Kerio, a small software company specializing in e-mail servers and software firewalls, has been around for years and years. You probably don't know them, but your IT consultant or preferred reseller certainly should. Their new Kerio WinRoute Firewall 6.6 that just started shipping can do more than Windows ISA for less money, always a combination worth investigating.
Windows renamed ISA a few years ago to mean Internet Security and Acceleration, but some resellers find that hard to accept. Meet Thomas Meriam from F1 Experts in New Jersey. F1 Experts is a certified Microsoft Windows reseller, but all their hard work brought them to naught for a customer. That's when they called Kerio.
“We have a customer with five locations, and they needed to link them all into one network. We tried with Windows ISA and couldn't make it work because of all the bugs and problems,” said Meriam. “We tried Kerio and got the five sites up with no sweat, right away.”
Since three of four small businesses have more than one location, multi-site networks shouldn't need black magic to set up. But this point illustrates the constant battle between the bundled approach and the best in breed approach. Do you take what's in the bundle, in this case Windows Server with ISA, or do you buy the best tool for the job?
Technically, ISA isn't bundled, because it costs extra. Meriam said a stripped down version of ISA is bundled with Microsoft's Small Business Server, but “a useful version costs about $1000 for the standard version and $2500 for the enterprise version.” That's not what I call bundled.
Kerio WinRoute Firewall 6.6 costs $329 for ten users, or $395 if you include McAfee Anti-Virus. You also have to provide a PC running Windows to run the software and nothing else.
“We build our own server box for Kerio so we can replace it quickly if needed,” said Meriam. While the Kerio software runs on a Windows box, the Virtual Private Network clients run on Windows, Macintosh, and Linux systems. Compare that to Microsoft's ISA, that support all clients that say Windows, but no clients that say otherwise. And unlike some vendors that charge extra, Kerio includes VPN clients as part of the package.
Finally, getting a security product configured can include much cursing and hair pulling. Not Kerio, according to Meriam. “We have to spend a lot of time with ISA preparing the machine for things that Kerio does automatically. Kerio also includes extra filtering that ISA doesn't allow. In fact, there are whole sections of custom rules in Kerio, such as a quick way to stop users from downloading any executable files from Web sites.”
Kerio's WinRoute Firewall 6.6 certainly meets the “does more with less” mandatory buzzword now in vogue. It also supports non-Windows clients. If your IT provider doesn't know Kerio, tell them to get acquainted.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
my comment
After not hearing about the kerio, I started to do my own research...First it's not Windows ISA...It's Microsoft ISA Server. It was never named Windows ISA.
About the F1Expect company:
This company contains 2 people, and their website contains a single page (so let's say it's not a fortune 500 company).
Regarding Kerio:
There are 3 problems for me in here:
1. As I don't know this product, I don't know how secure it is. For instance how many volnerabilites were found in this product? It would be nice to know that.
2. Also as I never heard of them, I don't know whether they are going to exist in the coming 10 years. If they fall, who should I get support from?
3. pricing. while 10 users cost 329$, having more users cost much much more. 15 users cost 430$ and 100 users cost 2000$.
In addition you have to pay for subscription. This cost ~30% of the total cost per year, so if you buy this firewall for 5 years, you will end up paying much much more money than for ISA (where there is no subscription at all).
Sorry, but I stay with ISA.
I totally disagree with you - you are 100% biased!
I totally disagree with you.First of all, Microsoft has millions of customers.
If somebody wants to hack into a system, his first choice would be MS Systems. His "gain" of sneaking in, would be much greater, since he can sneak-in into millions of PCs.
Kerio might not have so big customer base & therefore the "gain" is much smaller & in the end not worth it.
It is like Linux vs. PCs.
Second, what about upgrading your ISA Server? Microsoft will force you to RE-PURCHASE ISA Server's newer version.
They will not care if you have an older version, so they want you to pay again and again for the same stuff...
Microsoft has too many constraints.
Examples:
1.You can't move your ISA Server into a diff Server unless you have purchased the "OPEN License" version. Can you please tell us how much does this add up to?
2. In the case of the upgrade, if you do not want to re-purchase the product multiple times in the near future, you would need to purchase a "Sofware Assurance License" version. The cost of a "Software Assurance License" version is about 2-2,5 times the price of the version without the "S.A. License".
And remember: You would have to pay this amount every 2 years! Can you know tell me how much this adds up to?
I am disgusted with the ways MS is sucking my company's money. I am trying to escape from their products & their awful policies.
Third, if do not want Kerio updates, don't buy them.
Now, how does that compare to MS's ISA Server pricing?
Conclusion:
If you want to be just, be just. Otherwise, stop bulls**ting people.
Thanks
P.S.> BTW, I am not a Kerio Spokesman - but maybe you are an MS one...
I would like to recommend to everyone.
Search-and-destroy Antispyware is an excellent scanner that I would like to recommend to everyone. I simply love it. In the past I have tried many different types of scans. Some of them were free and others cost quite a bit of money but they all seem to pick up the same types of bugs. The antispyware solution from Search-and-destroy is less expensive than most and it will clean your computer and keep it working great just like the more costly scanners. Click on http://www.Search-and-destroy.com to learn more about this scan and how it can help you protect your computer.