Connect. Communicate. Collaborate. Securely.
Kerio WinRoute Firewall™ Corporate & enterprise network firewall Print this Page
Product navigation
Overview
Stateful firewall
VPN Server & Client
Anti-virus protection
Surf protection
Content filtering
User-specific policies
Fast Internet sharing
VoIP support
Internet monitoring
System requirements
Download
Download product
License
Subscription Policy
License Agreement
Technical support
Manual
More information
Product literature
Awards
Customer references
Customer case studies

User-based access management

The fundamental step in maintaining a secure network environment is the creation of an Internet access policy. Kerio WinRoute Firewall allows administrators not only to create a general Internet traffic policy for the local area network, but also define and enforce Internet access restrictions for each individual user.

User management
With Kerio WinRoute Firewall, a "user" is defined in the following ways:

  • individual user name with password
  • user group
  • IP address or computer name
  • entire network
Individual users may be forced to log in to Kerio WinRoute Firewall before they are allowed to access the Internet.

Managing users through internal user database
User accounts can be stored either in an independent Kerio WinRoute Firewall's internal user database or in a remote Microsoft Active Directory server. Both databases can also run concurrently.

Managing users through Active Directory
Introduced in Windows 2000 Server, Active Directory allows administrators to centrally manage and share information on user accounts and network resources. Active Directory allows different services to access user information from a single location.

Support for Active Directory allows Kerio WinRoute Firewall to access this user database in real time and authenticate users without storing passwords locally. There's no need to worry about synchronizing passwords for each user at the firewall. Any changes made in Microsoft Active Directory are automatically reflected in Kerio WinRoute Firewall.

Transparent Active Directory
Kerio WinRoute Firewall gives administrators who manage multiple domain environments the power to configure one or more domains. Rather than having to manually import Active Directory user accounts into the WinRoute database, Transparent Active Directory simplifies the way user accounts are mapped to Windows domains, so those users are automatically known to the firewall.

Once a domain is properly configured, the user accounts in that domain are automatically visible to WinRoute, allowing administators to manage traffic policy and content filtering configurations for individual Active Directory user accounts in that domain transparently.

Active Directory

Access rights management
The administrator can assign different restrictive access rights to each user. For example, some users can only access internal webpages, while others can use only email. These rights are configurable according to a schedule so that they may be applied only during specified time intervals.

User traffic quota
Some users download a lot of files, listen to Internet radios, and share family movies with others. Excessive Internet browsing by one user often affects the usability of the Internet connection for the rest of the team.

To put a cap on heavy users, administrators may impose user traffic quotas. Administrators have a few options:

  • quota for upload, download or both
  • quota per day or per month
  • or any combination of the above
When the quota is reached, Kerio WinRoute Firewall will send an email warning to the user and the administrator. Optionally, Kerio WinRoute Firewall can block the guilty user for the rest of the day or month.
 
Key Features
Antivirus control cleans HTTP, FTP, SMTP & POP3 traffic.
Surf protection prevents users from accessing inappropriate websites.
One-click Kerio VPN Client securely connects remote workers.
Understand how employee use the Internet through instant reports.
Forced firewall login allows for stringent user-specific policies for web access.

ICSA Labs Certification

Kerio WinRoute Firewall is certified against ICSA Labs' 4.0 criteria for Corporate Firewall Certification.

ICSA Labs Certification

ICSA Labs is a respected independent authority setting quality standards for information security products. ICSA Labs firewall certification provides security and functional testing of firewall features and continuous testing for new vulnerabilities.

ICSA Labs Homepage

 
WinRoute™, Kerio™ and Kerio logo are protected trademarks of Kerio Technologies Inc. All other trademarks belong to their respective owners.
Copyright © 2001-2008 Apposite Solution Limited