Cybersecurity Lead at PT. Alpha Citra Siber Indonesia
Real User
Top 20
2023-12-29T10:26:00Z
Dec 29, 2023
I would recommend KerioControl to other users, as we are trying to bring the product to our customers. We will also try to expand the number of users in our organization. I would rate the solution a seven out of ten.
We are working for some customers. If someone wants to buy the solution, they must check the internet. The internet is full of advice, which would help them with any questions they have. Overall, I rate the product a seven out of ten.
I have used KerioControl for 20 years and in more than 10 networks. KerioControl is a very, very good solution for small and medium business networks. About 100 users are currently using KerioControl in my organization. These users are engineers. KerioControl is a good solution, and I give it a rating of eight for medium and small networks. We are a reseller in the market, and we resell service firewall solutions like KerioControl, Sophos Firewall, and FortiGate to companies. Overall, I rate KerioControl a nine out of ten because you can set it up and forget about it. It's very good, and you can set it up for a network without a resident administrator in the company. We can remotely manage ten networks with KerioControl.
We are a customer. I don't recall the exact version number I am using. We decided to use this solution based on the features which we needed at the time. I highly recommend the solution to others. We've had a good experience. It's very easy to use. I'd rate the solution ten out of ten.
It works well. I don't have a problem with how it works. I am also fine with its deployment, but it can be challenging if you don't have someone skilled or trained. If you have the skills, its deployment would be straightforward. You would be able to deploy it without a challenge. So, you just need to find the right person to deploy it. I would rate it an eight out of 10.
Baobab College logo System Administrator at Baobab College
Real User
2021-12-22T11:56:00Z
Dec 22, 2021
It is a good firewall. It does what it is required to do, but it needs improvements. Their support and reporting could improve, and they can also do some work on the user login part. For a campus, you can't depend on Kerio Control to provide everything. You need to look at some of the other tools if you're dealing with students, but for all other organizations, it is perfect as it is. I would rate it a seven out of 10.
Senior Systems Tech/Admin at a computer software company with 1-10 employees
Real User
Top 5
2021-10-14T21:10:29Z
Oct 14, 2021
To start out you are going to have to purchase the firewall hardware and the subscription itself which could be approximately $2,000 and for the annual subscription, it will be approximately $400. The subscription entails many aspects, such as you do not lose your antivirus upgrades or your web filtering does not stop. We are switching from Kerio Control to Sophos because of the sleek design of the devices. If you want a cheaper solution, you can choose Kerio Control, but if you want a much sleeker design, then should consider Sophos. I rate Kerio Control an eight out of ten.
A solution like Kerio Control is a nice-to-have for a medium size business. It just works. It does what it is meant to do. The hardware itself isn't too expensive, it's just the licensing fee that has gone up and up every year. I would recommend it. My advice would be to get a professional for the implementation. Overall, I would rate the solution at seven out of 10, because of the licensing, and there are other things on the market now that are probably as good.
Each implementer or solution specialist needs a product that fits the needs of the company or customer. That's totally dependent on each customer. If you have never seen a product like Kerio Control, it's still quite easy to implement the firewall. They're not too complex. Not every customer wants to install a VPN client to get to a different network. Some of them want to have a browser solution where they just enter an address and they type in a username and password, even verified by a two-step verification. If they are verified and authenticated, they can use the different networks. I believe we had that kind of functionality in previous versions of Kerio, even when it was called WinRoute, but they took it out. These days, everything is being arranged by a browser but I understand why they took it away from the browser. It's because of the security flaws that are mostly in browsers and they're never up to date. It doesn't matter whether you're using Firefox, Chrome, Mozilla, Internet Explorer, or Edge. They all have their things that are not working correctly. There are vulnerabilities in all browsers. The biggest lesson I have used from using Kerio Control is that I would choose the NG500, the rack model, over any other model they have, as that has proven to be the most stable version and the most stable product. It just runs forever. We are using three of Kerio Control's models. The NG100 is for really small solutions where you just need a firewall with VPN capabilities. They have a bit of a larger model, the NG300, which is suitable for faster solutions. And we have the enterprise solution, which is their fastest firewall, the NG500, and that's a rack model firewall. The antivirus helps people who are uploading files, so that they are scanned. That's not what we are using it for, but our experience with the internal firewalls are a bit different because you can also use an external firewall in the product itself. And now it comes with Defender, which currently works well. For what it is scanning, it's working fine.
The biggest lesson I've learned from using Kerio is that you can quite easily and securely diversify your network security and access without compromising on cost and central control. Since this all comes down to is that it's all centrally controlled, I have confidence that the users were accessing our systems remotely and securely. We have used the Kerio Control appliances to do point to point VPNs at the customer sites quite a few times now, and that's the one we recommend. Customers have been using Ubiquiti and have issues so we replaced them with Kerio appliances and they seem to work great. They're moderately priced, good value, and I haven't had to reboot one of those devices in the field yet. These things run point to point VPN for some pretty business-critical functions, such as wide-area gaming systems that transfer money between venues. I haven't had any issues. I would rate Kerio Control a nine out of ten.
I'm experienced in networking, but I'm not a network engineer per se, I'm more software development. The fact that I was able to get it set up and going with minimal fuss was definitely a plus for the product. I've seen products before where you can get them running, you make the slightest configuration change, and the whole thing comes crashing down. It's quite a stable product in that respect and it does look after itself quite well. For example, risk proxying solution and buying a GoDaddy certificate to secure a couple of APIs was a piece of cake. It really didn't hurt us at all. I think the important lesson there is, if we had tried to do the same thing with a NETGEAR sort of a firewall with a built-in firewall product, I think we would have had a hard time. Kerio definitely has made it easier. I'd say give it a look for sure. I'd totally recommend it. I would rate Kerio Control a seven out of ten. If I didn't have to reboot it so often, then it would probably score a nine. It's not a cheap product and it's not a particularly reliable product at the same time which tends not to be a good mix. Something like this should be able to cope with my entire household, every device I throw at it, and it should be able to cope with that fine. It clearly didn't two years ago. We'll try it again in about 24 hours and we have to hook up this high-speed connection to it and we'll see how well it performs there. Reliability is about the only qualm I have with the product.
