Enterprise-level network security behavior management firewall Kerio Control 9.3.5 Build 4367 installation and use
Kerio Control is a simple and fast enterprise-level network security behavior management firewall, which brings together multiple functions including network firewalls and routers, intrusion detection and intrusion prevention (IPS), anti-virus gateway, VPN and content filtering, etc., which can protect the network from Destroyed by viruses, malware, and malicious behaviors, these comprehensive functions have unparalleled deployment flexibility, making Kerio Control an ideal choice for small and medium-sized enterprise firewalls.
Firewall, routing, IPS
Maintain the integrity of the server with deep packet inspection and advanced network routing features-including simultaneous IPv4 and IPv6 support. Create inbound and outbound communication policies to restrict communication to specific URLs, communication types, content categories, and time of day.
Kerio Control’s IPS adds a layer of transparent network protection. This protection is based on Snort’s behavior analysis and regularly updated rules and a database of blacklisted IP addresses to prevent recurrence of threats.
Advanced Bitdefender Antivirus Gateway
The integrated Bitdefender antivirus gateway prevents viruses, Trojan horses, worms and spyware from invading your network.
The optional Bitdefender antivirus service scans all Web and FTP communications, email attachments and downloads, and automatically updates the latest virus definitions used by itself.
Industry-leading website and content filtering
The Kerio Control Web filter can selectively block, allow or log in access to 141 categories of Web content. Ensure the reasonable allocation of network bandwidth and prevent streaming media and point-to-point methods from occupying a large amount of bandwidth. Prevent users from accessing identity thefts that contain viruses and spyware or engage in phishing websites, and filter known malware websites.
The optional Kerio Control Web filter service restricts illegal activities by restricting users’ access to dangerous or inappropriate websites, protects your network, and restricts users from accessing illegal sites to waste time and improve work efficiency.
Unparalleled service quality
Easily determine the priority order and network traffic monitoring to ensure the communication quality of high-priority type transmission. Internet link load balancing can optimize Internet access by deploying multiple links. Kerio Control monitors the availability of links in real time, recognizes and automatically disables or re-enables links to ensure continuity of Internet access.
Kerio Control QoS can finely control how much bandwidth the network traffic of the different bandwidth type will consume. Maximize bandwidth usage through bandwidth priority settings, and ensure high-priority communications through bandwidth settings. Kerio Control also uses Internet link load balancing technology to combine multiple links to ensure Internet communication.
- Processor: 500 MHz minimum
- Memory size: recommended to be greater than 4GB
- Hard Disk Space: It is recommended to be greater than 8GB
- Network interface: at least 2 (10/100/1000 Mbit)
- Hardware compatibility: Support Linux Kernel 3.16
It is similar to installing Windows or Linux, simpler and no difficulty, just follow the on-screen instructions (pure English interface):
Kerio Control adopts the Web management method. For the first installation, you need to confirm the network interface on the server before logging in to the Web management.
Kerio Control will initiate automatic acquisition of DHCP on each interface before running for the first time without configuration, and consider the interface that cannot obtain DHCP assignment as the local interface (Ethernet), and the acquired interface as the network interface (WAN). The first time you need to pay attention to the connectivity of the interface (that is, the port as the internal network cannot obtain the IP):
After configuring the local interface (LAN), you can log in to the web management interface through the IP of the same network segment, and the address will be displayed on the server (if this address cannot be registered, please confirm the network interface again):
Use modern browsers such as Chrome or Firefox to open the management address, and follow the instructions on the page as well. There is no difficulty:
Kerio Control is software that requires authorization, so the first thing to do when booting is to authorize, here we directly choose the first way to authorize:
Activate the system
Of course, our test environment tried to use the PJ version to activate, but the pj version does not support updating the IPS database and anti-virus products , so we first updated the IPS above, because some versions of the PJ version (such as 9.3.5) are anti-virus after installation The product will not be recognized, so we will update it by other methods later.
If you don’t need intrusion prevention, you can install the ISO image of the activated cracked version directly from the beginning.
If it is an old version, the method is very simple, just use the Web management interface -> Advanced options -> Software update -> Upload a binary image file to upgrade. The binary image file is the above
After the upgrade is completed and restarted, Kerio Control is permanently activated.
To prevent rebounds, we block the following domain names through DNS:
127.0.0.1 gogs.dontexist.com 127.0.0.1 register.kerio.com 127.0.0.1 update.kerio.com 127.0.0.1 control-update.kerio.com 127.0.0.1 sophos-update.kerio.com 127.0.0.1 snort-update.kerio.com 127.0.0.1 wf-activation.kerio.com
If it is more strict, you can further block the connection of related domain names in the traffic rules and content filters.
At least a valid trial version authorization is required to update the intrusion protection database and anti-virus products before you can open the Kerio Control Web Filter .If we need this feature, we should choose to use the trial version for 30-day activation before permanent activation.
Since we blocked the connection of the relevant domain name for anti-rebound,
Kerio Control Web Filter and used real-time online verification, it is determined that it cannot be used, just turn it off:
入侵保护数据库We updated during the trial version. Generally speaking, there is not much need to keep the latest in real time, so you can wait for the next update of the system and then update:
防病毒产品, Because of the happy version used, the server will directly reject the request and cannot update the virus database, so we adopt a manual update method.
Hold down the Shift key, then click System Health, and then click to open SSH:
Log in to the firewall via SSH through Xshell or other clients that support SSH. Note that the user name you log in at this time is
root not the one used for Web management
admin, but the password is the same.
First download the Bitdefender offline virus database to the local:
32 位：http://download.bitdefender.com/updates/update_av32bit/cumulative.zip 64 位：http://download.bitdefender.com/updates/update_av64bit/cumulative.zip
Note, please use the foreign IP to download, the domestic IP access will jump to the domestic CDN node, but currently the domestic CDN node does not synchronize these two files.
Then use Xshell or other clients that support SSH to log in to the firewall using SSH. Note that the login user name is
root not the one used for Web management
admin, but the password is the same. Follow the steps below after login:
~ # mkdir /var/winroute/bitdefender/Plugins/1/ ~ # cd /var/winroute/bitdefender/Plugins/1/ /var/winroute/bitdefender/Plugins/1 #
Use SFTP/STCP to upload the virus library cumulative.zip that you just downloaded , and then perform SSH:
/var/winroute/bitdefender/Plugins/1 # unzip cumulative.zip && rm -rf cumulative.zip Archive: cumulative.zip inflating: bdcore.dll inflating: bdcore.so.freebsd7-x86_64 inflating: bdcore.so.linux-x86_64 inflating: bdcore.so.linux-x86_64-wg inflating: bdcore.so.macosx-x86_64 ... inflating: Plugins/zip.xmd inflating: Plugins/zoo.xmd
Create library file association:
/var/winroute/bitdefender/Plugins/1 # ln -s /var/winroute/bitdefender/Plugins/1/bdcore.so.linux-x86_64 /var/winroute/bitdefender/Plugins/1/bdcore.so
Restart the firewall, and then you can enable antivirus products:
[Size]: 430 MB
[Installation environment]: linux