Security is a frequent topic of conversation among technology enthusiasts and the everyman. We spend thousands on top of the line computers, only to watch them rendered useless after some hacker across the globe breaks in and destroys our software and important data. So as we look to the internet for methods of protection, first and foremost we find the firewall. For today’s Freeware Frenzy, I’ll be examining Kerio Personal Firewall 4.
After agreeing to the license, Kerio will ask if you want it to run in Simple or Advanced Mode. According to the descriptions, Simple is the typical setup and will not ask for any input from you, the user. Advanced mode however is for users who need more information and control; so it will ask about unknown network traffic and launching unknown applications. Since it was considered “typical”, I chose Simple, but I will switch to Advanced later on to try it. A reboot is required after installation.
After rebooting, Windows Firewall popped up with a Security Alert about blocking Kerio. After clicking Unblock, Kerio will actually disable Windows Firewall to let itself handle all network protection duties. Kerio’s appearance is similar to ZoneAlarm, popular software firewall that I reviewed here. Control is handled through four major areas; Network Security, Intrusions, Web, and Logs & Alerts, along with an Overview tab. When you download KPF, you will receive a 30 day trial of the full version. After those 30 days, it will revert to the “free” version by disabling some features but continuing to run. The main difference is that the free version lacks various content filters, such as an ad blocker. See my review of Hoster for more on ad blocking. Also, many browsers can handle pop-ups and cookies, so these features are not a large loss. The network security, clearly the main focus of KPF, will still function. Let’s take a look at each area of Kerio.
Overview
The Connections tab lists all programs or services on your system with connections to the Net. Some are ‘connected out’, such as a newsfeed widget and instant messenger program. Some are ‘connected in’, such as Kerio itself. Others are considered listening, meaning that they are not currently connected but given the correct signal from a program, they will pick up a connection. Any connected program will also show you the remote connection point, the server with which it is connected. So AOL Instant Messenger will show an AOL server address. The protocol, TCP or UDP, is listed along with both download and upload speeds if the connection is active. The statistics tab catalogues all of the various events, such as network intrusions, pop-ups, cookies, or ads that Kerio has dealt with since installation. Preferences let you check for updates, password protect Kerio or save a configuration. While password protection is useful for preventing unwanted changes on a family PC, it is a part of the full version that will become inactive.
Network Security
This area lists all of the various programs and services that need to interact with Kerio and their current permission level. These permissions are divided into two areas; Trusted and Internet. A trusted zone is usually a personal network; one in which you can personally assure the safety of the various machines. So the traffic here is usually less protected. Permissions for the general internet are stricter though, as they should be, to protect your system from the various malicious software and people in the world. You can easily add, edit or remove a program and set it to deny, allow or ask permission for various connections in or out of either zone.
Here you can also setup advanced packet filtering. You can setup an IP or group of IPs, select an application, protocol, port or port range, setup incoming and outgoing connections and whether or not to allow or deny them. You can have a complete list of personalized sites and machines that have various permission sets and connections to comply with your network, other software or security measures or any kind of increased control you need. Kerio receives kudos here for an advanced feature that is carried on with the free license.
Intrusions
This tab lets you configure three things; the Network Intrusion Prevention System (NIPS), the Host Intrusion Prevention System (HIPS), and Application Behavior Blocking. NIPS will block attacks based on a database of known malware and viruses from entering your system. HIPS however will prevent buffer overflows (which can result in system crashes) and code execution from running on your system. You can of course tweak both and make exceptions. ABB is the “Advanced” setup that I skipped earlier. Enabling it now will let you customize the applications that are allowed to start, be modified or launch other programs. You can setup which action of those three are allowed automatically or must ask for permission. I was worried this would become oppressive; filling my screen with pop-ups for everything I opened. This was not the case, for the most part. My everyday apps opened without incident. I did have some pop-ups at first, as expected for starting to use any program of this nature, and these were mostly for my other security apps, but by clicking “Create Rule” and allowing them, I never saw the pop-ups again.
Web
This tab contains all of the various content filters that will become inactive after the one month trial. Until then, you can block ads, pop-ups, content such as Java, VBScript and ActiveX, block cookies, and setup website exceptions.
Logs & Alerts
This area logs all of the various events that Kerio has handled. Most of these of course are under the Web Area for ad and pop-up blocks.
Conclusion
With plenty of options, even after the full version expires, and a thorough help file, Kerio is a well made firewall program. Kerio is a very capable solution for a firewall if you are looking for more advanced options then Windows XP’s built in firewall offers. Check it out here: http://www.sunbelt-software.com/Kerio.cfm
