KerioControl Reviews

The solution is used for site-to-site VPN connections and it is valued for its cost efficiency and easy connectivity. It is especially beneficial for multi-site VPNs and is used in about fifteen different components.

KerioControl has provided a financial benefit as it allows purchasing one license that includes all necessary features, including VPN, without extra charges.

The most valuable features include geo-tagging, which blocks all other IPs except for the specified accounts, and web filtering. It also allows for easy rule creation for incoming and outgoing traffic.

The logs could be improved for better clarity. It is difficult to understand when there is a threat attack, and handling firmware requires experience.

I have been using KerioControl for about ten years in the organization.

I would rate the overall stability of KerioControl as eight out of ten.

KerioControl has met some of the network infrastructure needs yet could improve in terms of scalability, which I rate four out of ten.

I have never needed to contact customer support as the product is easy to use, allowing problems to be solved quickly without assistance.

Positive

Previously, we also used solutions from vendors like SonicWall.

I took part in the initial setup, which required only a few hours, depending on the size of the network. If you have an issue, it can be resolved in about half an hour with backup and recovery.

About three engineers typically participate in maintaining and implementing the solution.

KerioControl offers good pricing as one license covers all features needed without extra payment. The price for the product is rated as ten out of ten.

We also evaluated SonicWall and other products from different vendors.

I recommend KerioControl, especially for medium-sized companies, due to its user-friendly nature and cost-effectiveness.

I'd rate the solution eight out of ten.

With KerioControl, we usually use them for site-to-site VPNs for most of our clients.

With multiple offices, we use KerioControl as our solution.

The best features for KerioControl are its proprietary VPN protocol, which does not connect easily with other firewalls unless you enable IPsec. It will only connect to KerioControl. KerioControl is very valuable for business. Key points where KerioControl is valuable include its own anti-spam, intrusion prevention, and antivirus, which is included in the yearly subscription renewals.

The VPN capabilities are helpful in managing my remote or distributed workforce, as we create documents and set up a location for clients to download. Clients can download KerioControl's VPN client online, and they just have to log in from the VPN client, which connects easily.

I assess the firewall function in filtering both incoming and outgoing network traffic with KerioControl as excellent. Everything is logged, and any intrusion, antivirus, virus, or anything foreign to the system trying to hack in gets logged, and we can easily block those IPs.

Regarding KerioControl's application awareness and control feature, I have not used it much.

With this product, their customer service rating is similar to other providers.

Negative

The initial setup process for KerioControl is straightforward.

For providing insights into network applications, I do not have experience.

KerioControl can be improved, but since the beginning, it has been working effectively. Before it became KerioControl, it had a different name. They have improved significantly over the years, and they are evolving.

They continue to evolve, especially regarding continuous improvements.

In terms of security features, they are evolving with updates related to security, signatures for antivirus, and they are staying current.

I would definitely recommend this product to others, particularly for SMBs.

There are both on-premises deployments and cloud options available.

I rate this solution 10 out of 10.

We use the tool for VPN and security. 

The tool shows what has been blocked externally. It's very good because once installed and correctly set up, it allows you to work from home as if you are in the office, without any errors or issues. It's very simple to use, click to connect or disconnect.

The solution pushes out updates every five to ten minutes to the cloud. 

I would like to see geo-IP filtering added to the filtering rules. Incorporating these rules would be very beneficial if you have different ideas or reasons to filter, such as communication to the email server or specific websites.

I have been working with the product for 15 years. 

I rate the tool's stability a nine out of ten.

My company is small and has 150 users. 

Support is free and is part of the license. We get support through the partners. They are quick and responsive. 

Neutral

I would rate the initial setup of KerioControl a nine out of ten. It's very easy because there are pre-deployed rules at the beginning. When you start KerioControl, you must input the password and base network settings. Some additional configuration is needed for specific environments, but overall, the setup is very fast. It takes 10-20 minutes to complete. 

