New Kerio Firewall

[Petros]

I found a link to 2.1.5 if anyone wants to revert (as I will!). There's nothing more annoying than to wake up and find my torrents stopped half an hour after I went to bed.

Download here

@dealer: I read your post at the Kerio forums. Seems that the programmers don't make much contact with the users! Geez they're slow...

 

[leedogg]

Did I mention how much more mature and stable sygate pro seems to me?Has passed every firewall test I've thrown at it, and doesnt mess with anything

 

[Perris Calderon]

dissabled automatic updates, dissabled the pop up stopper, haven't had an issue since.

I don't know if this was related, but I haven't had a problem now

 

[Capricorn]

Is the latest update 4.0.8 OK, or is it still causing problems?

 

[Enyo]

Yes. Some of the issues have been resolved, particularly the one HandyBuddy mentioned, KPF no longer stops network traffic after several hours of uptime.

4.0.8:

Changes from previous version:

+ Administration console stores its settings into registry instead of kpf configuration
+ Administration console remembers its most recent position
+ Administration console remembers list columns width and position
+ Each caption in statistics is clickable and redirects user to appropriate log

- handle leak fixed
- KPF no more stops network traffic after several hours/days of uptime (also solves "cannot connect to service" problem)

On a side note i spent some time this weekend putting a few personnel firewalls though the paces (leak testing, stability testing, resource usage, sustained attacks etc). Outpost Version 2.0 did the best so if your thinking of switching from Kerio 4 and don't want to use Kerio 2.1.5 i recommend Outpost (not version 1!)

 

[Capricorn]

Many thanks, I don't think the Outpost Version 2 is free. I will probably go back to Kerio 4. I am running the EZ Firewall and Anti-Virus which was on free offer for a year, but everytime I boot up it tells me to register, and then won't accept the registration number they sent me. It works OK though after I press cancel. And it appears to be updating alright.

 

[Enyo]

Yea OP 2 is not free. To be honest as far as the current free firewalls go im not impressed with any of them (other than Kerio 2.1.5 but i keep saying its only a basic firewall).

 

[Capricorn]

Thanks again. I am now using the Avast Anti-Virus, which I quite like. Pity they didn't do a Firewall as well.

 

[Bronx Bomber]

I will stick with ZoneAlarm Pro, thanks.

 

[Enyo]

Bronx Bomber, nobody is asking you to stop using it.

This thread is about Kerio, if you don't use it or have no intent on using it you have nothing to add to this discussion.

Perhaps the generic AV/Firewall threads would be a better place to comment on ZAP.

 

[Elroy Jetson]

Enyo - can you comment on sygate personal firewall 5.5 build 2516? you seem to know much about security. I switched from kerio 2.1.5, because I read on dslboards that there was some backdoor problem with kerio 2.1.5. care to comment? I have found sygate to work fast, stable, and it seems to use little resources as well. how does it compare to kerio 2 and/or 4?

 

[Enyo]

There is no backdoor in Kerio 2.1.5.

A small issue existed with the remote admin function in 2.1.4 but thats all.

Kerio 2.1.5 is a basic packet filtering firewall and should be used where you want a well performing solution without all the bells and whistles of most personnel firewalls. It allows very granular control via a simple interface.

Kerio 4 is a more robust security solution with more advanced security such as Stateful Packet Inspection and Sandboxing. It offers a much improved feature set and a new interface. However some wont like the new way of doing things in Kerio 4, I'm among them to be honest.

As far as stability goes with Kerio 4 many users have reported issues, however equally many users have reported no issues. From my testing Kerio 4 has proven to be a stable solution but needing some work in areas, all related to interface and stability i cant fault the security.

In terms of resource usage Kerio 2.1.5 is the lightest on resources.

As far as Sygate goes i have not tested it for sometime but acknowledge improvements have been made. Sygate at one time had some flaws that took them a long time to get over and affected the overall security of the firewall. I'll give it a closer look later today seeming as allot of people ask about it.

Bottom Line when looking at the Kerio family is this:

If you want a basic free firewall solution Kerio 2.1.5 is for you, but don't expect fantastic features (indeed this is why most choose it, they dont want a "large" firewall)

Kerio 4 offers a greater level of security than Kerio 2.1.5 because of its new capabilities (e.g sandboxing)

Kerio 4 will offer more security at the desktop level and more control over applications access to the internet.

