Kerio Control is a comprehensive network security solution tailored to the needs of SMBs. It covers four key areas of business protection – Network Firewall, Intrusion Protection, Gateway Anti-Virus and VPN services.
Prevent viruses, worms, Trojans and spyware from invading your networks with application-aware Web filtering technology that blocks access to 141 categories of website content and applications.
Network Firewall
Kerio Control provides network resources with next-generation firewall capabilities, activity reporting and bandwidth management, gateway anti-virus and content filter features that are easily manageable via its secure web interface. Deploy it as software appliance, virtual machine or performance-optimized hardware appliances – while automatic upgrades and self provisioning features help simplify deployment for even the busiest businesses.
Secure Internet connectivity by creating an extensive set of security policies based on time intervals, traffic and content rules, bandwidth limits, services such as DSCP, users web categories URL groups and file types. Comprehensive reports detailing user Internet usage help limit legal liability while improving productivity.
Locate and block malicious activities using a powerful threat prevention engine equipped with signatures and dynamic analysis for protection from both known threats and unknown attacks. Furthermore, deep packet inspection scanners scan incoming and outgoing data traffic in order to detect malware before it enters your network.
Kerio Control provides an effective way to lower costs and network congestion by spreading bandwidth across multiple Internet links. Kerio can load balance traffic across two WANWide area network connections; typically one of which connects directly to the Internet, with another connected to corporate networks or VPN servers. Administrators can define policy routing rules to route outgoing connections to specific WAN links while setting maximum bandwidth limits per connection type.
Kerio Control makes user administration simpler by connecting it to an external directory service, such as Apple Open Directory for Mac-based networks or Microsoft Active Directory for Windows-based domain networks, enabling administrators to map users to Kerio Control database with ease.
Kerio Control allows administrators to restrict internal access through password and authentication policies, and its firewall can restrict applications and web pages by IP address – this feature helps stop employees from downloading illegal music and movies as well as reduce risks such as software installation and spyware installation.
Intrusion Protection
Kerio Control provides an Intrusion Prevention System (IPS). An IPS is typically integrated into firewalls or routers and detects network traffic behavior indicative of malware attacks, so as soon as threat levels increase an IPS can drop, log or permit access to affected hosts.
IPS signature databases are regularly updated to detect emerging threats. This process occurs automatically at least once every 24 hours or can be scheduled hourly.
To protect networks against malicious activity from outside, an IPS uses a rules database with network behavior signatures known to be linked with various forms of attack. These signatures come from various sources and help detect patterns in network traffic that indicate such attacks.
As well as using signature-based detection capabilities, an Intrusion Prevention System monitors network traffic for suspicious activities that fall outside normal parameters, and blocks any that it finds if necessary. Examples of activities which can be blocked by this IPS are pinging, port scanning, IP address hijacking and Man-in-the-Middle attacks.
The IPS offers additional capabilities, such as blocking P2P traffic that is commonly associated with spyware and virus distribution, and filtering for JPEG image files that cause buffer overflows on unpatched Windows Operating Systems and enable arbitrary code execution (MS04-028).
As an additional security measure, the IPS implements Content Security Policy (CSP), which blocks any traffic not necessary to reach its destination on the internal network and thus prevents unauthorized access to sensitive applications and data.
Get more from your investment with a comprehensive network security solution that includes next generation firewall and router functionality, intrusion prevention, gateway anti-virus, VPN connectivity and web content and application filtering capabilities. All features can be easily managed from a centralized interface which supports desktop as well as mobile devices.
Gateway Anti-Virus
Kerio Control provides your network with gateway anti-virus protection to safeguard it against malware and other threats, including web, FTP and email attachment scans for viruses, worms, trojans and spyware. Furthermore, its database is regularly updated for maximum protection.
Integrate security using integrated threat management features like intrusion prevention, activity reporting, usage monitoring and bandwidth control. Traffic shaping helps ensure enough bandwidth is allocated for essential applications while blocking unauthorized network access from streaming video and P2P networks.
Connect offices effortlessly with an efficient management system that simplifies configuration and administration, such as Kerio Control’s DHCP server which automatically assigns network parameters to devices connected to the network – simplifying management of distributed networks. Plus, our central security system aids troubleshooting by offering one convenient place where logs, settings, etc can all be managed from.
Reduce downtime risks with high availability and failover protection that ensures network connections remain up and running at all times. Take advantage of advanced traffic analysis capabilities like deep packet inspection, dynamic routing and multi-path load balancing to optimize network performance for maximum success.
Traffic shaping allows you to prioritize important network services like email and VoIP. By creating inbound and outbound policies for both inbound and outbound communications, such as application, traffic type, content category or time of day limits can be set. Web and content application filtering features provide protection from websites known for hosting malware, phishing pages, inappropriate adult material or any unwanted Internet content.
Kerio VPN tunneling enables easy connections from mobile devices or you can utilize open source IPsec/L2TP clients preloaded onto many desktop operating systems for maximum network security.
Kerio Connect provides instant, secure communications at a fraction of the cost and complexity associated with enterprise solutions, supporting multiple clients, browsers and devices, with enterprise class security features tailored specifically to your business needs.
VPN
Kerio Control provides SMB organizations with next-generation firewall capabilities — such as network, intrusion detection and prevention, gateway anti-virus protection, content filtering, and content filtering — for comprehensive protection. This product offers multiple deployment options — software only or virtual and physical appliances — while connecting offices across VPN tunnels makes for simple site-to-site connectivity for remote users.
Kerio Control provides small networks with effective UTM protection, adding extra features and improved management tools with its latest version. You can turn any old PC into a security appliance – 32- and 64-bit Windows systems alike are supported, with minimum hardware requirements such as 2.4GHz Celeron processor and 1GB memory sufficient to run its basic version of software.
NG500 hardware appliance is an outstanding performer that can efficiently balance multiple Internet links while managing load balancing and bandwidth management. Featuring an integrated web browser that displays system information, automatic configuration backup, status monitoring/notification functions as well as MyKerio (free web portal), administrators can remotely configure multiple hardware appliances using MyKerio portal.
Traffic rules allow administrators to manage inbound and outbound communications by application, URL, type of traffic and more. An intrusion prevention system using Snort detects suspicious activity that it logs, blocks or notifies depending on its severity; antivirus/content filters use Sophos signatures which update automatically on a configurable schedule; filtering rules provide fine-grained controls over file formats, IP address groups, LDAP group membership memberships and keywords to block access to undesirable material.
UTM firewalls protect users against viruses, worms, Trojans and spyware by scanning files for malware as well as inbound and outbound network communications and system registry entries. Sophos anti-malware engines use gateway anti-virus to detect and block all kinds of malicious code ranging from viruses to rootkits; additionally the NG500 allows administrators to create secure high-performance server-to-server connections across sites running the software as well as supporting industry standard VPN protocols that connect branch offices that don’t use Kerio as well.