KerioControl's pricing is reasonable. The license for KerioControl is annual. It's difficult to specify an exact cost since it varies depending on the number of users and additional software combined with it. For example, a basic box might cover 25 users, but licenses can be purchased starting from 10 users.

I rate the solution a nine out of ten. 

We use the tool for hosting and virtualization.

The solution has an app manager and a portal where you can maintain all your Keri products. It is a firewall that includes antivirus and anti-malware, which adds security. The VPNs, both site-to-site and client VPNs, are pretty easy to set up.

The solution's VPNs help us to work from home or other locations. 

The solution's hardware is not that great and could use more improvement. However, the VM software and the virtualized KerioControl itself are pretty good. The software is good; it's just the hardware that needs improvement.

With KerioControl, it's much easier to see what areas to configure. Unlike Sophos and other devices, their security features are harder to navigate. But with KerioControl, it's just easy.

The tool's deployment is very easy. It can be easily accessed via a web browser or GFI web portal. One resource is enough to handle it. 

You can get ROI in months. 

There's a one-time fee. For KerioConnect, it's just a server. With KerioControl, you have an option. You can virtualize it on a VMware system or have the hardware. I think mid-range or desktop KerioControl hardware could cost around 2000 dollars for a 25 user client. You need annual renewal for additional features like antivirus. 

I rate the overall solution a ten out of ten. 

The filtering rules are valuable. The product is easy to use.

There is no protocol for VPN in Android. It would be good if the product added a protocol for VPN. The upgrades make the network slower.

I have been using the solution for four years.

I rate the product’s stability a seven out of ten.

The solution is scalable. Four people in our company are using the solution. We are planning to increase the number of users to five or six.

I have contacted the support team by email. The team's answers are good. They answer quickly.

Positive

The solution was easy to deploy. Documentation was available online so that we could install it easily.

We installed the product in-house in a couple of months.

We have seen an ROI on the product. It is efficient. We are satisfied with it.

The pricing is reasonable. We have to pay approximately EUR 175 for the product.

We are working for some customers. If someone wants to buy the solution, they must check the internet. The internet is full of advice, which would help them with any questions they have. Overall, I rate the product a seven out of ten.

We use the solution mainly as a firewall. 

I am impressed with the tool's firewall filtering capacity. 

The product's technical support is not good as it used to be. 

I have been working with the product for 15 years. 

The tool's stability is great. 

The solution is scalable. 

The product's setup is straightforward. 

I would rate the product an eight out of ten. 

I use KerioControl for some networks with a medium range of users. The product is not a good solution for enterprise networks, but it is good for small and medium networks.

Compared to other solutions, accounting and live monitoring of firewall status are very good features in KerioControl.

KerioControl should add more options in VPN features, such as IPsec VPNs, SSL VPNs, and L2TP VPNs, because KerioControl uses a special VPN for their products.

I have been using KerioControl for 20 years. It was named Kerio WinRoute 20 years ago, but they changed the product's name to KerioControl about ten years ago.

I would give KerioControl a nine out of ten rating for stability.

I would give KerioControl a five out of ten rating for scalability because we can't use KerioControl for enterprise networks, and we can't scale up a medium network to an enterprise network.

I don't use technical support because KerioControl is very easy to use.

Sophos Firewall is very similar to KerioControl. I use Sophos Firewall in some networks and KerioControl in other networks. Sophos Firewall is better than KerioControl. KerioControl is very easy and useful to set up and manage, whereas Sophos Firewall is more professional. It is a bit difficult to manage users with Sophos Firewall compared to KerioControl.

It's a very easy setup. KerioControl is very, very, very easy to set up, use and manage. A network administrator can set up KerioControl in just ten minutes. It's very easy to configure and install. I would rate KerioControl a nine out of ten for the initial setup.

KerioControl's pricing is good. I rate KerioControl a nine out of ten on pricing.

I have used KerioControl for 20 years and in more than 10 networks. KerioControl is a very, very good solution for small and medium business networks. About 100 users are currently using KerioControl in my organization. These users are engineers. KerioControl is a good solution, and I give it a rating of eight for medium and small networks.

