1. Firewall Administration - Configure firewall, add/edit/delete filter rules
2. Firewall Engine - Firewall component that protects the computer
3. Firewall Status - Monitors running network applications status, settings and counters

Kerio Prompts
Any communication that is attempted that does not currently have an applicable filter rule defined, causes Kerio to display a prompt, as shown below.

*Note: Example prompt, displaying information about access attempted.

Options
1. Permit - Allow connection.
2. Deny - Do not allow connection.

*NOTE: If the check box for 'Create appropriate filter rule and don't ask me again.' is left unchecked, this prompt will be displayed every time the application is started anew. If the check box is checked, the option chosen will be remembered as the default for that application in the future. This will allow automatic addition of filter rules for individual applications.

Firewall Status

Utility displays all running network applications and current status, statistics and counters for each. Main purpose is for diagnostics and monitoring.

Firewall Administration

Interface to Kerio Personal Firewall's filtering settings and other related options. Firewall tab presents the options which we are most concerned with. These being:

1. Firewall Enabled
2. Security Level - Determines action taken when applications attempt to access network.
·Deny Unknown - Deny any traffic that does not match existing filtering rule.
·Ask Me First - Prompt for any traffic that does not match existing filtering rule.
·Permit Unknown - Permit all traffic
3. Advanced

*Note: Kerio Personal Firewall administration utility.

Advanced

Advanced window display current firewall rules and facilitates adding, deleting, editing of rules.

*Note: Advanced Firewall Configuration window. Accessed from Firewall tab of Kerio Personal Firewall Administration utility.

Add New Rule Manually

Adding a rule will define a default action for defined traffic. A rule must exist for any application in order for it to work with NetSafe/NetSafe Plus. Clicking 'Add' will display the Filter Rule creation screen, as show below.

*Note: Filter Rule box with default settings.

NetSafe/NetSafe Plus Configuration

Two filter rules need to be added to allow optimal access to NetSafe/NetSafe Plus. First rule will allow any application to access NetSafe/NetSafe Plus. The second rule allows all loop back traffic and speeds up page loads once the computer is configured for Knology NetSafe/NetSafe Plus. When these rules are added, the last two lines of the Firewall Configuration will look like the last two lines shown below.

*Note: Firewall Configuration window after both rules have been added to allow any application to work with Knology NetSafe/NetSafe Plus

Follow the instructions on the next two pages to duplicate this configuration.

Allow All Applications

Change the following options to properly configure a rule that allows any application to access Knology Netsafe/NetSafe Plus:

1. Protocol - Choose 'TCP and UDP'
2. Direction - Outgoing
3. Port type - Choose 'List of ports'
Type 3128 and 8080 separated by a comma, i.e. 3128,8080


*Note: Filter rule box with appropriate settings to create a rule that allows any application to access Knology NetSafe/NetSafe Plus.

Allowing All Loop Back Traffic

Change following options to properly configure a rule to allow all loop back traffic:

1. Direction - Choose 'Both directions'
2. Address type - Choose 'Single address'
3. Host address: - Type 127.0.0.1

*Note: Filter rule that allows all loop back traffic.

Allow Single Application

Kerio can be configured to apply each filter rule to only one application. Complete the following to limit to a single application:

Difference in configuration
1. Application - Choose 'Only selected below'
Type path to application in drop down box below or click 'Browse' and locate the application you want to limit the rule to.

*Note: Filter rule window with single application selected.