Hehe, while you "all" are talking of moving away from Sygate or Kerio, I have no intention.
Kerio seems easy. It is a rulebased firewall, so a user must know what must be allowed and very carefull of not allowing too much.
It is easy coming from Sygate knowledge, for a newbie maybe not as easy.
I will be back to Sygate, this is just an excursion to try Kerio. Sygate has excellent loggings I need. But no Kerio bashing from me.
I downloaded BlitzenZeus's ruleset from
http://www.broadbandreports.com/forum/remark,8023708You don't need to add those rules manually, you can delete the default installation rules and then Load the BZ ruleset.
From experts a question. What is different in the BZ standard ruleset and the advanced one I loaded ? Which one should be used?
You need to basically allow unsafe Internet Explorer all the ports in Kerio since some sites use other TCP ports than 80.
If you want to use it. You can block it of course, a safe move if not an IE user.
In Sygate I can leave IE to ask basis, since as long as i am using it, SPF asks no more. But always when I have it not running, since IE was not configured to manual proxy for Avast webshield, I get asked.
So I actually feel safer with Sygate since I am not using IE browser !!!
Memory usage of KPF seems usually 6 MB whereas SPF is 7-10 MB, higher value if Application authentication is used.
Kerio icon is faster on systray than SPF, immediate. Nothing to say though about the actual service loading.
What is good with KPF and bad with SPF is that the latter defaults server right to all the applications. Of course they can and should be denied in SPF if not needed, but it is not very convenient.
With BZ rules KPF was stealth in Shields Up! test, whereas Sygate needs a little configuration like told in my html SPF guide link.
I will play a bit with Kerio before going back to SPF. Will report if any interesting features.
Do you know any free firewall that has as extensive logging abilities as Sygate? Would be interesting to try as well.
Jarmo