We are a reseller in the market, and we resell service firewall solutions like KerioControl, Sophos Firewall, and FortiGate to companies.

Overall, I rate KerioControl a nine out of ten because you can set it up and forget about it. It's very good, and you can set it up for a network without a resident administrator in the company. We can remotely manage ten networks with KerioControl.

The solution is user-friendly, has a very easy menu, and is a complete firewall for small or mid-range networks.

We have 100 internet bandwidths, and we want to use these bandwidths, and our Carrier supports 900 bandwidth. However, in the future, we will have problems as we will require a larger bandwidth capacity of a firewall to handle the internet connection. We have 2000 devices in our network that use the internet. We handle users in and outside our network and see the logs of clients, internet connections, HTPs connections and VPN connections. Hence the solution can be improved to create the capability for larger bandwidths that support our business needs. Additionally, logging and reporting could be improved.

We have used this solution for three years.

We do not have experience with customer service and support as we can't access them in Iran, so we search for our questions on the internet and found answers. Online communities are a good resource for answers. Still, there are only a few websites or communities about the Carrier on YouTube and other websites. We find varying answers, so it is time-consuming since there are multiple sources of information.

The solution is easy to implement and can be installed in less than ten minutes.

The pricing is reasonable for the performance of the solution.

I rate the solution a seven out of ten. The solution is good, but the logging and reporting systems can be improved.

We use it ourselves and deploy it to our customers, which are small and medium-sized businesses. Our use cases are for both ourselves and our clients, mainly as a frontline protection for their internal networks to filter viruses and threats as well as for web filtering to ensure employees and guest networks don't access material that wouldn't be appropriate to be viewed. It's also used for remote access VPNs so remote users can access internal servers and resources, as well as site-to-site VPNs for multi-site offices to access resources located either at the main HQ headquarters or at an alternate site.

It does antivirus, malware, and ransomware. We feel the coverage is complete across the entire spectrum of malware, viruses, and most ransomware. It also covers some types of adware, which is an unwanted program that's not necessarily bad, but there's no reason to have it.

We have a lot of other companies that were multi-site companies which had servers at different sites not talking to each other. They had remote workers or maybe they were using open RDP as their access to their internal network. These customers were getting ransomware infections and constantly just getting frustrated not being able to share resources between sites and this gives them the capability. I have a lot of customers, especially in the non-profit market, where we've had a lot of success deploying the solution. 

A lot of the non-profits also have open WiFi and the filtering tools have been great for making sure that the WiFi bandwidth isn't drained by somebody sitting there and just surfing videos. We can control the open WiFi and we can control public computers to make sure that they stay just on the sites that we want them to stay on, e.g., employment sites, training, etc. So, it's been really helpful for the non-profits.

If a tech has a basic understanding of firewalls, NATing, and security, it is amazing how quick we can teach them how to use the product to its full capabilities. We can take a half day to a day and a brand new tech who's never seen the product can pretty much understand it enough to set it up, work with a customer, and make changes that a customer requests. There's nothing better than a customer calling and saying, "We need to add this site," and instead of saying, "Well, let me open a ticket and get an engineer to look at the thing," we go, "One second," and, through the MyKerio portal, find their firewall, remote into it, make the change, and say, "Okay, test it now. Works? Perfect." Hang up the phone and we are done.

With COVID-19 and everything that has happened, customers would call us up and say, "We're shutting down. Friday's our last day. Everybody is going to work from home." In 24 hours, we could have them all working remotely. The amount of time and simplicity of getting users set up with the VPN allowed us to get massive numbers of users working remotely at businesses that had never even considered remote work as a possibility. Or, maybe the owner had a little bit of remote capability, but that was it. Just through the ease of and the free VPN client it was amazing how quickly we could roll out VPN to everybody, we had whole companies remotely working overnight.

