Kerio WinRoute Firewall
		Next

Kerio WinRoute Firewall

Administrator's Guide

Kerio Technologies

This guide provides detailed description on the Kerio WinRoute Firewall, version 6.5.0. Improved version. All additional modifications and updates reserved.

For current product version, check http://www.kerio.com/kwfdwn.

Copyright © Kerio Technologies. All Rights Reserved.

Information regarding registered trademarks and trademarks are provided in appendix A Legal Presumption.

Table of Contents

1 Quick Checklist

2 Introduction

2.1 Kerio WinRoute Firewall
2.2 Conflicting software
2.3 Installation
2.4 WinRoute Components
2.5 WinRoute Engine Monitor
2.6 Upgrade and Uninstallation
2.7 Configuration Wizard

3 WinRoute Administration

3.1 Administration Window
3.2 View Settings

4 Product Registration and Licensing

4.1 License types and number of users
4.2 License information
4.3 Registration of the product in the Administration Console
4.4 Product registration at the website
4.5 Subscription / Update Expiration
4.6 User counter

5 Network interfaces

6 Internet Connection

6.1 Persistent connection with a single link
6.2 Connection with a single leased link — dial on demand
6.3 Connection Failover
6.4 Network Load Balancing

7 Traffic Policy

7.1 Network Rules Wizard
7.2 How traffic rules work
7.3 Definition of Custom Traffic Rules
7.4 Basic Traffic Rule Types
7.5 Policy routing
7.6 User accounts and groups in traffic rules
7.7 Partial Retirement of Protocol Inspector
7.8 Use of Full cone NAT
7.9 Media hairpinning

8 Configuration of network services

8.1 DNS Forwarder
8.2 DHCP server
8.3 Dynamic DNS for public IP address of the firewall
8.4 Proxy server
8.5 HTTP cache

9 Bandwidth Limiter

9.1 How the bandwidth limiter works and how to use it
9.2 Bandwidth Limiter configuration
9.3 Detection of connections with large data volume transferred

10 User Authentication

10.1 Firewall User Authentication

11 Web Interface

11.1 Web Interface Parameters Configuration
11.2 User logon and logout
11.3 Status information and user statistics
11.4 User preferences
11.5 Dial-up

12 HTTP and FTP filtering

12.1 Conditions for HTTP and FTP filtering
12.2 URL Rules
12.3 Global rules for Web elements
12.4 Content Rating System (ISS OrangeWeb Filter)
12.5 Web content filtering by word occurrence
12.6 FTP Policy

13 Antivirus control

13.1 Conditions and limitations of antivirus scan
13.2 How to choose and setup antiviruses
13.3 HTTP and FTP scanning
13.4 Email scanning
13.5 Scanning of files transferred via Clientless SSL-VPN

14 Definitions

14.1 IP Address Groups
14.2 Time Intervals
14.3 Services
14.4 URL Groups

15 User Accounts and Groups

15.1 Viewing and definitions of user accounts
15.2 Local user accounts
15.3 Local user database: external authentication and import of accounts
15.4 Active Directory domains mapping
15.5 User groups

16 Remote Administration and Update Checks

16.1 Setting Remote Administration
16.2 Update Checking

17 Advanced security features

17.1 P2P Eliminator
17.2 Special Security Settings

18 Other settings

18.1 Routing table
18.2 Universal Plug-and-Play (UPnP)
18.3 Relay SMTP server

19 Status Information

19.1 Active hosts and connected users
19.2 Network connections overview
19.3 Alerts

20 Basic statistics

20.1 Volume of transferred data and quota usage
20.2 Interface statistics

21 Kerio StaR — statistics and reporting

21.1 Monitoring and storage of statistic data
21.2 Settings for statistics and quota
21.3 Connection to StaR and viewing statistics
21.4 Accounting period
21.5 Overall View
21.6 User statistics
21.7 Users' Activity
21.8 Users by Traffic
21.9 Top Visited Websites
21.10 Top Requested Web Categories

22.1 Log settings
22.2 Logs Context Menu
22.3 Alert Log
22.4 Config Log
22.5 Connection Log
22.6 Debug Log
22.7 Dial Log
22.8 Error Log
22.9 Filter Log
22.10 Http log
22.11 Security Log
22.12 Sslvpn Log
22.13 Warning Log
22.14 Web Log

23 Kerio VPN

23.1 VPN Server Configuration
23.2 Configuration of VPN clients
23.3 Interconnection of two private networks via the Internet (VPN tunnel)
23.4 Exchange of routing information
23.5 Example of Kerio VPN configuration: company with a filial office
23.6 Example of a more complex Kerio VPN configuration

24 Kerio Clientless SSL-VPN

24.1 Configuration of WinRoute's SSL-VPN
24.2 Usage of the SSL-VPN interface

25 Specific settings and troubleshooting

25.1 Configuration Backup and Transfer
25.2 Automatic user authentication using NTLM
25.3 FTP on WinRoute's proxy server
25.4 Internet links dialed on demand

26 Technical support

26.1 Essential Information
26.2 Tested in Beta version
26.3 Contacts

A Legal Presumption

B Used open-source libraries

Glossary of terms

		Next
		Chapter 1 Quick Checklist