Installation guide
Table Of Contents
- Introduction
- Headquarters configuration
- Selection of IP addresses for LAN
- Configuration of network interfaces of the Internet gateway
- Kerio Control installation
- Kerio Control Administration interface and product activation
- Setting connection and basic traffic rules
- DHCP Server Configuration
- DNS configuration
- Web interface and SSL-VPN certificates
- Mapping of user accounts and groups from the Active Directory
- Address Groups and Time Ranges
- Web Rules Definition
- FTP Policy Configuration
- Antivirus Scanning Configuration
- Intrusion Prevention System
- Enabling access to local services from the Internet
- Secured access of remote clients to LAN
- LAN Hosts Configuration
- Viewing statistics of Internet usage and user browsing behavior
- Configuration of the LAN in a filial office
- Interconnection of the headquarters and branch offices
- Used open source items
- Legal Notices
5
It is recommended to reserve a standalone server for the firewall’s purposes (Internet gateway).
Such server can be:
• A physical or virtual server with Windows.
Use Kerio Control in a Windows edition installed in the system as an application. The
firewall can be run along with other server applications, such as the mailserver with
groupware features Kerio Connect. However, the firewall host should not be used as
a user workstation.
Implementation on a server with Windows is suitable especially in minor networks
where only one server is available, or if you want to use Kerio Control to replace an
existing software firewall or proxy server.
• A physical or virtual server without operating system.
If there is a physical or virtual server reserved where no other applications will be
run, it is recommended to use the Kerio Control’s Appliance edition which provides
firewall including a host operating system. Compared with the Windows edition on
the same hardware, this version offers higher performance and network throughput.
It also guarantees no collisions with incompatible applications and system services.
However, no other applications can be hosted on the same system along with the
firewall.
For virtualization systems VMware and Parallels, virtual appliances are ready available
for import and instant startup.
• Kerio Control Box hardware device.
This box consists of Kerio Control in edition Appliance installed on a special optimized
hardware device. In smaller networks, it can be also used as a switch for connection
of local stations.
The Kerio Control box is available in two types different in performance and number
of network ports.