Kerio Control

How can we improve Kerio Control?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. GeoIP as a source definition in Traffic Rules

    It would be nice and unique if You could set GeoIP as a source/destination definition in Traffic Rules.

    6 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Kerio VPN client - autoupdate

    Add checkbox "Check new version" to settings of Kerio VPN client to checking new version after start this app for example weekly. Everytime there is new version you get the download link or app just updates itself.

    3 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  3. VPN client option to not resolve DNS on server side

    Please add to VPN client an option to not resolve DNS on server side. It's very inconvenient in many cases.

    1 vote
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  4. Expand DHCP Server option 121 and 249

    Actually Kerio Control permit to enter only 3 string in DHCP Server
    Option 121 Classless Static Route
    Option 249 Classless Static Route (Microsoft)
    please expand to 5 or 10 string

    3 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MAC addr  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to disable automatic route learning on Trusted Interfaces/Other Interfaces

    This can be achieved in three ways:

    1 - In the interface config a checkbox to enable or disable the route creation.
    2 - In the routing table have an option to disable automatic routes globally, though only for trusted local and other interfaces.
    3 - Allow us to make a route in the routing table with a metric of 0 thus overwriting the default route and retaining it even after a reboot.

    Option 3 is my preferred method as it prevents less advanced users from having issues if they accidentally disable auto routes.

    This is something I would expect…

    3 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Detect facebook videos

    Be able to detect facebook videos Detected Content under content filter. We can then limit how much bandwidth this is can consume.

    3 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  content filtering  ·  Flag idea as inappropriate…  ·  Admin →
  7. Multiple Internet connections

    Ability to have multiple internet connections and route networks accordingly. I don't want to use failover or load balancing as its not whats required.

    Say I have 3 internet connections:
    I want to send high priority network over the fast connection
    Regular traffic over the standard connection
    unimportant traffic can go over the slow laggy connection..

    Sorry I posted this before but realised its in Connect and not control.

    3 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add the ability to redirect traffic to another proxy server based on conditions, for example on list of sites.

    Add the ability to redirect traffic to another proxy server based on conditions.
    For example, there is a list of corporate sites in the head office, which is accessible only through a proxy server through a VPN connection.
    Let's create a rule where the destination is a list of these sites, and the action is to redirect requests to another proxy server.

    1 vote
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add Email Notification (and Verbose Reason) Before Shutting Kerio Firewall down!

    Currently:
    I heard from my clients that there is no internet. (Did not receive any other email ==>) So restarting responsible modem, no result.
    Starting my computer and see that there is no LAN connection and no pinging my firewall. Finding the reasons I'm surprised that Kerio Control has shut down.

    Much better handling:
    Adding in 'Accounting and Monitoring\Alert Settings\System alert

    Shutdown Alert (with verbose Reason/Log)

    There should be ideally enough time to send email to server and server reaching extern mobile device, where one can see the email.

    In the email should be
    Shutdown (for instance:) Due Intrusion Prevention…

    3 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Central management  ·  Flag idea as inappropriate…  ·  Admin →
  10. HTTPS links in Web log

    I would like to see https links in the web log. Most sites use https. The Https log contains all requests to sites. I would like to see in real time all the opened sites in the web log without any extra information, And not just http sites.

    1 vote
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Central management  ·  Flag idea as inappropriate…  ·  Admin →
  11. web application firewall

    some web application firewall on top of the reverse proxy. a break and Inspect function with WAF functionality

    15 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Geo IP Overrides

    The GeoIP filter is great until it isn't. The current block all traffic is offering a hammer when we need a scalpel. Please look to offering a better set of controls.

    Simply add an "Override/Ignore GeoIP Filter" checkbox to every rule.

    This way I can define known servers in otherwise blocked countries and allow specific/all traffic from trusted computers.

    A user could also use this override to allow specific types of traffic like mail from everywhere in the world without allowing other more secure traffic.

    Thanks.Peet

    14 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Better detection of client MAC Addresses

    Because we run Kerio in a routed network with Cisco Routers or Layer 3 switches, Kerio does not know the mac address of clients, as detailed in http://kb.kerio.com/product/kerio-control/server-configuration-kerio-control/configuring-automatic-user-login-1569.html#sect-mac (extract below)

    Why Kerio Control does not know the MAC address

    Kerio Control does not know the MAC address in the following cases:

    You use a routed network and the computer is placed behind a router.

    It would be nice either if we could somehow look into the ARP Table on the Cisco routing device (albeit with some additional config required on the Cisco side) or at least be able to refernce…

    6 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MAC addr  ·  Flag idea as inappropriate…  ·  Admin →
  14. If it is possible. Add support letsencrypt.org

    If it is possible. Add support https://letsencrypt.org/

    "Let's Encrypt is a free, automated, and open certificate authority (CA), run for the public's benefit. Let's Encrypt is a service provided by the Internet Security Research Group (ISRG)."

    92 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Block Country IP blocks

    Block entire country CIDR ranges. I recently did a trial of the Sophos UTM 9 software appliance and this was a feature it had that allowed the admin to tick off countries by name and flag that would be completely blocked which is something i'd love to see in kerio control. Our Firewall frequently gets attacked by Russia and China. Seeing as we do no business with either of these countries we block their entire IP range. An option to select one or more countries to block would be a great feature.

    244 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks. Yes, we implemented blocking traffic from specific countries, but the request here is to allow it to be configured in the traffic rules. Thank you for the feedback.

  16. Add possibility to disable Welcome screen in Guest Network

    Welcome screen is very annoying think with mobile devices. Please add possibility to completely disable welcome screen.

    98 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add VirtIO drivers

    We are using a hypervisor environment that is based on KVM (Flexiant) and Kerio Control is not recognizing the drivers to boot up and install properly. We need to configure emulated devices (which is not optimal) to complete the installation of Kerio Control.
    Adding these drivers or enabling an options to add these drivers to the Kerio Control ISO is really needed.

    25 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  HW  ·  Flag idea as inappropriate…  ·  Admin →
  18. Fully redundant cluster of Kerio-Control

    This option is very important because Kerio Control has no redundancy solution. other Firewal (checkpoint, palo alto, ....) offers this feature.
    The OS of kerio control is linux, maybe adding Carp and pfsync to have a fully redundant cluster of Kerio-Control ?

    182 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Due Soon  ·  11 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Cluster / FailOver Firewall prelude: sync config from master to slave Control

    Kerio Control born for small and medium business company.
    in this market there are company with only 5 or 20 users that need firewall failover solutions.
    so the cluster or failover solution is not mandatary of big company, but it depend from any specific customer.

    my suggestion at the moment could be to create sync of configuration from Master Kerio Control firewall to Slave Kerio Control Firewall. Maybe with ssh is possible to do this feature easy.

    in this way two firewall have the same configuration but the Slave have a specific IP address don't used in master firewall (this…

    305 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Due Soon  ·  14 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Kerio VPN client for iOS/mobile devices

    Setting up IPSec on mobile devices is cumbersome. Juniper Networks and others brought their own clients to iOS. I would also like to see a Kerio client for mobile devices.

    89 votes
    Vote
    Sign in
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 44 45
  • Don't see your idea?

Kerio Control

Feedback and Knowledge Base