Categories Reviews

Review: Network security solution Kerio Control

Product homepage: click here

Free trial offer: click here

Network security tools are notorious for being complex. Many such tools require a steep learning curve, even for seasoned IT pros. However, GFI is bucking the trend with its Kerio Control. Kerio Control is a comprehensive network security application for SMBs that has been specifically designed to be easy to use.

Deployment process

Kerio Control can be downloaded as an ISO file or as a VMware or Hyper-V virtual appliance (physical appliances are also available). For this review, I opted to use the Hyper-V option. The download consisted of a virtual hard disk file (in VHD format). I simply created a Hyper-V virtual machine, and then attached the VHD file.

Once the VM had been set up, I booted it and was presented with a message telling me where to point my browser to access the administrative interface. If you look at the screenshot below, you can see that there is a message stating that you can press “Enter” to access the console. I used this option so that I could assign the VM an IP address that fell within the range used on my virtual network.

Kerio Control boot screen

When I opened a web browser on another machine and navigated to the specified URL, I was presented with the server’s Activation Wizard. The activation process consisted of specifying a language, accepting the license agreement, and setting an initial password.

Once I completed the Activation Wizard, I was taken to the Configuration Assistant. As you can see in the screenshot below, the Configuration Assistant helps with all of the initial configuration tasks such as registering your license and configuring Internet connectivity. I found the process of configuring Internet connectivity and registering the product to be simple and intuitive.

Configuration Assistant helps with the initial configuration tasks

With Kerio Control fully configured, I decided to turn my attention to its firewall. The Kerio Control firewall can be configured through a series of traffic rules. One thing that I especially like about Kerio Control is that it displays the traffic rules in a simple and unambiguous way that should make sense to anyone who has basic networking knowledge. You don’t need to be a networking expert to configure the traffic rules. In fact, the most essential rules exist by default. GFI even went so far as to color-code the rules to help illustrate what they do. You can see the traffic rules in the screenshot below.

Default traffic rules built into Kerio Control

Because these rules exist by default, I didn’t have to do anything special to make Kerio Control function as a NAT router. Once I configured the machines on my test network to use the Kerio Control server as a default gateway, those machines received Internet access without any issues.

Antivirus

One of Kerio Control’s most noteworthy features is its antivirus capabilities. While legacy antivirus products often focus on scanning files to determine whether or not they contain malicious code, Kerio Control can scan network traffic. As you can see in the next screenshot, Kerio Control can scan both HTTP and FTP traffic. Additionally, the software can check inbound email for malware through SMTP and POP3 protocol scanning.

Kerio Control can perform network-level malware scanning

Web content filtering

Another key capability found within Kerio Control is its ability to filter web content. The content filter interface is nearly identical to the interface used for managing traffic rules but allows admins to regulate the types of Internet traffic that are and are not allowed within the organization. As you can see in the next screenshot, Kerio Control is configured by default to block advertisements and banners, audio and video files, peer-to-peer traffic, and traffic related to hacking and malware. As such, the content rules are not merely designed to prevent users from accessing inappropriate content, but they can also be used as a tool for shielding the organization from attack.

Content Rules allow you to regulate Web content within your organization

In addition to the content filtering capabilities shown in the figure above, Kerio Control can also enforce the use of safe search and block pages containing various words or phrases. The software also contains a whitelist option that can be used to override the filters for sites that are known to be safe.

Additional infrastructure and reporting features

Kerio Control includes many infrastructure components that can help to make life a bit easier for smaller organizations. For example, the software provides DNS caching, which can help users experience more responsive browsing. There is also a built-in secure VPN functionality, and the Kerio Control server can even be configured to act as a DHCP server.

One of the things that impressed me about Kerio Control is that it can be configured to map groups and user accounts from the Active Directory. By doing so, it becomes possible to keep track of activity on a user-by-user basis. The software includes reporting capabilities that allow you to track which sites users are visiting, and how much network traffic users are generating, among other things. You can see an example of this in the screenshot below.

Kerio Control provides rich reporting capabilities

If Kerio Control is mapped to an Active Directory, the report shown in the screenshot above will show you which specific users accessed which sites. It is even possible to block web access to users who are not logged in to prevent users from acting anonymously.

Pricing

Pricing for a Kerio Control virtual appliance like the one that I based my evaluation on starts at $320 per year (covering the minimum of 10 licenses). Prices decrease per user at higher volumes. The Deluxe edition, which includes antivirus and web-filtering capabilities costs $380 per year, again for the minimum 10 users. GFI offers several different Kerio Control hardware appliances with prices ranging from $575 to $1,599 per year, plus required software licenses.

You can find the full pricing information, and a listing of the various available plans here.

The verdict

I always wrap up the reviews I write for TechGenix by assigning a numerical score to the product that I am evaluating. These scores range from zero to five stars, with five stars being the highest possible score. I decided to give Kerio Control a score of 4.9, which is a Gold Star review.

Throughout my evaluation, I consistently found Kerio Control to be completely intuitive. That’s quite an accomplishment for a network security tool. So many of the competing tools that I have used in the past seem needlessly overcomplicated.

The other thing that really impressed me about Kerio Control is the sheer number of features it includes. As you may have gathered from the screen captures, its feature set goes far beyond what I can cover within a review.

Kerio Control is an excellent choice for any small or medium-sized business that needs a reasonably-priced network security suite that not overly difficult to use.

Rating 4.9/5

Brien Posey

Brien Posey is a freelance technology author and speaker with over two decades of IT experience. Prior to going freelance, Brien was a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network engineer for the United States Department of Defense at Fort Knox. In addition, Brien has worked as a network administrator for some of the largest insurance companies in America. To date, Brien has received Microsoft’s MVP award numerous times in categories including Windows Server, IIS, Exchange Server, and File Systems / Storage. You can visit Brien’s Website at: www.brienposey.com.

Share
Published by
Brien Posey

Recent Posts

Can ‘silent meetings’ solve your IT planning woes?

Companies are adopting the concept of silent meetings as a way to make business meetings more productive. Does this work?

1 hour ago

CES 2020: Latest innovations in laptops and smartphones

Befitting the world’s largest consumer electronics show, a slew of innovative tech products and services were showcased at CES 2020.…

18 hours ago

WordPress vulnerability puts 300,000 at risk for attack

A WordPress vulnerability that could affect 300,000 users has been identified and patched. By if admins don’t update, they remain…

22 hours ago

PowerShell jobs — because you have better things to do than wait

If you run PowerShell commands that take a while to complete, consider using PowerShell jobs, which will allow the command…

1 day ago

Validating virtual networks rules in a Storage Account using PowerShell

Here’s a TechGenix Quick Tip on how to use PowerShell to retrieve a list of virtual network rules in a…

2 days ago

Dell launches selection of new PCs, displays, and software

A line of new Dell PCs, with innovative tech capabilities like AI and 5G, are aimed at both personal and…

2 days ago