Kerio 2.x or Kerio 4.x?

I have been puzzling over this. Think I have sussed it now.

If you go to the Network Security page, click on the Applications tab, then down at the bottom click on Packet Filter, you should find all the rules there.

 

Yes, you can import either version 2 or 4 rules from there. Be aware though, that BZ's rules may or may not log properly in all respects. If you have logging to unopened ports turned on, that internal rule takes precedence over *some* other rules which might log packets to closed ports. So, for example, if there is a rule to log packets to ports 1026-1029 and these ports are closed, you will never see Kerio 4 logging by this rule. It will use it's own internal rule to log packets to closed ports.

 

Fannymites,

You are using the best combo for sure, CHX plugs all the security gaps of Kerio and AH does the rest.

 

Where are rules made specifically for 4.x ? I have looked and cannot find any.

Also, 4.x with the BZ rules: is it pretty good as far as free options go? I have a firewall router so I guess that I will only gain from and should only consider outbound filtering and app. control, and of course, stability when weighing firewalls.

ZA crashed two of my systems
Filseclab just kept turning off all by itself
Jetico is kind of over my head, I think.

So I am looking for a good solution, Kerio 4.x is my latest test.

Thanks,
B.

 

If you only need outbound filtering kerio 2.x is probably as good as anything and very light. Quite a lot of people seem to have stability and compatibility issues with it but I lot don't (I've never had a problem with it).
Kerio 4.x seems to have a better default setup than kerio 2.x so if you are using a router you probably don't need BZ's rules, not all of them, anyway.

Have you tried Netveda SafetNet? - http://www.netveda.com/consumer/safetynet.htm
It's light, very stable and passed every online firewall test (for me) with it's default settings.
It has application launch control like kerio 4.x and content filtering.
(This is the second time I've recommended SafetyNet to someone here. I'm not on the payroll, honest).

 

Well fannymites. I find it hard to believe your words
http://www.broadbandreports.com/forum/remark,14318738

I am humble enough to confess my one and only post in Kerio DSLreports site.
Silly as that post was. But you told how common it was to loose the KPF 2.1.5 rules!
I got my worries sorted out and got my KPF 2.1.5 working, but as I said, it lost it's rules while accidentally running it together with Win XP SP2 Fw.
No other time. And I was still protected after that, so no big worries.
You give some extra info when other times that happen!!!
I really like Kerio 2.1.5 still, but favor 4.2.2.

IMO Kerio 4.2.2 I am currently running is much more friendly to newbies than 2.1.5.
You can make most Blitzen Zeus's rules to the advanced packet filter same as in kpf 2.1.5, if really wanting.

 

In the thread you linked to, I had meant to put in a link to another thread where people were discussing the rule forgetting problem and it seemed like everyone had it happening. I wasn't actually referring to myself, though having re-read it I know it looks that way. I only ever had that problem once when I was using a different computer and a lot of other programs were forgetting their settings so I didn't see that as a kerio issue, though I have always backed up my rules regularly just in case.
As I said, a lot of people have probs with it and a lot don't, it's a strange one.

 

thanks for a reply, we all say sometimes words.

My word really is that Kerio 4.2.2 seems to be a good firewall.
But then again I never had any previous versions of that who tell update sucks or some other.

Kerio 4.2.2 seems so good a firewall (it does not have DLL authentication like Sygate) basically, that I wonder about what other people have about 100% CPU usage, when i have none? I notice no huge CPU or memory one. I mean no exceptionally large peak values in memory. or no more than 1..2 %

 

I was using 4.x for a while before switching back to kerio 2.x (and Netveda on another installation) and the memory/cpu usage has not been an issue either, though it was in earlier versions I tried in the past. As for dll authentication, I thought it did have that or does the app control in Kerio 4.x work differently? I didn't use the app control.

 

Kerio 4 comes out of the box with nothing but the Predefined Rules which you can see in one of the tabs under Network Security I think (can't remember). If you want to create your own rules instead, or use BZ's rules, then you'll have to do that in the Packet Filter section. From there you can either import the Kerio 2.x BZ rule set, or create your own. If you do, you will also then most likely want to turn off the Predefined Rules.

If you already have a router, then you may just want to stick with the Predefined rules and use Kerio 4 for outbound app control. You can also set it to alert you and ask about execution of any app. Check the various options..

 

As far as I can tell, Kerio 4.2.2 does not have dll authentication the same as Sygate.

Kerio has the Behaviour blocking, that asks if programs are allowed or if they have changed or launching others. So that is I guess the app control you mean.

But when surfing, browser downloads surprisingly many dll's to your computer. About them Kerio 4.2.2 asks nothing.