The most valuable feature for us is the ease of use. We don't have to go crazy trying to figure out how to do something. It allows you to make changes, set things up, turn on things for a customer without having to go through 37 different menus, read the manual, and try to remember it. It's pretty straightforward. That's what attracted it to us in the beginning. While we can work with complicated systems, most of our customers don't need them, then we end up just spending more time setting up the solution than we really need to. It's more productive, the customer saves money and at the same time and we make more money off of it. I can set up a whole firewall solution in 30 minutes and that's valuable to me.

We have been very happy with the security features. We find that the keyword filtering is great. Also, the antivirus filtering is excellent. One thing we always tell our customers is that we have never had a client using Kerio Control and the antivirus tools that we suggest who has been infected with any type of ransomware. We have customers who have had ransomware, but they were all ones who chose not to go with Kerio Control. That's always just been a very simple, easy, and powerful fact that we can explain to people, "We've never had a customer who has used this firewall along with our recommended antivirus and had a ransomware infection."

It is very comprehensive. It has all the active protections. It's updated regularly. We love that you can set how often threat definitions updated so you can work what is right for the site. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios.

We've been very happy with the solution’s firewall and intrusion detection features. The company has been pretty good when it comes to maintaining it and closing out security holes. For example, when there was a security bug found in the encryption in the VPN, they were very quick about reacting to that and coming out with a new VPN client encryption. At the same time, they made sure that for those cases where maybe you couldn't upgrade right away, there was a bit of overlap of backward capability so you weren't like, "Oh geez. I have to do everybody at once."

We love the VPN feature. That is one of our favorite things. The free client that they have makes it so easy to attach computers to the company network and we can usually set somebody up in like five minutes or so. It's real simple for the users because of the way that it presents the information you don't have all types of weird keys and stuff that users have to remember or write down, which is great because a key lost on a piece of paper is just as bad as a key found by a hacker. So, the computer memorizes it all, stores it, and makes it real simple with a push button to either connect, disconnect, or keep the connection persistent, which we love because then for a company-owned computer it stays connected from the moment the user logs in to logs out. Then, we can actually sync the user's VPN credentials to their Active Directory account and that is really helpful, because if a user leaves, disabling their Active Directory credential also disables their VPN credentials automatically and now when an employee is no longer with the company we don't have to worry about going to a separate system and shutting that VPN down until we can get our hands physically back on the laptop. We don't have security risks hanging out there.

MyKerio is a really neat tool where there's one central website that I can go and see every Kerio firewall that we manage. I don't have to go find specific logins for every firewall because I log into the MyKerio site with my master credentials, and it has two-factor authentication to make sure it's secure. Once I'm in, I can choose any of the Kerio firewalls that we manage: Kerio firewalls, Kerio Operator Phone Systems, or their Kerio Connect mail product. I can find any of them and quickly attach to it, then help the customer. It makes it real nice instead of having to chase down a list of IP addresses and passwords. As a managed service provider, it's nice because if a tech leaves, then I can cut them out of all our customers by simply closing their MyKerio account since they never actually had a direct login to the firewall itself.

The one feature that seemed to be missing for a while that they finally just readded was the ability to filter by known IP lists, either specific countries, or lists of IPs know to be hackers. That was in the product awhile ago, but just wasn't maintained for a while, but they recently did start to maintain it again it.

The MyKerio online portal could probably use a little touch up and tweaks, sometimes the backups just fail or you have to log off and back in with a new browser to connect to a device. The site is glitchy every now and then.

The guest network that they had behind a splash screen is the one spot that we're not thrilled with. We believe the guest network could have a more reliable and better customization on the splash screen, and sometimes we have issues with users getting to the splash screen at all. Our solution is just buy unlimited licenses to get around that. Then instead of using the guest WiFi, we create a whole separate VLAN with no splash page or use a splash page through the access points if we need a splash page. Its also not customizable at all so you can't put logos or names on it, make them accept a usage agreement, etc.

It was long before GFI even owned them. It has to be almost 10 years.