The overall ease of use depends on your skill set. I have a networking background, so I find it okay. As you get into more advanced features, it's probably a bit technical, but I managed to find my way around it through the documentation to get things working. It has some good features in there, like you can create a firewall rule and the console lets you test that rule, which is helpful when you're trying to build a firewall rule. One of the features that I haven't used yet is Kerio Control's high-availability/failover protection. However, it is something I would be interested in setting up in the future. We have started using it yet because we are small scale with a very small number of users. Provides the simplicity of having a small appliance that you can rely on to configure. If someone wants a network that can be structured to keep things segregated and safe from each other, then it's a cost-effective device, which is easy enough to set up and configure. I haven't had any security issues. However, back then, I would have been relying on an antivirus, running on clients, hoping that it would catch things. I would rate it as a seven out of 10, but then I don't have a lot of experience with other products to compare it against. Though, from what I see and read, it's as good as anything out there. Everything is good. However, I'm a little bit concerned that I'm not getting a lot of updates. Probably if I needed more performance, it would get expensive fairly quickly.
Regardless of whether you get a box or virtual, the interface is nearly always the same. There are very few changes between versions. Research what you think you're going to need. Don't just buy the biggest box or the most expensive box because you think it's going to be better. The biggest lesson I have learned from using this solution is that you don't always have to be onsite to fix something. The malware and antivirus features are pretty good. We generally have other malware and antivirus protection as well. A lot of the time, things come in via email so we do have services from Symantec, which filters that out beforehand. Very occasionally I have seen a false positive, where it's blocking something that's actually allowed, but then I can usually figure it out and just allow it. When I've seen something has been blocked or someone has reported they're trying to do something and they can't access or download a file, I can quickly see in the logs that something has been blocked because of the antivirus detection. And I've managed to go from there, allow the file. One feature we haven't used yet is the solution's high availability failover protection. It's something that I've not even tested myself. I was interested in it when it was first announced, but I was reading about it and a few people said that some of the early implementations were a little bit buggy. I have a feeling it's gotten better now. But I've not used it and no one has asked for it either.
Make sure the person that's doing it knows what they're doing. If you're not getting overly complicated, pretty much anybody can do it. But if you're going to get complex, you'll need to have somebody that knows their way around or else you might make yourself vulnerable. If you have a tunnel and you have to change certificates because they expired, you do it in the right order, or else you might have to travel long ways to accept the key on the other side. If you create a new key for the tunnel and apply it, the tunnel is down until the other side accepts the key. If going through the tunnel was your only way there, then you're now traveling unnecessarily or long ways. Luckily for me, it was not too far away. But if you have city to city and you have no one on the other end that has the ability to log in and accept the key, then you're going there. I would rate Kerio Control an eight out of ten. I haven't had a lot of experience with the new owners and I'm worried that they're going to sunset it or not give it the attention it needs. That's just my thought, I have no proof or anything like that.
CEO at a computer software company with 1-10 employees
Real User
2020-07-15T07:11:00Z
Jul 15, 2020
The machine is a good value for the price and the software is extremely good value for the price. It's proven out to be good, but we're just disappointed in the company that now owns it and took over from it. They're improving, but it took too long to improve and it cost us a lot of money in that way. But I can't blame it on Kerio, I have to blame it on GFS. I would rate Kerio Control a nine out of ten.
The biggest lesson from using Kerio Control is the untapped potential there is to link to everything and streamline our business. That's really what it's about for us. Obviously, there's more out there for us to do with it. As an SMB, Kerio Control is a good fit for our environment. It serves what we need done. I would recommend it for a smaller business because the ease of use and the access it allows us are great.
President at a tech services company with 1-10 employees
Real User
2020-07-12T11:48:00Z
Jul 12, 2020
The solution’s firewall and intrusion detection features are average. They're not spectacular, but they do the job. For the price point though, it's very good. The solution is pretty reliable. It is flexible, e.g., if you have an old workstation, you can turn that into a Kerio Control Box, which is nice. I'll continue using them. However, I believe that their end of life and maintenance fees could be a little more flexible, as far as the cost of the maintenance fee and the length of the lifecycle of these devices. I would give the solution an eight out of 10.
IT and Operations Manager at a financial services firm with 1-10 employees
Real User
2020-07-09T06:27:00Z
Jul 9, 2020
We're using the latest version of the solution. I would recommend the solution. It doesn't take too many people to set it up or maintain it, like, for example, Cisco, which is a bit more complex and difficult. I would rate the solution seven out of ten, and that's mostly due to the fact that their support is so awful right now. If their support was better and more reliable, I would rate them much higher.
Freelance IT Specialist at a computer software company with 501-1,000 employees
Real User
2020-07-05T15:50:00Z
Jul 5, 2020
I'd recommend the solution. It is a good solution. I would like to use it more as an open source software these days. The way everything is going in the world, I feel that there's definitely a place for open source. In terms of the proprietary side of it, I'm not too keen on it, and I'm a bit dubious about this takeover by GFI. I don't know if it's a product that will carry on as it is or if things will just keep getting a bit more complicated with it. I'd rate the solution seven out of ten. It's done everything I've ever needed it to do. That said, if I can find a solution that does the same, I'll switch. I find that there are actually more options. If you know what you're doing and you find the add-on that you need, then I think it's more flexible.
My advice would be to follow the hardware requirements of Kerio and make sure the equipment that you have can run the connections for the number of users that you intend to run and are being planned out to be successful. Working with the Kerio team to determine your needs works out very well. Not all firewalls have to be difficult to learn. Kerio has made it a really easy-to-use product.
My general advice is always: Read the manual, check your hardware and see if you have everything you need, and if it will suit your needs. It's hard for me to assess its malware and antivirus protection because Kerio is one part of a three-part defense against malware and antivirus. I'm not sure which part picks up which problem. My philosophy is that no single protocol picks up all the problems, so if you have several of them, you'll fight the virus or malware at some point. That's why I have three different tools with different focus points, and together they keep me safe. Malwarebytes specializes more in malware, ESET is a normal desktop antivirus system, and this system is a general anti-malware and antivirus system of another type. They compliment each other. I have an internet speed of 200 megabits per second, and 15 might be enough. So the only point I don't know about Kerio is whether it takes a lot of performance out of the maximum you could get if you didn't have a firewall. Overall, I would give it a nine out of ten, but with the comment that I haven't compared it with anything else. On my scale, 10s are very rare. They're for things that go beyond my expectations and Kerio does exactly what I expect and it does it well. It's just an essential which does it's work. I don't think about it normally. It's just there and it works.
System Administrator Team Lead | Developer at a tech services company with 11-50 employees
Real User
2020-07-02T10:06:00Z
Jul 2, 2020
Kerio Control is a nice-to-have for a small business like ours. My advice would be to look at best practices or get someone to show you how to properly set it up before you try anything and it gets too messy. The biggest lesson I have learned from using this solution is to look out when it comes to firewall rules. Don't use too many firewall rules or content rules because it can get really messy, really quickly, if you don't have a decent strategy for that. We always try to use auto-update, so most of the time we're on the most recent version. We have some examples where we use Kerio Control aboard ships where the bandwidth is really limited. In those cases we use our own timeframe to update Kerio Control, but it's normally done within a month or two, so most of them are up to date. We haven't seen anything yet in the antivirus and we haven't had any problems with malware with our systems. I don't know if malware is being detected that well, because sometimes the clients still have some malware. I don't know if it's because it's an HTTPS site or something else. In our company, most of the work with Kerio is done by about 10 people. Everyone does the same tasks: administrating, changing rules, and installing new Kerios. I work on it in my role as a system admin team lead and developer. As of late, I've been more of a developer than administrator. The others are system administrators, business consultants, and there are two other developers.
We don't use high availability or fail-over protection. We set one up once and almost gave up on it. You have to have pinnacle boxes and things, so we did set it up and test it but we haven't actually sold any of them. I feel pretty comfortable having a Kerio firewall in a medium to small business. It can be deployed in an easy fashion, which is the same as everybody's Comcast, CenturyLink, or whatever their modem has. Then if you really spend the time doing it correctly, you can give somebody what, I feel, is an enterprise-quality solution in small business for a good price. If I pinhole Kerio for small businesses, I would rate it a 10 out of ten but overall, I would give it a seven.
Kerio Control is very good. The way that you can maintain it, it's very easy. I had an employee who built a copy of the product, which was a very basic interface for the open source community. You can find it on the Internet. He was impressed by the way Kerio built this firewall solver, because most firewalls are very difficult to maintain due to their complexity. If you are working in complex environments, it is not easy to maintain firewalls, because things are always changing. This is the part of Kerio that is very good. Every IT guy that I show the interface of Kerio Control is impressed with the product because it's very easy to view how things are working (when you know what you're doing). Ransomware is protected only when the system is able to detect, "Okay, this is coming from a link and that link is known, and it is within the protection." I don't use the solution’s high-availability/failover protection because the hardware is needed as well and I wasn't able to test it. I want to test it first, because it's not only the testing, but what are the costs of ownership for the customer? Over the years, the Internet connections in the Netherlands are very stable. I always tell my customers that if they have an Internet connection that they should have a backup connection. The hardware that I use is mostly recent, stable hardware. So, it's not for my type of customers. This is not a very important feature because the hardware is well-maintained. However, that's a thing that I take care of since most hardware fails because there is not a good cooling environment or a lot of dust is in hardware. I make sure that things are running well as part of my services. I'm still surprised that sometimes I need something which I thought was not within Kerio Control, and it was within Kerio Control. That's mostly the case. Biggest lesson learnt: Stick with suppliers for software products who are able to give very good support. I would rate the product as a nine (out of 10). It is very good.
Senior Sales Technician at a tech services company with 51-200 employees
Reseller
2020-06-30T08:17:00Z
Jun 30, 2020
The way that we sell Kerio is we show our customers what they can do with it. They don't really care much about licensing after they see that you can view each person one by one to see what they're doing. I would give the product a 10 out of 10. I have been using this solution for an extremely long time. It is very helpful. With clients that don't have Kerio and have issues with their network, then we'll install a demo version of Kerio, fix the errors and problems, showing them what Kerio does. After, we'll take it out and put them back onto their normal router. It will take about a week or two weeks later, then they will phone us and say, "Please send us a quote for Kerio."
Kerio Control has not increased the number of VPN clients but we have added clients only because they needed it, not because Kerio is there. To the best of my knowledge, before Kerio we did not experience a security breach. The only semi security issue we had was that someone had run a virus that encrypted a whole bunch of files on the server. But that was before my time. I was not the IT manager at that point. If I didn't have the help from someone else that completely understood all of the services that are features of this product, then I probably wouldn't have put it in myself. It's definitely more advanced for people that are handling this type of networking day to day, which I don't. The only other thing that I've had a problem with is Apple servers for some reason, because Apple services come through on so many different servers themselves, and different destinations on the Internet, there's always some kind of issue with updating them on the network with Kerio running. I don't know why. It's just Apple. Everything else is fine. Personally, I've just learned how to route traffic over a network well. It's helped me to route different parts of the Internet to different parts of my network, which I can't do on a Window server, and visually it's been a great help. It's been able to add multiple Interfaces, it's good. I have multiple Internet streams and a failover. That's the best. I would rate it a nine out of ten.
My advice would be to make sure you've got an internet connection. The first thing you have to do is register the user on the internet and then if you get to a new installation where you're setting them up from scratch, you're going to struggle because with the new Kerio unit, the first thing it needs to do is connect to the internet and it can't do that if you haven't set it up. It's best to get it set up before you install it on site. The biggest lesson I have learned from using the solution is not to assume everything is running okay because it might not be. The main reason is because of the denial of service not being up to scratch. You have to make sure that their connections aren't being kept of denial of service effects. That's the problem right now. I would say denial of service is probably one of the weakest areas. I would rate it an eight out of ten.
We don't necessarily use failover protection. If you have a failover seamlessly set, the boat or the customer won't know that there's been a failure. We don't use the failover because we want the boat to understand if there's an issue with one of their LAN connections. For example, if you have a cellular and a satellite connection, and you have both of them set to failover to one or the other, if the satellite connection fails over to the cellular connection, nobody on the boat is going to know that it's failed over. Without the failover, they can identify that there's a problem and then that can be addressed. But if it fails over, nobody is going to be aware that there was an issue and then there's nobody working on solving or trying to figure out what that issue is. My advice would be to have a plan. Have a plan in place and make sure that you document everything that you do. Certainly, if you're talking about multiple deployments, you don't want to run into a situation, for instance, where you have three different IT people and each one of them is doing a different type of configuration. You want to have a policy in place for a standardized configuration. From a support perspective, as well as a usability perspective, make sure those are being addressed. I would rate it about a seven out of ten. The only reason why I would give it that rating is because MyKerio can be a complicated tool if you don't know how to use it. I was at the Monaco Yacht Show and I got a phone call from an engineer on a boat. They were very angry with the service speed of their satellite. We have customers that pay anywhere from $2,500 to $40,000 a month for satellite service. In this particular case, they actually had to send a tender in. They had to take me out to the yacht and I got out to the yacht and I figured out exactly what happened. As I was getting off the yacht, they were explaining to me how one of the crew members had worked with Kerio in the past. When I got onto the boat, somebody had set a QoS monitor to limit the crew network for the satellite connection to only 5% of the allotted bandwidth, but it wasn't just the crew, it was the entire vessel. So the entire vessel was limited through Kerio to 5% of the speed of their satellite. That problem or that issue did not arise as a Kerio issue. They said, "This is a satellite issue. We're having a problem with our satellite." So that's an example of, if somebody doesn't know what they're doing, they can have a pretty detrimental effect on the network. The thing about Kerio is that there's not going to be a dummies book for how to use a Kerio Control. It's really designed to be operated and certainly configured by somebody who is in the IT industry. From the perspective of users, if you're the administrator, you can log into this and you have full access to everything. Whereas if you're "just the user," we're going to hide all of this other stuff from you and the only thing that you're going to be able to do is say that the owner network can use the satellite connection and the crew network can use the connection. I would like to see a very limited or dumbed down version for the average user. You could literally just do a couple of checkboxes and throttle everything on the entire network and nobody would necessarily be the wiser.
It's definitely well suited for and marketed for SMBs but could some enterprises use it? I believe that they could. I believe that there are some spots in the enterprise market that should be looking at this product. I think that some companies would be pleasantly surprised if they considered it for enterprise market use. It's inexpensive and secure enough that you could have multiple instances running across a campus, if you needed to do routing. It supports a ton of VLANs, especially if you put it on your own hardware. You can easily have this thing run thousands of users just by scaling up the hardware because it has the ability to run on standard PC or Server hardware so you can pop it right into a computer and boot it up. This is great because you can choose any amount of hardware that you want to put it on to get it to scale to what you need, and you can upgrade it as needed. It's also great when you do have virtual environments. The company has always been pretty good to work with, which is important. Obviously, GFI's a much bigger company than the original vendor, so some things have changed, but they're a friendly company and want to work with you. They have a nice NFR program. We always like products that have NFR programs, not because we're always looking for free stuff, but because it's nice to be able to use the same equipment inside that we sell to customers, even if it doesn't make sense for us financially (though Kerio Control makes sense for us). Just having that capability to say, "Hey, we use this product ourselves." It's a question that customers ask IT companies a lot, "What do you use?" So, if I can say, "I use Kerio Control." That goes a long way to making the customer understand I really like this product. I trust my business to it. You can trust me when I say, "You can trust your business to it." I would rate the product as a nine out of 10. I've never heard a customer that went on it be upset. I have never had a customer tell me, "I want to get rid of this thing."
Computer Technician at a tech services company with 11-50 employees
Real User
2019-04-18T09:59:00Z
Apr 18, 2019
This solution is big in our industry because the captains have to have control over everything. If the captain wants to log in and see what his users, his crew members are doing, then Kerio provides that. I suggest watching the Kerio forums for what the community is saying in terms of upgrades and support. I would rate this solution eight out of ten.
Kerio is user-friendly, it's flexible, and can be used on different kinds of infrastructure. You don't need a high level of skill to use it. It monitors, identifies potential problems and it takes actions on a problem. The system is quite easy to use, and we don't have any kinds of problems with it, compared to other solutions that are not easy to understand and are complex. I would rate it a nine out of ten. Right now, we are really satisfied with the product. Of course, we are open to seeing other improvements, but from our side, we don't need any other improvements because what we have right now complies with our needs.
General Manager at a tech services company with 51-200 employees
Real User
2019-03-10T16:43:00Z
Mar 10, 2019
My advice to somebody researching this solution is to check all the features. Some of the most important features of this program don't exist anywhere else. Especially the statistics. I would rate it a nine out of ten.
Chief of Technical Department at Ingenieria e Informática Asociada Ltda.
Real User
2018-07-05T02:10:00Z
Jul 5, 2018
Setting up a small laboratory is simple and fast, so you can see a small portion of the solution's benefits and what it will do to improve a business's security.
Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.
With Kerio Control you can:
Preserve the integrity of your network.
Manage bandwidth to streamline traffic flows.
Improve productivity with filtering capabilities.
Kerio Control...
I rate the solution a nine out of ten.
I would recommend KerioControl to other users, as we are trying to bring the product to our customers. We will also try to expand the number of users in our organization. I would rate the solution a seven out of ten.
I would rate the product an eight out of ten.
We are working for some customers. If someone wants to buy the solution, they must check the internet. The internet is full of advice, which would help them with any questions they have. Overall, I rate the product a seven out of ten.
I have used KerioControl for 20 years and in more than 10 networks. KerioControl is a very, very good solution for small and medium business networks. About 100 users are currently using KerioControl in my organization. These users are engineers. KerioControl is a good solution, and I give it a rating of eight for medium and small networks. We are a reseller in the market, and we resell service firewall solutions like KerioControl, Sophos Firewall, and FortiGate to companies. Overall, I rate KerioControl a nine out of ten because you can set it up and forget about it. It's very good, and you can set it up for a network without a resident administrator in the company. We can remotely manage ten networks with KerioControl.
We are a customer. I don't recall the exact version number I am using. We decided to use this solution based on the features which we needed at the time. I highly recommend the solution to others. We've had a good experience. It's very easy to use. I'd rate the solution ten out of ten.
I rate the solution a seven out of ten. The solution is good, but the logging and reporting systems can be improved.
The KerioControl is a good solution. It can be deployed on old servers and it works well with no issues.
I would give Kerio Control a rating of six out of ten.
It works well. I don't have a problem with how it works. I am also fine with its deployment, but it can be challenging if you don't have someone skilled or trained. If you have the skills, its deployment would be straightforward. You would be able to deploy it without a challenge. So, you just need to find the right person to deploy it. I would rate it an eight out of 10.
I rate Kerio Control an eight out of ten.
It is a good firewall. It does what it is required to do, but it needs improvements. Their support and reporting could improve, and they can also do some work on the user login part. For a campus, you can't depend on Kerio Control to provide everything. You need to look at some of the other tools if you're dealing with students, but for all other organizations, it is perfect as it is. I would rate it a seven out of 10.
I rate Kerio Control an eight out of ten.
To start out you are going to have to purchase the firewall hardware and the subscription itself which could be approximately $2,000 and for the annual subscription, it will be approximately $400. The subscription entails many aspects, such as you do not lose your antivirus upgrades or your web filtering does not stop. We are switching from Kerio Control to Sophos because of the sleek design of the devices. If you want a cheaper solution, you can choose Kerio Control, but if you want a much sleeker design, then should consider Sophos. I rate Kerio Control an eight out of ten.
For those who want a good firewall solution, this is the one. I rate Kerio Control a nine out of ten.
Kerio Control is a good solution which is reliable and easy to use.
I would rate Kerio Control a six out of ten. Its local support, scalability, and pricing model need to be improved.
A solution like Kerio Control is a nice-to-have for a medium size business. It just works. It does what it is meant to do. The hardware itself isn't too expensive, it's just the licensing fee that has gone up and up every year. I would recommend it. My advice would be to get a professional for the implementation. Overall, I would rate the solution at seven out of 10, because of the licensing, and there are other things on the market now that are probably as good.
Each implementer or solution specialist needs a product that fits the needs of the company or customer. That's totally dependent on each customer. If you have never seen a product like Kerio Control, it's still quite easy to implement the firewall. They're not too complex. Not every customer wants to install a VPN client to get to a different network. Some of them want to have a browser solution where they just enter an address and they type in a username and password, even verified by a two-step verification. If they are verified and authenticated, they can use the different networks. I believe we had that kind of functionality in previous versions of Kerio, even when it was called WinRoute, but they took it out. These days, everything is being arranged by a browser but I understand why they took it away from the browser. It's because of the security flaws that are mostly in browsers and they're never up to date. It doesn't matter whether you're using Firefox, Chrome, Mozilla, Internet Explorer, or Edge. They all have their things that are not working correctly. There are vulnerabilities in all browsers. The biggest lesson I have used from using Kerio Control is that I would choose the NG500, the rack model, over any other model they have, as that has proven to be the most stable version and the most stable product. It just runs forever. We are using three of Kerio Control's models. The NG100 is for really small solutions where you just need a firewall with VPN capabilities. They have a bit of a larger model, the NG300, which is suitable for faster solutions. And we have the enterprise solution, which is their fastest firewall, the NG500, and that's a rack model firewall. The antivirus helps people who are uploading files, so that they are scanned. That's not what we are using it for, but our experience with the internal firewalls are a bit different because you can also use an external firewall in the product itself. And now it comes with Defender, which currently works well. For what it is scanning, it's working fine.
The biggest lesson I've learned from using Kerio is that you can quite easily and securely diversify your network security and access without compromising on cost and central control. Since this all comes down to is that it's all centrally controlled, I have confidence that the users were accessing our systems remotely and securely. We have used the Kerio Control appliances to do point to point VPNs at the customer sites quite a few times now, and that's the one we recommend. Customers have been using Ubiquiti and have issues so we replaced them with Kerio appliances and they seem to work great. They're moderately priced, good value, and I haven't had to reboot one of those devices in the field yet. These things run point to point VPN for some pretty business-critical functions, such as wide-area gaming systems that transfer money between venues. I haven't had any issues. I would rate Kerio Control a nine out of ten.
