Block the threats that can
With high-availability, if a crash or failure occurs your second Kerio Control machine jumps into action. Users see no drop of service.
You have no vulnerability exposure.
- Acquire and install a second, same Kerio Control appliance or virtual machine
- A single software license will cover the two pieces of hardware
- Customers configure the second device as a clone of the active one
- Configuration settings are easy-to-do and take minutes
- Once configured, the two devices connect through a synching port and all rules and routing are replicated and kept up-to-date between them.
Kerio Control works comfortably in your existing IT environment — whatever your needs.
Choose the approach that best fits with your existing IT processes, infrastructure and organization.
- Software. Virtual. Hardware. Your Choice.
Kerio Control offers the broadest range of deployment options on the market — and it integrates hassle-free into your existing IT environment.- A software appliance on your own hardware
– A virtual appliance in an existing VMware environment
– A turnkey hardware appliance
- Kerio Control software applianceWe’ve packaged Kerio control software — and a hardened OS — into a single bare-metal ISO image. The advantages? Custom spec your own hardware based on performance needs. And avoid conflicting applications and vulnerable system services.Add more protection and control with Kerio Antivirus and Kerio Control Web Filter.
- Kerio Control virtual applianceDrop this virtual machine pre-configured with Kerio Control software and a hardened OS into your VMware or Hyper-V environment. Add state-of-the art security to your existing network without requiring new hardware. Consolidate multiple single-purpose servers and applications in a single box. Integrate resources and network adapters into your virtual machine as you need them.Add more protection and control with Kerio Antivirus and Kerio Control Web Filter.
- Kerio Control hardware applianceEnsure the performance of Kerio Control software with a Kerio Control hardware appliance. These performance-optimized boxes enable you to leverage all Kerio Control product features in a stable, solid-state package, pre-configured with Kerio Control, and a hardened OS. The NG100W and NG300W models also include integrated WiFi. All Kerio Control hardware appliances include the added protection and control provided by Kerio Antivirus and Kerio Control Web Filter.
Next-generation firewall capabilities
Kerio Control brings together next-generation firewall capabilities — including a network firewall and router, intrusion detection and prevention (IPS),
gateway anti-virus, VPN, and web content and application filtering.
- Deep Packet Inspection (DPI)
- Stateful Packet Inspection (SPI)
- Intrusion Detection and Prevention System (IDPS)
- Application awareness
- DHCP server
- DNS forwarding
- NAT mapping (inbound/outbound)
- MAC filtering
- GeoIP filtering
- Zero-configuration networking
- Service Discovery forwarding
- Guest network with captive portal
- 802.1Q VLAN support
- Traffic rules configuration wizard
- Time based rules
- Connection limits (DoS protection)
- Dynamic DNS
- Customizable routing table
- Reverse proxy
- Simultaneous IPv4 and IPv6 support
- IPv6 network prefix translation
- IPv6 router advertisements
- Multiple IP addresses on a single network interface (multihoming)
Simple and secure VPN
Link headquarters to remote users and branch offices securely and easily. Kerio’s own VPN tunneling with dead-simple setup requires minimal configuration, and provides a high-performance network connection. You can also use industry-standard IPsec/L2TP for connectivity from mobile devices or third-party firewalls.
- VPN client for Windows, Mac & Linux
- Split tunneling
- Multiple client-to-site and site-to-site tunnels
- IPsec client-to-site/site-to-site
- L2TP/IPsec for mobile devices
- Persistent connection
- SSL encryption
- VPN tunnel failover
- NAT support
- Automatic or custom routing
- User authentication via directory services
Productivity boosting usage reporting
View individual users’ Internet activity, refine traffic-shaping rules and more with automatic, detailed reports from Kerio Control Statistics sent to your email inbox.
- Reporting via Kerio Control Statistics
- Automated email reports
- Android, Apple Watch and iOS app (notifications and monitoring)
- Detailed usage reports (web sites, protocols, bandwidth, etc.)
- Traffic categorization (multimedia, messaging, large file transfers, etc.)
- Traffic charts of users and interfaces
- Top visited websites & top users per web category
- Filter reports by individual user, group, or entire network
- Reporting of Google search keywords
- Real-time host activity monitoring
- System Health Monitor
- SNMP monitoring
- Email alerts for firewall events
- External logging to syslog
Unmatched Quality of Service
Easily prioritize and monitor network traffic to guarantee high-speed transmission for the most important traffic types.
Internet Link Load Balancing optimizes Internet access by distributing traffic across multiple links.
