Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Help for a newbie?? (How to police an establish Kerio system?)
  •  
PCSailor

Messages: 5
Karma: 0
Send a private message to this user
Hello,

I am new to the company, and Kerio, and the Internet speed is crawling. From the router out the speed is good and is what we pay for. Looking at the Kerio IP traffic, it is an internal problem. We have a few employees who are young and not able to police their Internet usage. I have blocked their IP address but this is a short term solution as we are dynamic using a Cisco switch for DHCP.

What I need is to be able to cross reference MAC address with IP address. I would like to knock everyone offline in one move, have employees come to me with there devices where I would record the device, MAC address, User, and IP address. Then I can give everyone free reign and let those who burn themselves deal with the consequences.

However, it seems Kerio is not able to do this. Kerio gives me the option to set up users and groups and police this way. This should have been when the Kerio was installed and I am now playing catch up, so it is going a bit slower then I would like. I will research more with the Kerio. The manual is a large, detailed, and designed for the IT pro, which I am not, although I am very interested in learning all I can and all I need to.

I am open to suggestion here and I could use some help.

Thanks,
Phil
  •  
PCSailor

Messages: 5
Karma: 0
Send a private message to this user
Anyone, anyone, anyone,...

I've seen the MAC address filtering,

kb.kerio.com/product/kerio-control/security/filtering-mac-ad dresses-1328

but look at the choices:

Prevent listed computers from accessing the network -- the filter will block only MAC addresses included on the list.

This mode can be used to block known MAC addresses, but will not filter traffic of new, unknown devices.

Permit only listed computers to access the network -- the filter allows only MAC addresses included on the list, any other address will be blocked.

Not exactly great options on a currently-running ship. I would need to knock the system down and spend a good deal of time getting everyone back on, with option 2. Then in 48 hours I would have to disable the MAC address filter when charter guests walk on board.

See the dilemma?

I need to see traffic by MAC address (possible?) ideally, and be able to knock that MAC off (which I can do).

Thanks,
Phil
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
DHCP doesn't have to be dynamic. You can assign reservations based on MAC. This will guarantee MAC<->IP binding. Thus, you can always perform operations on the IP address.

Smarter folks will learn about Administratively Assigned MACs, though.

Then, you have folks who will learn they don't need to use DHCP to get out. They'll just start giving themselves random IP addresses.

What I'm getting at is that all of these types of options always have a counter. They aren't foolproof.

The best bet is to enable user-based access. They will need to provide credentials to get through the firewall.
Previous Topic: Used Traffic Details
Next Topic: Real time streaming
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Aug 21 01:03:34 CEST 2017

Total time taken to generate the page: 0.00423 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.