Kerio Technologies Kerio Control v7.4
March 01, 2013
$265 for software appliance, plus five users, $26 per additional users.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Simple setup, documentation geared for novice administrators.
- Weaknesses: VPN implementation is currently proprietary, light on reporting.
- Verdict: Great for small businesses or novice administrators, administrators with more complex environments may want to wait
The term "unified threat management" can sound intimidating to administrators lacking in information security experience. Fortunately, basic UTM protection doesn't need to be overly complex, and Kerio Technologies' Kerio Control product is a great example of that.
The product we tested was provided as a VMware virtual appliance. Following the quick setup guide, it was a simple matter of importing the appliance into our ESX environment and starting the tool. Through the console, we set up our trusted and untrusted interfaces and chose an administration password. All further configuration was performed through the product's web interface. On first login, we were presented with a configuration assistant wizard, which guided us through installing our license and setting up a basic traffic policy.
Kerio Control provides a clear, snappy interface for administration. The administrator is provided with a clean, configurable dashboard on login, which offers a number of system status charts. All device features are listed in a hierarchal menu on the left-hand side, with configuration options presented on the right. All of the features we'd expect are present, including a basic firewall, intrusion prevention system, content filter, perimeter anti-virus scanner and VPN. It also can serve as a dynamic host configuration protocol (DHCP) and domain name system (DNS) server.
While intended to be used as the default gateway, the product also can be configured as a proxy server for content filtering purposes. The intrusion prevention system (IPS) is signature-based, with signatures updated automatically on a configurable schedule. Anti-virus services are provided by Sophos, with signatures again updated on a configurable schedule. The content filter supports rules based on IP address groups, URL groups and keywords. Lightweight directory access protocol (LDAP) integration is supported, which makes user-based content filtering extremely easy to implement.
The product's documentation is very good. Guides are provided for the initial appliance installation, initial configuration and ongoing administration. Presented as PDFs, they are well-organized and seemingly tailored for administrators without extensive UTM experience. One negative thing we noticed was their recommendation that administrators allow access to the administration front-end from the untrusted interface. While we acknowledge that it would make remote administration easier, it really does not follow best practices, so we recommend reading the documentation with a critical eye.
Product support is offered on a 24/5 basis, and is provided via phone or email. Kerio also maintains an online knowledge base and active user support forums.
Kerio Control starts at a cost of $265 for the software appliance with five user licenses. Additional user license are priced at $26 per user. Software maintenance is $9 per user per year. Support is free during an initial 90-day implementation period. After that, Kerio allows two free support calls per year and charges $80 per incident after that.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Website observed serving 83 executable files, more than 50 percent malware
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- TeslaCrypt used to extort over $76K in recent months
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes