Kerio Control Firewall is a robust unified threat management (UTM) solution specifically designed to secure networks for small to medium-sized businesses. It integrates a powerful router, a proxy server, and a next-generation firewall, providing a multi-layered defense against external attacks and various forms of malware and viruses. This comprehensive product ensures reliable protection for your computer system and corporate network infrastructure.
Beyond its core firewall capabilities, Kerio Control offers a suite of advanced features including an intrusion prevention system (IPS), a secure SSL-based VPN server, and integrated antivirus gateway protection. It also provides sophisticated web and application filtering, granular user-specific access control, and detailed internet monitoring reports, empowering administrators to manage employee productivity and prevent resource wastage.
Pro Tips
Configuring Initial Network Interfaces and Internet Access
- Access the Kerio Control web administration interface (e.g., https://:4081/admin).
- Use the Configuration Assistant on the Dashboard to set up your Internet connection and local network.
- Select your connectivity mode (e.g., Single Internet Link or Two Internet Links with Load Balancing).
- Configure the Internet interface (WAN) with automatic or manual IP settings (IP address, subnet mask, default gateway, DNS servers).
- Select and configure the interface connected to your local network (LAN), ensuring DHCP server and DNS forwarder modules are correctly set up for local devices.
Reason To Do This: Proper initial network configuration is crucial for establishing secure internet connectivity and ensuring all internal devices can access network resources while being protected by the firewall. This also sets the foundation for advanced features like VPN and traffic rules.
Implementing User-Specific Access Policies and Content Filtering
- Navigate to the Users section in the Kerio Control administration interface.
- Create individual user accounts or user groups (e.g., by department) and integrate with Active Directory or LDAP if applicable.
- Go to Traffic Policy -> Traffic Rules to define rules based on users, user groups, time ranges, and content categories.
- Utilize Web & Application Filtering to selectively block or allow access to specific websites or applications (e.g., social media, streaming video, peer-to-peer networks) for different user groups.
- Enable User Authentication for internet access, requiring users to log in before connecting, allowing for granular policy enforcement.
Reason To Do This: User-specific access control and content filtering enhance security by preventing unauthorized access, improve employee productivity by limiting access to non-work-related content, and help manage bandwidth effectively.
Setting Up Secure VPN Connections for Remote Access
- In the Kerio Control administration interface, go to the VPN section.
- Configure the Kerio VPN server or IPsec VPN server to enable client-to-site and site-to-site connections.
- Define VPN tunnels and user access rights, ensuring appropriate encryption protocols (e.g., AES256, SHA2_512 for IPsec) are selected.
- For remote users, provide the Kerio Control VPN Client installer (available for Windows, macOS, Linux) or guide them on configuring standard IPsec/OpenVPN clients on their devices (Android, iOS).
- Ensure firewall rules are configured to explicitly allow VPN services and traffic to pass through, especially if strict policies are in place.
Reason To Do This: Secure VPN connections are essential for enabling remote employees and branch offices to safely access corporate network resources, maintaining data confidentiality and integrity across public networks.
Download Kerio Control Firewall
File size: 11.2 MB
OS support: Windows
Windows
Main Features
- Next-Generation Firewall & Router: Kerio Control acts as a powerful firewall and router, enabling administrators to control inbound and outbound network traffic with customizable rules. It supports essential networking functions such as Network Address Translation (NAT), port forwarding, and VLAN management to segment and secure the network.
- Intrusion Prevention System (IPS): The integrated Intrusion Prevention System (IPS) actively blocks malicious attacks, exploits, and unauthorized access attempts. Utilizing Snort-based deep packet inspection and a regularly updated threat database, it provides real-time detection and blocking of suspicious activities.
- Secure VPN Connectivity: Kerio Control offers robust and secure Virtual Private Network (VPN) services, supporting both client-to-site and site-to-site connections. It is compatible with Kerio VPN, IPsec, and OpenVPN protocols, facilitating secure remote access for employees and interconnecting branch offices.
- Antivirus Gateway Protection: The antivirus gateway provides comprehensive scanning of incoming and outgoing email, web traffic (HTTP/HTTPS), and FTP transfers for malware and viruses. It integrates with the Bitdefender antivirus engine for real-time threat detection and prevention at the network perimeter.
- Web & Application Filtering: Administrators can restrict access to malicious, adult, or time-wasting websites and applications across 141 continuously updated categories. This feature enhances productivity, reduces legal liabilities, and helps manage bandwidth by blocking non-essential content.
- Bandwidth Management & QoS: Kerio Control provides extensive bandwidth management capabilities, allowing prioritization of critical applications and services like VoIP and video conferencing. It also enables limiting bandwidth usage for less important activities, ensuring optimized network performance and fair usage.
- User Authentication & Reporting: The solution supports various user authentication methods, including Active Directory, LDAP, and a local user database. It generates detailed, web-based reports on network activity, internet usage, and security logs, which are invaluable for compliance, analysis, and managing employee productivity.
- High Availability & Flexible Deployment: Kerio Control ensures continuous network uptime through features like WAN failover and load balancing. It offers flexible deployment options, available as a software appliance, a dedicated hardware appliance, or a virtual firewall running on VMware and Hyper-V environments.
Technical Specifications
| Software Name | Kerio Control Firewall |
|---|---|
| Version | 9.6.1 Build 9306 |
| License | Paid (Shareware) |
| File Size | 11.2 MB |
| OS Support | Windows |
| Language | Multi-language |
| Developer | GFI Software |
| Homepage | https://www.gfi.com/products/kerio-control |
| Changelogurl | https://www.gfi.com/products/kerio-control/release-history |
| Last Updated | June 12, 2026 |
Hardware Requirements
Minimum
- OS: Windows Server 2016/2019/2022 (for Hyper-V Virtual Appliance), VMware ESXi/vSphere Hypervisor 5.5+ (for VMware Virtual Appliance), Linux kernel 3.16+ (for Software Appliance)
- Processor: 2 GHz CPU
- RAM: 4 GB RAM
- Disk Space: 12 GB HDD space
Getting Started
Installation Steps
- Download the Kerio Control Firewall installer or virtual appliance image suitable for your environment from the official website.
- For software or virtual appliances, follow the specific deployment instructions (e.g., installing on a dedicated server or importing the virtual machine to VMware/Hyper-V).
- Access the web administration interface via your browser (typically https://:4081/admin) and complete the initial configuration using the setup wizard, including network interfaces and administrator password.
Compatibility: Compatible with various Windows Server versions, Linux distributions, and virtualization platforms like VMware and Hyper-V. The VPN client supports Windows, macOS, and Linux desktop operating systems, as well as Android and iOS mobile devices.
Common Issues & Fixes
- Issue: Firewall not reachable after initial setup → Solution: Verify network interface configuration and ensure traffic rules allow administration access. Check if the default gateway and DNS settings are correct.
- Issue: VPN client connection failures → Solution: Ensure the VPN server is properly configured on Kerio Control, and necessary firewall rules are in place to allow VPN traffic. Check client-side network settings and VPN client logs.
Questions & Answers
Discover more from Software Wave
Subscribe to get the latest posts sent to your email.