I'm experienced in networking, but I'm not a network engineer per se, I'm more software development. The fact that I was able to get it set up and going with minimal fuss was definitely a plus for the product. I've seen products before where you can get them running, you make the slightest configuration change, and the whole thing comes crashing down. It's quite a stable product in that respect and it does look after itself quite well. For example, risk proxying solution and buying a GoDaddy certificate to secure a couple of APIs was a piece of cake. It really didn't hurt us at all. I think the important lesson there is, if we had tried to do the same thing with a NETGEAR sort of a firewall with a built-in firewall product, I think we would have had a hard time. Kerio definitely has made it easier. I'd say give it a look for sure. I'd totally recommend it. I would rate Kerio Control a seven out of ten. If I didn't have to reboot it so often, then it would probably score a nine. It's not a cheap product and it's not a particularly reliable product at the same time which tends not to be a good mix. Something like this should be able to cope with my entire household, every device I throw at it, and it should be able to cope with that fine. It clearly didn't two years ago. We'll try it again in about 24 hours and we have to hook up this high-speed connection to it and we'll see how well it performs there. Reliability is about the only qualm I have with the product.
The overall ease of use depends on your skill set. I have a networking background, so I find it okay. As you get into more advanced features, it's probably a bit technical, but I managed to find my way around it through the documentation to get things working. It has some good features in there, like you can create a firewall rule and the console lets you test that rule, which is helpful when you're trying to build a firewall rule. One of the features that I haven't used yet is Kerio Control's high-availability/failover protection. However, it is something I would be interested in setting up in the future. We have started using it yet because we are small scale with a very small number of users. Provides the simplicity of having a small appliance that you can rely on to configure. If someone wants a network that can be structured to keep things segregated and safe from each other, then it's a cost-effective device, which is easy enough to set up and configure. I haven't had any security issues. However, back then, I would have been relying on an antivirus, running on clients, hoping that it would catch things. I would rate it as a seven out of 10, but then I don't have a lot of experience with other products to compare it against. Though, from what I see and read, it's as good as anything out there. Everything is good. However, I'm a little bit concerned that I'm not getting a lot of updates. Probably if I needed more performance, it would get expensive fairly quickly.
I would rate Kerio Control a ten out of ten.
Regardless of whether you get a box or virtual, the interface is nearly always the same. There are very few changes between versions. Research what you think you're going to need. Don't just buy the biggest box or the most expensive box because you think it's going to be better. The biggest lesson I have learned from using this solution is that you don't always have to be onsite to fix something. The malware and antivirus features are pretty good. We generally have other malware and antivirus protection as well. A lot of the time, things come in via email so we do have services from Symantec, which filters that out beforehand. Very occasionally I have seen a false positive, where it's blocking something that's actually allowed, but then I can usually figure it out and just allow it. When I've seen something has been blocked or someone has reported they're trying to do something and they can't access or download a file, I can quickly see in the logs that something has been blocked because of the antivirus detection. And I've managed to go from there, allow the file. One feature we haven't used yet is the solution's high availability failover protection. It's something that I've not even tested myself. I was interested in it when it was first announced, but I was reading about it and a few people said that some of the early implementations were a little bit buggy. I have a feeling it's gotten better now. But I've not used it and no one has asked for it either.
Make sure the person that's doing it knows what they're doing. If you're not getting overly complicated, pretty much anybody can do it. But if you're going to get complex, you'll need to have somebody that knows their way around or else you might make yourself vulnerable. If you have a tunnel and you have to change certificates because they expired, you do it in the right order, or else you might have to travel long ways to accept the key on the other side. If you create a new key for the tunnel and apply it, the tunnel is down until the other side accepts the key. If going through the tunnel was your only way there, then you're now traveling unnecessarily or long ways. Luckily for me, it was not too far away. But if you have city to city and you have no one on the other end that has the ability to log in and accept the key, then you're going there. I would rate Kerio Control an eight out of ten. I haven't had a lot of experience with the new owners and I'm worried that they're going to sunset it or not give it the attention it needs. That's just my thought, I have no proof or anything like that.
The machine is a good value for the price and the software is extremely good value for the price. It's proven out to be good, but we're just disappointed in the company that now owns it and took over from it. They're improving, but it took too long to improve and it cost us a lot of money in that way. But I can't blame it on Kerio, I have to blame it on GFS. I would rate Kerio Control a nine out of ten.
The biggest lesson from using Kerio Control is the untapped potential there is to link to everything and streamline our business. That's really what it's about for us. Obviously, there's more out there for us to do with it. As an SMB, Kerio Control is a good fit for our environment. It serves what we need done. I would recommend it for a smaller business because the ease of use and the access it allows us are great.
The solution’s firewall and intrusion detection features are average. They're not spectacular, but they do the job. For the price point though, it's very good. The solution is pretty reliable. It is flexible, e.g., if you have an old workstation, you can turn that into a Kerio Control Box, which is nice. I'll continue using them. However, I believe that their end of life and maintenance fees could be a little more flexible, as far as the cost of the maintenance fee and the length of the lifecycle of these devices. I would give the solution an eight out of 10.
We're using the latest version of the solution. I would recommend the solution. It doesn't take too many people to set it up or maintain it, like, for example, Cisco, which is a bit more complex and difficult. I would rate the solution seven out of ten, and that's mostly due to the fact that their support is so awful right now. If their support was better and more reliable, I would rate them much higher.
I'd recommend the solution. It is a good solution. I would like to use it more as an open source software these days. The way everything is going in the world, I feel that there's definitely a place for open source. In terms of the proprietary side of it, I'm not too keen on it, and I'm a bit dubious about this takeover by GFI. I don't know if it's a product that will carry on as it is or if things will just keep getting a bit more complicated with it. I'd rate the solution seven out of ten. It's done everything I've ever needed it to do. That said, if I can find a solution that does the same, I'll switch. I find that there are actually more options. If you know what you're doing and you find the add-on that you need, then I think it's more flexible.
