console IT Admins can control endpoint security from anywhere in the network. Admins can configure/modify settings and policies for the endpoints from the console
K7 Proprietary, Custom Built, Light Weight Web Server for Greater Performance and Smaller Footprint (can be installed on a Windows desktop) Customer does not need to invest in and maintain heavy duty middleware such as Apache, IIS, or any other server. No need to purchase any specific server hardware or OS as any Windows machine can act as server; supports Windows 7 SP 1 (32/64 bit) onwards

Device & Application Control

Device Control (including Wi-Fi
Allow or Block devices such as Wi-Fi dongles. Allow or block devices using Class IDs and Device IDs. Simple and effective implementation of device and data control
External Device Blocking Block unauthorized data storage devices, such as USB drives, for data loss prevention
Data Access Control on Devices Controls Read Only/Write access to data storage devices that are allowed to connect to the computer
Wi-Fi Access Control Admins can allow/block laptop Wi-Fi connectivity either inside or outside the office
Comprehensive Application View
and Control
Automatic reporting of applications running on endpoints, which admins can then allow or block.  Version-based blocking of applications helps admins block older versions of applications (on-premises)

Web Protection

Phishing and Fraudulent Website
Malicious websites will be blocked
URL Filtering Allow or Block specific URLs for different groups
Category-based Web Filtering Block access to websites by category, with different restrictions for business and leisure hours


Dashboard View Detailed Home Screen provides a quick glimpse of the security status of all endpoints
Admin Dashboard Clients can add their logo to the console


Security Notification in Console Special dashboard widget provides notifications to admins on the failure of client installation, real-time scanning failure/disabled, unsuccessful action on threat detection, out-of-date definitions, security patch requirement, license exceeded/expired/unable to update, subscription expiration, and hardware change
Email Notifications Admins are quickly notified of security events, such as virus outbreak on the network, out-of-date virus definitions, OS security patch required, etc.
Notification on Interruption of Scheduled Scan Email and dashboard notifications help admins ensure that endpoints don’t miss scheduled scan operations

Database (On-premises)

Built-in Database K7 EPS is bundled with SQL Express database which can store up to 10 GB of data about the endpoints
Integration with Client’s Existing MS
SQL Database
Admins can integrate K7 EPS with the MS SQL database they use in their organization
Automatic Data Cleanup on Server Automatic & periodic purging of endpoint data to make more space available on the server database

Update & Add-on Server (On-premises)

Single Update Server for Multiple Endpoints Saves organization’s network bandwidth
Add-on Server for Branch Offices Large or multi-branch installations can distribute network bandwidth load from the server to add-on servers


Regular Automatic Updates Keeps endpoints up-to-date always
Offline Update Can be used where server & endpoints are not connected to the internet/connect infrequently
Intelligent In-office /Out-of-office Update Mechanism Endpoints that are not connected to the local network can receive definition/program updates through the internet


Customized Actions on Document & Executables Documents/executables that cannot be cleaned can be quarantined instead of deleted to avoid data loss/enable data recovery
Centralized Quarantine and Restore Management Suspicious files which are quarantined from endpoints can be restored after admins verify that the files are clean. Central and local quarantine options available (on-premises)

Hassle-free Endpoint Deployment

Remote Installation Can be installed by end-user/be pushed to endpoint
Quick Installation with
Pre-configured Policy Settings
The installation package can be downloaded to an endpoint with preconfigured settings for the group it belongs to
URL Download Installation URL to download endpoint setup can be provided
Email Installation URL for endpoint setup download can be automatically sent through email
Active Directory Support EPS can be pushed/installed through Active Directory
Cloned Machine Support Admins can include EPS in system images

Other Features

Global Quick Search Admin can quickly view and jump to a particular Computer/Application/Malware/Website Blocked from a single search box
Remote Tasks on Specific Endpoint Perform remote scan/update/restart/uninstall EPS on any endpoint at any time
Automatic License Removal Automatic removal of non-reporting devices for optimized license utilization
Security and Status Reports Admins can easily ascertain the state of enterprise cybersecurity through threat detection reports and update/scan status summaries
Computer 360 Provides detailed information on a single endpoint
Low-impact Protection Does not slow down the device or clog the network; no need to upgrade hardware or increase internet bandwidth. #1 in AV-Comparatives (Austria) Performance Test
Custom Columns or Fields to Manage Endpoints Admins can create customized columns to identify and manage endpoints by device alias

Endpoint Features

Comprehensive Endpoint Security

Complete Endpoint Protection Blocks Viruses, Ransomware, Spyware, Rootkits & other malware
Proactive Real-Time Scan Automatic background scanning of new files. Files are scanned on-access
Advanced Rootkit Malware Detection Dedicated scanner for Rootkit malware
Email Protection Scans incoming and outgoing emails
Ransomware Protection Advanced signature and behaviour based ransomware protection for endpoints
Tracking Cookies/Vulnerability Scan Special scan for cookies and vulnerable objects
Exploit Protection Blocks Viruses, Ransomware, Spyware, Rootkits & other malware
Host-based Intrusion Prevention System (HIPS) Blocks execution of suspicious programs
Fast and Smart Scanning on Endpoints Files that have been scanned will not be scanned again unless the file content changes
USB Vaccination Protects USB devices from Autorun malware
Tamper Protection Prevents malware from tampering with or compromising K7 EPS

Smart Internet Protection

Intelligent Firewall Automatic in-office/out-of-office internet access configuration (on-premises)
Security for Wi-Fi Connections Unsecured Wi-Fi connections will not be allowed
Intrusion Detection & Prevention Automatically detects and blocks network-based hacker attacks
Browser Protection/ Drive-by-Download Blocking Monitors Viruses & Trojans entering through Browsers & ActiveX

Smart Updates

Regular Automatic Updates Endpoints will receive updates automatically at regular intervals