Unified Threat Management Without Complexity
Protect your network from viruses, malware and malicious activity with Kerio Control, the easy-to-administer yet powerful all-in-one security solution.
Kerio Control brings together multiple capabilities — including a network firewall and router, intrusion detection and prevention (IPS), gateway anti-virus, VPN and content filtering. These comprehensive capabilities and unmatched deployment flexibility make Kerio Control the ideal choice for small and mid-sized businesses.
Network Firewall, Router and Leading-Edge IPS
Preserve the integrity of your servers with deep packet inspection and advanced network routing capabilities — including simultaneous IPv4 and IPv6 support. Create inbound and outbound traffic policies, restricting communication by specific URL, traffic type, content category and time of day.
Kerio Control’s IPS adds a transparent layer of network protection, with Snort-based behavior analysis, and a regularly updated database of rules and blacklisted IP addresses from Emerging Threats.
Advanced Sophos Gateway Antivirus
Keep viruses, worms, trojans and spyware from infesting your network with integrated Sophos Gateway Antivirus.
The optional Sophos Antivirus service scans all web and FTP traffic, email attachments and downloads, automatically updating itself with the latest virus definitions.
Industry-Leading Web and Content Filtering
Selectively block, allow or log access to 141 categories of web content with Kerio Control Web Filter. Keep bandwidth-hogging traffic like streaming video off your network or block peer-to-peer networks. Keep your users from visiting malware sites that are known to contain viruses and spyware or to engage in phishing or identity theft.
The optional Kerio Control Web Filter service limits legal liability, protects your network and boosts user productivity by limiting user access to dangerous or inappropriate sites or those that just plain waste time.
Unmatched Quality of Service
Easily prioritize and monitor network traffic to guarantee high-speed transmission for the most important traffic types. Internet Link Load Balancing optimizes Internet access by distributing traffic across multiple links. Kerio Control monitors link availability, and automatically disables or re-enables links to ensure continuous Internet access.
Kerio Control QoS gives you fine-grained control over how much bandwidth each type of network traffic can consume. Cap lower priority traffic by setting a bandwidth maximum, or guarantee high priority traffic by assigning a minimum. Kerio Control also uses Internet Link Load Balancing to distribute Internet traffic across multiple links.
Productivity-Boosting Usage Reporting
Get detailed usage reporting with Kerio Control Statistics. This component lets managers and admins view the Internet activity details of individual users — from a list of all sites visited and when, to the specific search terms users enter on search engines and regular websites with search capabilities. Use these granular usage insights to refine traffic-shaping rules, monitor employee performance, and more. Best of all, these highly granular reports can automatically run on a schedule and be emailed to you, ready for your review — no need to actively pull reports each week.
Link headquarters to remote users and branch offices — even third-party firewalls — securely and easily. Secure your client-to-site and server-to-server connections with Kerio’s proprietary VPN client, which requires no configuration, is user-friendly, and provides a high performance network connection. Or, use industry-standard IPsec to use standard VPN clients, such as those preloaded on mobile devices, and to allow VPN connections to pass through non-Kerio firewalls and routers.
Handle all administration and configuration activities from a customizable web-based console — no matter the deployment option you choose.
Manage anytime, anywhere from your desktop or tablet. Monitor system health and network traffic. Quickly and securely access security settings, manage users and bandwidth, and set traffic policies from an intuitive interface. Automatically back up your custom settings to secure cloud-based storage via integration to Samepage or to FTP.
Bring secure operations to any IT environment, now and going forward.
Kerio Control deploys as a software appliance, a virtual machine, or a performance-optimized hardware appliance. It supports your organization’s IPv6 strategy, whether you’re transitioning from IPv4 or use both protocols. And you can use your favorite SNMP tools to monitor Kerio Control’s status.
Case Study: Yachtcomputing
Ed Lasher of Yachtcomputing is no stranger to the challenges the open sea can bring a luxury yacht. His clients demand the highest level of service and expect online access when they need it, where they need it. Luxury yachts are expected to be at the forefront of technology, with the vessels offering every bell and whistle available.
Kerio Control Features
Firewall and Router
- ICSA Labs Certified Corporate Firewall
- Deep Packet Inspection
- Protocol Inspection
- Stateful Packet Inspection (SPI)
- DHCP Server
- DNS Forwarding
- NAT Mapping
- MAC Filtering
- Guest network with captive portal (new in 8.4)
- 802.1Q VLAN Support
- Traffic Rules Configuration Wizard
- Time Based Rules
- HTTPS inspection (new in 8.4)
- Rule Exemption Capability
- Connection Limits
- Multiple IP Addresses on a Single Network Interface (multi-homing)
- Dynamic DNS
- Customizable Routing Table
- Reverse proxy
- Simultaneous IPv4 and IPv6 Support
- IPv6 Network Prefix Translation (new in 8.4)
- IPv6 Router Advertisements
- Split tunneling or forced tunneling option
- Multiple/simultaneous site to site tunnels
- Kerio VPN client-to-site/site-to-site
- IPsec client-to-site/site-to-site
- Kerio VPN clients for Windows, Mac & Linux
- Optional persistent connection
- Multiple stored VPN connections
- Strong SSL encryption
- VPN tunnel failover
- NAT support
- User authentication via AD,OD or local directory
- L2TP over IPsec mobile device connections
- Automatic or custom routing
Reporting & Monitoring
- Kerio Control Statistics reporting module
- Detailed usage reports: Web site, protocols, bandwidth
- Filter reports by individual user, group, or entire network
- Automated daily/weekly/monthly email reports
- Top visited websites & top users per web category
- Hourly traffic by user
- Google search keywords
- Kerio Control Web Filter reports
- External logging to syslog
- SNMP monitoring
- System Health Monitor
- Traffic Charts
- Administrative Dashboard
- Traffic categorization (multimedia, messaging, large file transfers…)
- Real-time host activity monitoring
Load Balancing and QoS
- Link-load balancing
- Distribute traffic across multiple connections
- Automatic active/active & active/passive connection failover
- User-based and group-based traffic rules
- User data transfer quotas
- Custom bandwidth quota & speed limits
- Guarantee bandwidth for high priority traffic (Quality of Service)
- Restrict bandwidth for low priority traffic
- Rules by time interval, traffic type, users, service, DSCP
- Distribute traffic across multiple connections
- Monitor bandwidth with real-time charts
- Real-time interface bandwidth usage monitoring
- Apply policies to VPN tunnels
- Remote web-based administration with Administration Dashboard
- Variable level administrative rights
- One-click software/firmware updates
- Web-based debugging tools
- Configuration export/import
- Backup configuration to Samepage.io or FTP server
- Active Directory, Open Directory, local directory user authentication
- Domain template for default user configuration
- Auto logout after timeout
- Configurable time ranges for groups
- Multi-Language Support
- Time interval restriction
- P2P (peer to peer traffic) Eliminator
- URL categories (Kerio Control Web Filtering)
- Custom denial page
- Administrative alerts
- Custom URLs
- Support for regular expressions in URL rules
- Forbidden words
- FTP policy
- Proxy Server
- URL White-listing
- Sophos Antivirus
- File Types
- Active Directory/Open Directory integration
- Proxy server authentication (for Terminal services)
- Kerberos/NTLM Authentication
- RADIUS server (new in 8.4)
- Password guessing protection
- NT Domain
- Web Login
Intrusion Detection and Prevention (IPS)
- Snort-based packet analyzer
- Emerging Threats rules database
- IP blacklist database
- Three security levels
- False positives exception handling
- Applied to IPv4 and IPv6 traffic