- Internet link-load balancing
- Policy-based routing
- Automatic connection failover
- Reserve bandwidth for high priority traffic
- Restrict bandwidth for low priority traffic
- User data transfer quotas
- Bandwidth rules based on time intervals, traffic and content rules, traffic type, users, service, DSCP, etc.
Administer quickly and easily – anytime, anywhere
Handle all administration and configuration activities from a customizable web-based console using your desktop or tablet.
Quickly and securely access security settings, manage users and bandwidth, and set traffic policies from an intuitive interface.
- MyKerio centralized web based management to monitor and manage multiple Kerio Control deployments
- Remote web-based administration
- Customizable administration dashboard
- Zero-touch or self-provisioning
- Share configuration (definitions) between appliances
- Configuration export/import
- Backup configuration to MyKerio or FTP server
- Template for user configuration
- Variable level administrative rights
- Automatic software updates
- Web-based debugging tools
- Multi-language support
User authentication features
- Active Directory
- Apple Open Directory
- Local user database
- 2-step verification for remote access
- Proxy authentication for terminal servers
- Kerberos and NTLM authentication
- RADIUS server
- Password guessing protection
Industry-leading web, content and application filtering
Selectively block, allow or log access to 141 categories of web content and applications using Kerio Control Web Filter with application awareness. Keep bandwidth-hogging traffic like streaming video off your network or block peer-to-peer networks. Keep your users from visiting malware sites that are known to contain viruses and spyware or to engage in phishing or identity theft.
Content filtering features
- URL categories with whitelist (Kerio Control Web Filter)
- Content rules based on time intervals, users, applications, web categories, URL groups, file types, etc.
- Forbidden words filtering
- SafeSearch for search engines
- HTTPS filtering
- Pre-defined and custom URL groups
- Regular expressions in URL rules
- Proxy server with cache
- P2P (peer-to-peer) traffic filtering
- Antivirus filtering
- Customizable denial page
Application awareness features
- Database of common applications (Skype, Facebook, BitTorrent, etc.)
- Categories of applications
- Real-time and detailed reporting of application activity
- Content rules per applications by user, host or time interval (permit or deny)
- Bandwidth rules per application (restrict or reserve)
You can selectively block more than 141 application and web content categories
- PORNOGRAPHY / NUDITY
- Child Abuse Pictures
- Auctions & Marketplaces
- Marketing Services
- Online Ads
- Online Shopping
- Products Reviews & Price Comparisons
Intrusion prevention system
Kerio Control’s IPS adds a transparent layer of network protection, with Snort-based behavior analysis, and a regularly updated database of rules and blacklisted IP addresses from Emerging Threats.
- IPS in Kerio Control
Kerio Control, a Unified Threat Management solution, incorporates a signature based packet analysis architecture known as Intrusion Detection and Prevention (IPS), which transparently monitors inbound and outbound network communication to identify suspicious activity.
- Server Security
In many deployments, servers are placed behind the firewall, and only those services being hosted can receive connections. Depending on the type of service hosted (e.g. SQL server) the firewall may not have the ability to inspect the actual conversation taking place between a client and the server.
- Adding the IPS layer
Keeping server software updated is critical to protecting server applications from this type of threat. Application vendors regularly update their software to patch security vulnerabilities.
- Mitigating the effects of Trojans, Worms, Spyware and other Malware
Aside from the exploitation of available services to vulnerable applications, there are other ways to exploit an operating system. One of the more common approaches used by an attacker is to piggyback an application on top of free software.
Ensure the performance of Kerio Control software with the Kerio Control Box Hardware Appliance. This performance-optimized box enables you to leverage all Kerio Control product features in a stable, solid-state package, pre-configured with Kerio Control and a hardened OS.
Centralized administration with MyKerio
MyKerio simplifies the management of multiple Kerio Connect, Kerio Control and Kerio Operator deployments through a secure centralized web interface.
MyKerio simplifies the management of multiple Kerio Connect, Kerio Control and Kerio Operator deployments through a centralized web interface providing consolidated system information, automatic configuration backup, status monitoring, system notifications and complete remote configuration.
As a cloud based service with 24/7 availability, MyKerio remotely monitors your deployments, allowing you to view network, licensing, or system critical events the moment they occur.
Mobile monitoring and notifications
Get notifications straight to your mobile device with the MyKerio app for Android or iPhone/Apple Watch. You can be confident your appliances are online and if the status changes, you will be the first to know.
Rapid Remote Deployment
Deploy Kerio Control hardware appliances with self-provisioning in MyKerio. Avoid the expense and hassle of on-site administration and save time by setting up and configuring appliances remotely.