We have not had any problems with the stability at all. It's pretty solid once we get them running. Besides reboots for updates, we usually never have to do anything with them. The only ones that I can ever remember failing are caused by physical hardware failures. A lot of times either there is a lightning strike, electrical surge, or something like that. Once or twice, we've had a fail where we can't tell exactly why it failed, but it's always been the hardware that's failed, not the firewall software. I do remember one very old box that had gone through multiple iterations and had copied backups from hardware to hardware to hardware for almost a decade, which started acting a little funny. It stayed up, but we would see weird logs that didn't make sense. For that one, we finally did a backup, wiped it, restored the backup, and all the problems went away. That's the only time where the software was the cause and it was nothing that actually affected end users.

I have it in customers that have four users. The largest site that we've had (with a single box) is probably 150 users, including guests, and it scaled right up and I'm sure I could have pushed it much farther. Again the nice part about the product is they have a software-only version where you could put it on your own hardware, where you can slap it in a Xeon server if you really needed to, and I'd have no fears that the product could actually filter a whole school campus.

In our company, it's mainly our techs who work with this solution. The roles are usually customer-facing techs and support techs. We call them technology specialists, but it would be equal to a tech support type person. Everybody in the company dealing with customers knows how to manage the product because it's so simple. There's no reason to have a firewall engineer. We have a senior person for a really complex setup, but every tech can work on the product and set it up for the average company. Every tech can make changes that the customer requests right then and there when they call.

I would like to see a little improvement in their technical support when you have a problem.  I may be a little jaded because I came from Kerio when we could call and get a person on the phone who actually worked on the product and every tech had their own demo setup for testing. They also had instant messaging capability with the developers. If we found a problem, then we could get a result for it quickly. Now, the product seems to be 24 hours response no matter what the issue. They have also gone to the model that if you need quicker support, then they now charge you additional for the exact same level of support that they used to give for free. I am assuming it's the exact same level of support that they say it is. I'm not paying extra for it. That's the biggest flaw with the product.

Positive

We have a mix. A lot of our customers are just building or starting to manage thier network, so this is their first new product that didn't come from an office store. We also have some that were replacing an existing product either because the product got old and it was time to replace it, or sometimes because we've seen issues with other products we know this will fix. For one product in particular, we will see point-to-point VPN instability sometimes that customers have been dealing with years. We'll say, "Hey, let us put this in. Chances are it's going to clear up." Usually, it does. One customer had a point-to-point VPN with a that product that would go down almost every day. Now, the point-to-points have been up for about five months straight. This shows how reliable the solution is. 

For other customers, sometimes we'll replace another product because they got oversold. They'll have some very large product that's really expensive, and we're like, "Hey, that's cool. It does a ton of neat things you don't even need. But this product will do pretty much all the same things, especially all the things you currently use as well as give you some capability to grow into." A lot of customers didn't realize they need VPNs until all of a sudden they grow. There is nothing worse than telling a customer, "Remember when you saved a couple hundred bucks a year ago. Well, that's all gone now because the product you chose doesn't support this." That's what we like about this solution. It is priced low enough for entry-level, but it has the power to grow with a company without them having to replace it.

The initial setup is super straightforward. We can get a basic firewall running in under an hour. That is from opening the box  to getting it working. We tend to take it out of the box and do a little bit of preconfiguring for half an hour, maybe 45 minutes if it's a really complex multi-VLAN setup. Once you have it ready and bring it out to the customer site, then you plug it in and do a couple of final steps. We can get a sealed box to set up in under an hour.

We do have some basic guidelines that we try and use across all of our customers (minimum requirements), but because we deal with a wide range of customers, where some of our customers have four employees and others have 400, there will be minor changes. Everybody usually has a regular network, then a VLAN for guests, but sometimes our larger companies have VLANs for labs and other sections of the business: for example maybe development and admins get more rights. We always make sure the antiviruses, the IPS, filtering are running with a basic number of rules.

