Kerio Technologies Kerio Control v7.4
March 01, 2013
$265 for software appliance, plus five users, $26 per additional users.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Simple setup, documentation geared for novice administrators.
- Weaknesses: VPN implementation is currently proprietary, light on reporting.
- Verdict: Great for small businesses or novice administrators, administrators with more complex environments may want to wait
The term "unified threat management" can sound intimidating to administrators lacking in information security experience. Fortunately, basic UTM protection doesn't need to be overly complex, and Kerio Technologies' Kerio Control product is a great example of that.
The product we tested was provided as a VMware virtual appliance. Following the quick setup guide, it was a simple matter of importing the appliance into our ESX environment and starting the tool. Through the console, we set up our trusted and untrusted interfaces and chose an administration password. All further configuration was performed through the product's web interface. On first login, we were presented with a configuration assistant wizard, which guided us through installing our license and setting up a basic traffic policy.
Kerio Control provides a clear, snappy interface for administration. The administrator is provided with a clean, configurable dashboard on login, which offers a number of system status charts. All device features are listed in a hierarchal menu on the left-hand side, with configuration options presented on the right. All of the features we'd expect are present, including a basic firewall, intrusion prevention system, content filter, perimeter anti-virus scanner and VPN. It also can serve as a dynamic host configuration protocol (DHCP) and domain name system (DNS) server.
While intended to be used as the default gateway, the product also can be configured as a proxy server for content filtering purposes. The intrusion prevention system (IPS) is signature-based, with signatures updated automatically on a configurable schedule. Anti-virus services are provided by Sophos, with signatures again updated on a configurable schedule. The content filter supports rules based on IP address groups, URL groups and keywords. Lightweight directory access protocol (LDAP) integration is supported, which makes user-based content filtering extremely easy to implement.
The product's documentation is very good. Guides are provided for the initial appliance installation, initial configuration and ongoing administration. Presented as PDFs, they are well-organized and seemingly tailored for administrators without extensive UTM experience. One negative thing we noticed was their recommendation that administrators allow access to the administration front-end from the untrusted interface. While we acknowledge that it would make remote administration easier, it really does not follow best practices, so we recommend reading the documentation with a critical eye.
Product support is offered on a 24/5 basis, and is provided via phone or email. Kerio also maintains an online knowledge base and active user support forums.
Kerio Control starts at a cost of $265 for the software appliance with five user licenses. Additional user license are priced at $26 per user. Software maintenance is $9 per user per year. Support is free during an initial 90-day implementation period. After that, Kerio allows two free support calls per year and charges $80 per incident after that.
Sign up to our newsletters
SC Magazine Articles
- FireEye: First multi-vendor ATM malware targeting cardholders
- Customer data possibly compromised in online photo store malware attack
- Excellus BlueCross BlueShield announces breach, 10.5M records at risk
- CVS employee steals data on 55K Molina Healthcare members
- False Facebook 'dislike button' ensnares users
- Stored XSS vulnerability identified in Jetpack plugin for WordPress
- Experian, T-Mobile breach exposes 15 million customers, but what will happen to the data?
- Only a matter of time before cyber-attack hits broader finance
- Don't spend more, spend better: Interview with FireEye's Richard Turner
- Landmark European data protection judgement