My advice would be to follow the hardware requirements of Kerio and make sure the equipment that you have can run the connections for the number of users that you intend to run and are being planned out to be successful. Working with the Kerio team to determine your needs works out very well. Not all firewalls have to be difficult to learn. Kerio has made it a really easy-to-use product.
My general advice is always: Read the manual, check your hardware and see if you have everything you need, and if it will suit your needs. It's hard for me to assess its malware and antivirus protection because Kerio is one part of a three-part defense against malware and antivirus. I'm not sure which part picks up which problem. My philosophy is that no single protocol picks up all the problems, so if you have several of them, you'll fight the virus or malware at some point. That's why I have three different tools with different focus points, and together they keep me safe. Malwarebytes specializes more in malware, ESET is a normal desktop antivirus system, and this system is a general anti-malware and antivirus system of another type. They compliment each other. I have an internet speed of 200 megabits per second, and 15 might be enough. So the only point I don't know about Kerio is whether it takes a lot of performance out of the maximum you could get if you didn't have a firewall. Overall, I would give it a nine out of ten, but with the comment that I haven't compared it with anything else. On my scale, 10s are very rare. They're for things that go beyond my expectations and Kerio does exactly what I expect and it does it well. It's just an essential which does it's work. I don't think about it normally. It's just there and it works.
Kerio Control is a nice-to-have for a small business like ours. My advice would be to look at best practices or get someone to show you how to properly set it up before you try anything and it gets too messy. The biggest lesson I have learned from using this solution is to look out when it comes to firewall rules. Don't use too many firewall rules or content rules because it can get really messy, really quickly, if you don't have a decent strategy for that. We always try to use auto-update, so most of the time we're on the most recent version. We have some examples where we use Kerio Control aboard ships where the bandwidth is really limited. In those cases we use our own timeframe to update Kerio Control, but it's normally done within a month or two, so most of them are up to date. We haven't seen anything yet in the antivirus and we haven't had any problems with malware with our systems. I don't know if malware is being detected that well, because sometimes the clients still have some malware. I don't know if it's because it's an HTTPS site or something else. In our company, most of the work with Kerio is done by about 10 people. Everyone does the same tasks: administrating, changing rules, and installing new Kerios. I work on it in my role as a system admin team lead and developer. As of late, I've been more of a developer than administrator. The others are system administrators, business consultants, and there are two other developers.
We don't use high availability or fail-over protection. We set one up once and almost gave up on it. You have to have pinnacle boxes and things, so we did set it up and test it but we haven't actually sold any of them. I feel pretty comfortable having a Kerio firewall in a medium to small business. It can be deployed in an easy fashion, which is the same as everybody's Comcast, CenturyLink, or whatever their modem has. Then if you really spend the time doing it correctly, you can give somebody what, I feel, is an enterprise-quality solution in small business for a good price. If I pinhole Kerio for small businesses, I would rate it a 10 out of ten but overall, I would give it a seven.
Kerio Control is very good. The way that you can maintain it, it's very easy. I had an employee who built a copy of the product, which was a very basic interface for the open source community. You can find it on the Internet. He was impressed by the way Kerio built this firewall solver, because most firewalls are very difficult to maintain due to their complexity. If you are working in complex environments, it is not easy to maintain firewalls, because things are always changing. This is the part of Kerio that is very good. Every IT guy that I show the interface of Kerio Control is impressed with the product because it's very easy to view how things are working (when you know what you're doing). Ransomware is protected only when the system is able to detect, "Okay, this is coming from a link and that link is known, and it is within the protection." I don't use the solution’s high-availability/failover protection because the hardware is needed as well and I wasn't able to test it. I want to test it first, because it's not only the testing, but what are the costs of ownership for the customer? Over the years, the Internet connections in the Netherlands are very stable. I always tell my customers that if they have an Internet connection that they should have a backup connection. The hardware that I use is mostly recent, stable hardware. So, it's not for my type of customers. This is not a very important feature because the hardware is well-maintained. However, that's a thing that I take care of since most hardware fails because there is not a good cooling environment or a lot of dust is in hardware. I make sure that things are running well as part of my services. I'm still surprised that sometimes I need something which I thought was not within Kerio Control, and it was within Kerio Control. That's mostly the case. Biggest lesson learnt: Stick with suppliers for software products who are able to give very good support. I would rate the product as a nine (out of 10). It is very good.
The way that we sell Kerio is we show our customers what they can do with it. They don't really care much about licensing after they see that you can view each person one by one to see what they're doing. I would give the product a 10 out of 10. I have been using this solution for an extremely long time. It is very helpful. With clients that don't have Kerio and have issues with their network, then we'll install a demo version of Kerio, fix the errors and problems, showing them what Kerio does. After, we'll take it out and put them back onto their normal router. It will take about a week or two weeks later, then they will phone us and say, "Please send us a quote for Kerio."
Kerio Control has not increased the number of VPN clients but we have added clients only because they needed it, not because Kerio is there. To the best of my knowledge, before Kerio we did not experience a security breach. The only semi security issue we had was that someone had run a virus that encrypted a whole bunch of files on the server. But that was before my time. I was not the IT manager at that point. If I didn't have the help from someone else that completely understood all of the services that are features of this product, then I probably wouldn't have put it in myself. It's definitely more advanced for people that are handling this type of networking day to day, which I don't. The only other thing that I've had a problem with is Apple servers for some reason, because Apple services come through on so many different servers themselves, and different destinations on the Internet, there's always some kind of issue with updating them on the network with Kerio running. I don't know why. It's just Apple. Everything else is fine. Personally, I've just learned how to route traffic over a network well. It's helped me to route different parts of the Internet to different parts of my network, which I can't do on a Window server, and visually it's been a great help. It's been able to add multiple Interfaces, it's good. I have multiple Internet streams and a failover. That's the best. I would rate it a nine out of ten.