Don't over think the implementation. The biggest thing that you can do is start overthinking when you're setting it up, and be like, "Well, what do I have to do next?" You're probably already done. It's real simple. Anybody could take the manual home if they've never seen it before. They have a complete 30-day demo that you can download. Even if you aren't hooked into the Internet, you can log into the web GUI and look through it. It's great because it gives you an opportunity to do that and play with the product. If you're a technical person, you could take the manual home for the night, then the next day set one of these things up.

We always deploy it by ourselves, I think anyone with some IT experience could do it. I mean its not for Grandma but if you understand routing you can do it.

We're rolling out a four location non-profit right now that pretty much had zero network infrastructure. We're bringing our third site on out of four next week. Getting the firewall up is the easy part. It's been more of tying in their computers to the rest of the network and stuff, but eventually we're going to replace this hodgepodge of laptops and emailing files with central shares backed up and secured with the proper permissions all through the VPN.

Once customers get into doing site-to-site, employee remote VPNs, they start seeing savings in travel time and time costs. When everybody talks about savings, a lot of people forget to think about, "If my employees have to individually mail a bunch of files to somebody else, spend time trying to access files, or getting somebody in the office to send the files, that's a lot of time spent," this is where giving VPN capabilities both site-to-site and for end users who usually can't afford them is a giant cost savings, being able to seamlessly work remotely, include roaming employees who are able to go site-to-site and access the same resources at any location.

It's generally inexpensive compared to a lot of other products out there.

We don't use the solution’s high-availability/failover protection. For our market, it just hasn't been something that's been worth it for the cost. Because the software can run on both the Kerio hardware as well as regular off the shelf computer hardware, we've actually just maintained a standard computer with some extra NICs in it or a microcomputer as a backup. So, if a box goes out, we just run out there, pull the backup file off the web (since it is backed up through the MyKerio portal), and push it to the box, then we can have them back up in an hour or two. We can then worry about a permanent replacement once the client is back up. 

The biggest advice that I could probably give people is when you buy the solution be prepared to buy a few extra licenses if you want a guest network but you don't need to go crazy. Each user license gives you one employee and five devices. In the world nowadays where everybody has a cellphone, tablet, desktop, and laptop, that's still four devices and you still get one more device per person to cover the company printers, servers, etc.

We do evaluate other products both before we choose Kerio Control and on a regular bases. We do have one or two smaller firewall product that we use for the true entry-level businesses who don't need any capabilities, and we are constantly seeing products as we get new customers and what products they are using currently. We don't like to rip them out right away until we understand the network and its issues, we have to get familiar with a customer before we can make a recommendation.

Vendors are always coming out with new things and there are always new features. True cloud management seems to be the big buzz right now, so we've been looking at those type of products. However, so far we keep going back to Kerio Control.

A lot of times I can do things in one screen of Kerio Control that would take two to three screens. I was just making a firewall rule with NAT forwarding on a different product for a customer a couple of days ago and that took four different screens and four different menus. One of the nice things about Kerio is how it does firewall rules and port forwarding.You do it all-in-one screen called "rules" where It creates the forwarding, the NAT, and the port holes.  

With some products I'd have to go into a window to create a firewall rule of VLAN 1 to VLAN 2, then I have to create a firewall rule of VLAN 2 to VLAN 3. Finally, I have to create a firewall rule of VLAN 1 to VLAN 3. That's three separate firewall rules that I have to build. If I want to block one port, then that's three separate firewall rules I have to edit. On Kerio Control, the way it's setup, I can make one rule that encompasses all three of those rules by having my source have multiple sources, multiple destinations, and multiple ports. For example, a security camera system needs three ports forwarded to it. I might have to create three rules and 3 NAT translations, one for each of those ports. Some of them I can group, but others you can't. With Kerio firewall, I can list all those ports in one spot. Therefore, I can create a rule that allows the WAN and VPN 2 to access a camera system on VPN 3 on these two ports and point it all to the Camera System using only one rule.

