Protect Servers from unauthorised connections

Download the IPS Technology Overview

Signature based packet analysis

At the core of its scanning technology, Kerio Control integrates a packet analyser based on Snort. Snort is an open source IDS/IPS system that transparently scans all network communication, and provides a framework for incorporating custom rules.

Rules Database

Kerio Control implements a set of rules maintained by a community sponsored project called Emerging Threats. Each rule is digitally signed to ensure the authenticity of updates, preventing any type of tampering. The rules are based on many years of contributors from industry professionals, and are continually updated. More information is available at emergingthreats.net

Server Security

As a network based intrusion prevention service, Kerio Control protects servers behind the gateway.
IPS protects servers against vulnurability in their software that can be exploited by attacks.

IP Blacklisting

Kerio Control maintains a database of IP addresses which are explicitly denied any type of access through the firewall. The IP addresses included in this database are known to be the origin of some form of attack. The IP addresses stored locally and updated automatically.

Rule Management

• Automatic update IPS engine checks for updates as frequently as every hour to ensure the signature database is current.
• Exceptions to eliminate false positives, rules that are confirmed as non threatening can be added to a white list using an ignored signatures setting.

Security Log

The IPS engine reports blocked communication to the security log that includes the details to each event, including the rule ID for the review of signature accuracy.