Kerio Technologies Kerio Control v7.4
March 01, 2013
$265 for software appliance, plus five users, $26 per additional users.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Simple setup, documentation geared for novice administrators.
- Weaknesses: VPN implementation is currently proprietary, light on reporting.
- Verdict: Great for small businesses or novice administrators, administrators with more complex environments may want to wait
The term "unified threat management" can sound intimidating to administrators lacking in information security experience. Fortunately, basic UTM protection doesn't need to be overly complex, and Kerio Technologies' Kerio Control product is a great example of that.
The product we tested was provided as a VMware virtual appliance. Following the quick setup guide, it was a simple matter of importing the appliance into our ESX environment and starting the tool. Through the console, we set up our trusted and untrusted interfaces and chose an administration password. All further configuration was performed through the product's web interface. On first login, we were presented with a configuration assistant wizard, which guided us through installing our license and setting up a basic traffic policy.
Kerio Control provides a clear, snappy interface for administration. The administrator is provided with a clean, configurable dashboard on login, which offers a number of system status charts. All device features are listed in a hierarchal menu on the left-hand side, with configuration options presented on the right. All of the features we'd expect are present, including a basic firewall, intrusion prevention system, content filter, perimeter anti-virus scanner and VPN. It also can serve as a dynamic host configuration protocol (DHCP) and domain name system (DNS) server.
While intended to be used as the default gateway, the product also can be configured as a proxy server for content filtering purposes. The intrusion prevention system (IPS) is signature-based, with signatures updated automatically on a configurable schedule. Anti-virus services are provided by Sophos, with signatures again updated on a configurable schedule. The content filter supports rules based on IP address groups, URL groups and keywords. Lightweight directory access protocol (LDAP) integration is supported, which makes user-based content filtering extremely easy to implement.
The product's documentation is very good. Guides are provided for the initial appliance installation, initial configuration and ongoing administration. Presented as PDFs, they are well-organized and seemingly tailored for administrators without extensive UTM experience. One negative thing we noticed was their recommendation that administrators allow access to the administration front-end from the untrusted interface. While we acknowledge that it would make remote administration easier, it really does not follow best practices, so we recommend reading the documentation with a critical eye.
Product support is offered on a 24/5 basis, and is provided via phone or email. Kerio also maintains an online knowledge base and active user support forums.
Kerio Control starts at a cost of $265 for the software appliance with five user licenses. Additional user license are priced at $26 per user. Software maintenance is $9 per user per year. Support is free during an initial 90-day implementation period. After that, Kerio allows two free support calls per year and charges $80 per incident after that.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- Education sector bullied by ransomware and can barely defend itself, report
- IoT assault, connected devices increasingly used for DDoS attacks
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- RIG EK rigged to steal tricks from Neutrino in fight to fill Angler's void
- SWIFT adds additional protective measures for members to ensure cybersecurity compliance
- 185M incidents bypassed perimeter defenses - report
- Pagers found leaking patient health information
- OVH suffers massive 1.1Tbps DDoS attack