Important to note they both offer perfect remote security, that is, it will give the green sea when running a test such as GRC's Shields Up. This of course relies on you setting your rules up correctly!

 

[Enyo]

Sidenote Regarding Sygate:

After taking it for a quick spin just now i can see they have got over some of the flaws from the past.

I still don't like the interface or the rule building techniques. I also find that the free version is lacking everything that would make it stand out above the other firewalls but the Pro version has some nice features.

I do like the activity prompts displaying packet contents and the full information instead of the normal source and destination only.
I feel however for a normal user this is a little too much information, but Sygate clearly agrees and has it hidden to begin with.

It passed the sustained attack, random attack and leak testing i did so that was impressive. I also like its DLL fingerprinting, very good.

I find that most of the stuff you can check in the advanced options is pretty much covered or coverable without the need for fancy names, i felt it was a little smoke and mirrors to make it look more than it is.

Resource usage was a little more than perhaps i would care to give a firewall after been used to the 1MB - 4MB RAM life of Outpost and Kerio. CPU usage was fine, after a few hours it had used no more than 10secs of CPU Time.

How does it compare to Kerio 4?

Well first off you pay for them both if you want the decent features. So no difference in that respect.

Sygate certainly has more, traditional features and some new ones but as i said above, most of it you can safely cover without the need for fancy names and check boxes.

Kerio's interface is much better than Sygate's, i did not care for its look at all and found getting around slightly more painful than perhaps i can live with after having the all rules on one page with Kerio 2.1.5. However i am all for a split between the packet filter and application rules, just got to make sure you make those menus easy to use and the rules easy to add.

Kerio's rule creation menus (especially those in version2) are also a lot easier to use and the building of advanced rules much simpler than Sygate.

In terms of overall remote security they both do just fine.

In terms of overall local security again i feel Kerio's sandboxing techniques are strong but i like the DLL fingerprinting and the way Sygate handles injection methods to bypass the firewall. It was not fooled (but neither is Kerio 4).

I feel that these kind of things are big issues now for pf's. I also like Sygates ability to stop all traffic when its service fails or is killed, handy to stop trojans and worms that kill known security processes.

So, which to pick? It's too close to call. But pay for the features in either one! I suppose if you stay on the free road Sygate would be the better choice as Kerios System Security module if off after 30days in free mode.

 

[Capricorn]

Very nice coverage enyo. With regard to the Kerio 4.0.8, I thought it had cured the locking up, that I got with 4.0.7, but it jumped to 100% cpu usage, and locked up, after about 45 minutes. Only way out of it was turning my computer off. I have uninstalled it again now.

 

[leedogg]

Great input Enyo. I appreciate the thumbs up and in depth review on Sygate from you. Aside from passing all the firewall tests at it, I didnt have much to judge it from. I like it mainly because its not a beta, and seems to be a fairly robust firewall. It hasnt conflicted with any of my internet activities and just felt like an overall mature product. kpf definitely has potential, but right now I'd rather not deal with all these beta issues.

 

[Elroy Jetson]

Thanks a lot for you review, enyo. it is good to get a second opinion. like I said before, i had kerio 2 for some time, but got into trouble starting it. i am also no rocket scientist when it comes to creating rules, so I just want a pf out of the box that gives me adequate security. i am behind a proxy server at work, too, but not when i am on the road. i have not had any trouble with sygate free, it has been working well for me, stable, and no intrusions as far as i can tell. it also does not seem to mind changing isp all around the world, i have tried spain, germany, france, indonesia and malaysia so far.

your feedback is much appreciated. resources seem to be fine on my machine, so i will stick to the trusted at the moment, AVG6 and sygate5.5

thanks again for your efforts!

EJ

 

[NetRyder]

Originally posted by Enyo
Kerio's System Security module is off after 30days in free mode.

Hmm...are you sure about that one?
I'm still on the free version, and the System Security module still seems to be working. It's only the "Web" module that's been greyed out.

 

[Enyo]

Yea that may be incorrect. The idea is that 4 runs for 30 days then drops back down to packet filtering and application control only like Kerio 2.1.5. If its just the web module that gets disabled you don't loose much functionality at all.

 

[MysTiKaLz]

wait... so wat's the best premium(non-free)software firewall out there? is it sygate, zonealarm pro, or the outpost one?

 

[Enyo]

In my opinion the best commercial software firewall for the home user is Outpost 2.