Recommendations for proper product for my servers and endpoints needed

[ITAVA 0]

I support clients. One recently got hit with a ransomware. The Windows Defender got disabled and it spread its love all over the place making Jack a mad boy. Of course turning it back on it did find the exploit "Ransom:Win32/Ako!MSR" (apparently a relatively new one), which it did remove the bad executable, but of course cannot decrypt the encrypted. 

Servers are WIN2008 to WINServer 2016, SQL standard on a few of them. AD on some also. Some File services and also Office 365 / OneDrive synced, and Sharepoint online and synced.

So checking on various products as an alternative,  I saw some tests on ESET VS Ransomware. And saw comments by Mario, and admin here. So I need some recommendations on a bulletproof solution that can protect our servers and all endpoints, WIN10 computers, MACs, IOS and Android. ESET makes a variety of products, Im unfamiliar with them all. I need to know, and rather quickly a no B.S. solution I can rely on. Can you please recommend a product set or who can I call to setup business level solution that can grow with the company. Licensing etc?  I have heard great things about ESET over the years. Everyone says they are the best, but so far I have very little negative about ESET, still I don't want geeky opinions, I need real enterprise level protection, period. We pay for great, and expect greatest. I am not one that wants to risk my clients solutions with guessing. I can then take this to all my clients as we move forward, as long as it won't hose me unexpectedly one mornign when Im trying to sleep in with panicking phone calls (you know what I mean? I need it to protect from new ransomware or other exploits, malware.  

I am open for your recommendation or direction.

Thank you kindly. 

Edited April 17, 2020 by ITAVA

[Marcos 5,074]

Thank you for your interest in using ESET products. We provide a complete portfolio of products that cover mobile devices, endpoints as well as file and mail servers on all platforms (Android, Windows, Linux, Mac).

I would recommend to start with spending a few minutes by reading about various technologies that ESET has developed and that protect our users at different layers: https://www.eset.com/int/about/technology/

For mobile devices we provide ESET Endpoint Security for Android and ESET Secure Authentication for 2FA.

For endpoints you can choose from ESET Endpoint Antivirus and ESET Endpoint Security (the latter contains also firewall, antispam and Web Control for blocking websites by categories).

We also offer full disk encryption and Endpoint Detection and Response (EDR) solutions.

For a list of all cloud and on-premise business products that we provide, please read https://www.eset.com/int/business/portfolio/.

Besides products, we also provide additional services, such as:
ESET Dynamic Threat Defense (instant analysis of files in ESET cloud sandbox and distribution of results within the organiztion)
ESET Threat Intelligence (provides insight into threat intelligence, can be used to get alerts if your organization is targeted by phishing, etc.)
ESET Threat Hunting (a service that utilizes ESET's EDR solution ESET Enterprise Inspector to trace an infection back to its source)
ESET Threat Monitoring (a service that utilizes ESET Enterprise Inspector to monitor your network for security incidents and weak points that could be exploited for attacks)

Feel free to ask if you have any questions.

 

To prevent attacks especially those connected with ransomware and file encryption, it is crucial that RDP is secured. You can consider disabling RDP where not needed, use 2FA or firewall rules to allow RDP connections only from specific IP addresses or ranges, etc. Users with RDP access should use a strong password that is not easy to guess or brute-force. While ESET products can substantially mitigate RDP attacks and a complete brute-force attack protection will be introduced soon, additional measures can only improve the overall protection.  Among such measures are also additional anti-ransomware HIPS rules that you can apply via a policy as per https://support.eset.com/en/kb6119-configure-hips-rules-for-eset-business-products-to-protect-against-ransomware.