It is not the most powerful firewall out there, I understand that, but it's a great balancing act between the capabilities. It's as capable as many of my other firewalls, but at the same time, it's not as complicated. You don't need to take a three-month course like you do with some of the other products in order to be able to use it properly. It's all GUI-based, unlike some products. Sure a lot of products have a GUI where you get just so much done, then at a certain point, you have to jump into command line. There is no command line option in Kerio Control because its not needed, there isn't a point where I have to pull out a manual and find obscure commands to type in to get the product to do something I want it to do.

It's definitely well suited for and marketed for SMBs but could some enterprises use it? I believe that they could. I believe that there are some spots in the enterprise market that should be looking at this product. I think that some companies would be pleasantly surprised if they considered it for enterprise market use. 

It's inexpensive and secure enough that you could have multiple instances running across a campus, if you needed to do routing. It supports a ton of VLANs, especially if you put it on your own hardware. You can easily have this thing run thousands of users just by scaling up the hardware because it has the ability to run on standard PC or Server hardware so you can pop it right into a computer and boot it up. This is great because you can choose any amount of hardware that you want to put it on to get it to scale to what you need, and you can upgrade it as needed. It's also great when you do have virtual environments.

The company has always been pretty good to work with, which is important. Obviously, GFI's a much bigger company than the original vendor, so some things have changed, but they're a friendly company and want to work with you. They have a nice NFR program. We always like products that have NFR programs, not because we're always looking for free stuff, but because it's nice to be able to use the same equipment inside that we sell to customers, even if it doesn't make sense for us financially (though Kerio Control makes sense for us). Just having that capability to say, "Hey, we use this product ourselves." It's a question that customers ask IT companies a lot, "What do you use?" So, if I can say, "I use Kerio Control." That goes a long way to making the customer understand I really like this product. I trust my business to it. You can trust me when I say, "You can trust your business to it."

I would rate the product as a nine out of 10. I've never heard a customer that went on it be upset. I have never had a customer tell me, "I want to get rid of this thing."

We use Kerio Control primarily for site-to-site VPN and client VPNs.

The solution is easy to manage. Kerio Control is unique compared to other firewalls because it has been around since 2000 when we switched and the name it started with was WinRoute, and then later became Kerio Control. It evolved over time and it is more of a proprietary firewall on its own and has been developed through open source.

The Kerio hardware devices look cheap and could be improved. Some of our clients are switching to Sophos because their hardware has a more sleek design.

I have been using Kerio Control for a long time.

Kerio Control stability is extremely stable. On the administration side, you have total control because of MyKerio. Which is a portal that allows you to control all your Kerio Controls and other Kerio solutions. Similar to other firewall vendors nowadays, they have their own portal to centralize the management of your firewalls. 

The solution is scalable. If you are using virtualized machines you can have as much memory and much storage, but you do not need much storage for this solution. It is powerful and fast, although it can slow down the internet because of the filtering. For example, if you have most of your services running, such as antivirus, content filtering, and intrusion prevention. When all of those are all enabled and there is a lot of configuration and it might slow down your internet service to about 70%, instead of a direct simple router.

The technical support is good as a reseller. We have direct connection with the technical support, we can send them an email and they will get back to us. If it requires phone calls, they phone us up or we phone them.

The initial setup is straightforward. You receive a box and then you receive the activation keys. When you receive the activation keys, it will work fine. Without the activation keys, your subscription for firewall, antivirus, and web filter, is not going to work.

If you are doing a fresh installation without the VPN, you have to set up all your routers on each different location to have a site-to-site VPN. However, if you are migrating from a firewall to Kerio Control, you have to migrate the users, DHCPs, and static IPs, that you want to have on the devices to keep you from losing service. For up to a five-site location, it could take approximately one hour for each location to set up the firewalls.

To start out you are going to have to purchase the firewall hardware and the subscription itself which could be approximately $2,000 and for the annual subscription, it will be approximately $400. The subscription entails many aspects, such as you do not lose your antivirus upgrades or your web filtering does not stop.

We are switching from Kerio Control to Sophos because of the sleek design of the devices. If you want a cheaper solution, you can choose Kerio Control, but if you want a much sleeker design, then should consider Sophos.

I rate Kerio Control an eight out of ten.