My advice would be to make sure you've got an internet connection. The first thing you have to do is register the user on the internet and then if you get to a new installation where you're setting them up from scratch, you're going to struggle because with the new Kerio unit, the first thing it needs to do is connect to the internet and it can't do that if you haven't set it up. It's best to get it set up before you install it on site. The biggest lesson I have learned from using the solution is not to assume everything is running okay because it might not be. The main reason is because of the denial of service not being up to scratch. You have to make sure that their connections aren't being kept of denial of service effects. That's the problem right now. I would say denial of service is probably one of the weakest areas. I would rate it an eight out of ten.
We don't necessarily use failover protection. If you have a failover seamlessly set, the boat or the customer won't know that there's been a failure. We don't use the failover because we want the boat to understand if there's an issue with one of their LAN connections. For example, if you have a cellular and a satellite connection, and you have both of them set to failover to one or the other, if the satellite connection fails over to the cellular connection, nobody on the boat is going to know that it's failed over. Without the failover, they can identify that there's a problem and then that can be addressed. But if it fails over, nobody is going to be aware that there was an issue and then there's nobody working on solving or trying to figure out what that issue is. My advice would be to have a plan. Have a plan in place and make sure that you document everything that you do. Certainly, if you're talking about multiple deployments, you don't want to run into a situation, for instance, where you have three different IT people and each one of them is doing a different type of configuration. You want to have a policy in place for a standardized configuration. From a support perspective, as well as a usability perspective, make sure those are being addressed. I would rate it about a seven out of ten. The only reason why I would give it that rating is because MyKerio can be a complicated tool if you don't know how to use it. I was at the Monaco Yacht Show and I got a phone call from an engineer on a boat. They were very angry with the service speed of their satellite. We have customers that pay anywhere from $2,500 to $40,000 a month for satellite service. In this particular case, they actually had to send a tender in. They had to take me out to the yacht and I got out to the yacht and I figured out exactly what happened. As I was getting off the yacht, they were explaining to me how one of the crew members had worked with Kerio in the past. When I got onto the boat, somebody had set a QoS monitor to limit the crew network for the satellite connection to only 5% of the allotted bandwidth, but it wasn't just the crew, it was the entire vessel. So the entire vessel was limited through Kerio to 5% of the speed of their satellite. That problem or that issue did not arise as a Kerio issue. They said, "This is a satellite issue. We're having a problem with our satellite." So that's an example of, if somebody doesn't know what they're doing, they can have a pretty detrimental effect on the network. The thing about Kerio is that there's not going to be a dummies book for how to use a Kerio Control. It's really designed to be operated and certainly configured by somebody who is in the IT industry. From the perspective of users, if you're the administrator, you can log into this and you have full access to everything. Whereas if you're "just the user," we're going to hide all of this other stuff from you and the only thing that you're going to be able to do is say that the owner network can use the satellite connection and the crew network can use the connection. I would like to see a very limited or dumbed down version for the average user. You could literally just do a couple of checkboxes and throttle everything on the entire network and nobody would necessarily be the wiser.
It's definitely well suited for and marketed for SMBs but could some enterprises use it? I believe that they could. I believe that there are some spots in the enterprise market that should be looking at this product. I think that some companies would be pleasantly surprised if they considered it for enterprise market use. It's inexpensive and secure enough that you could have multiple instances running across a campus, if you needed to do routing. It supports a ton of VLANs, especially if you put it on your own hardware. You can easily have this thing run thousands of users just by scaling up the hardware because it has the ability to run on standard PC or Server hardware so you can pop it right into a computer and boot it up. This is great because you can choose any amount of hardware that you want to put it on to get it to scale to what you need, and you can upgrade it as needed. It's also great when you do have virtual environments. The company has always been pretty good to work with, which is important. Obviously, GFI's a much bigger company than the original vendor, so some things have changed, but they're a friendly company and want to work with you. They have a nice NFR program. We always like products that have NFR programs, not because we're always looking for free stuff, but because it's nice to be able to use the same equipment inside that we sell to customers, even if it doesn't make sense for us financially (though Kerio Control makes sense for us). Just having that capability to say, "Hey, we use this product ourselves." It's a question that customers ask IT companies a lot, "What do you use?" So, if I can say, "I use Kerio Control." That goes a long way to making the customer understand I really like this product. I trust my business to it. You can trust me when I say, "You can trust your business to it." I would rate the product as a nine out of 10. I've never heard a customer that went on it be upset. I have never had a customer tell me, "I want to get rid of this thing."
I would rate Kerio Control a ten out of ten points overall.
This solution is big in our industry because the captains have to have control over everything. If the captain wants to log in and see what his users, his crew members are doing, then Kerio provides that. I suggest watching the Kerio forums for what the community is saying in terms of upgrades and support. I would rate this solution eight out of ten.
Kerio is user-friendly, it's flexible, and can be used on different kinds of infrastructure. You don't need a high level of skill to use it. It monitors, identifies potential problems and it takes actions on a problem. The system is quite easy to use, and we don't have any kinds of problems with it, compared to other solutions that are not easy to understand and are complex. I would rate it a nine out of ten. Right now, we are really satisfied with the product. Of course, we are open to seeing other improvements, but from our side, we don't need any other improvements because what we have right now complies with our needs.
My advice to somebody researching this solution is to check all the features. Some of the most important features of this program don't exist anywhere else. Especially the statistics. I would rate it a nine out of ten.
I would tell someone considering this solution to go for it. I would rate this solution a nine out of ten.
I would recommend this solution to someone considering it. I would rate this solution an eight out of ten.
Setting up a small laboratory is simple and fast, so you can see a small portion of the solution's benefits and what it will do to improve a business's security.