Manualshelf

User`s guide

ManualsBrandsKerio ManualsSoftwareControl 7, 100 user add-on, GOV
11121314151617181920
Headquarters configuration
16
Notes:
1. The IP address of the host where the appropriate FTP service is running must be used to
define the FTP server’s IP address. It is not possible to use an outbound IP address of the
firewall that the FTP server is mapped from (unless the FTP server runs on the firewall)! IP
addresses are translated before the content filtering rules are applied.
2. The same method can be also applied to enable upload to a particular FTP server in the
Internet whereas upload to other FTP servers will be forbidden.
2.13 Antivirus Scanning Configuration
Any supported external antivirus application that you intend to use must be installed first.
The Sophos antivirus application is integrated into Kerio Control and you will need a special
license to run it. The ideal solution is to combine the integrated and an external antivirus (so
called dual antivirus check).
In Configuration Content Filtering Antivirus, on the Antivirus tab, set antiviruses
and, if applicable, also advanced settings for the selected external antivirus. For
complete list of supported antiviruses and their detailed configuration guides, refer to
http://www.kerio.com/firewall/third-party#av.
Kerio Control allows to select protocols which antivirus check will be applied to. The HTTP,
FTP scanning, Email scanning and SSL-VPN scanning, tabs enable detailed configuration of
scanning of individual protocols. Usually, the default settings are convenient.
2.14 Enabling access to local services from the Internet
Go to Configuration Traffic Policy Traffic Rules to add rules for services that will be
available from the Internet. Rules for service mapping should be always at the top of the
traffic rules table.
Mapping of local FTP server unsecured access only is supposed which makes it
possible to filter traffic and scan it for viruses.
Name Source Destination Service Action Translation
Access to FTP server Any Firewall FTP Allow Mapping 192.168.1.2
Table 2.2 Making the local FTP servers available from the Internet
Access to other mail server services (save SMTP) allowed only from certain IP
addresses in the Working hours time range.