Securing Kerio Connect
Article Number: 1239 | Last Updated: Mon, Apr 20, 2015 1:42 PM
Issues to address
Configuring your firewall
If you install Kerio Connect in a local network behind a firewall, map these ports as follows:
Read Password policy in Kerio Connect for detailed information on user passwords.
Configuring a secure connection to Kerio Connect
Kerio Connect can do either of the following:
Go to Configuration → Security → Security Policy to select your preferred security policy.
You can define a group of IP addresses that can authenticate insecurely (for example, from local networks).
Securing user authentication
If you select the Require secure authentication option, users must authenticate securely when they access Kerio Connect.
You can select any of the following authentication methods:
If you select more than one method, Kerio Connect performs the first available method.
If users' passwords are saved in the SHA format:
Encrypting user communication
If you select the Require encrypted connection option, clients connect to any service via an encrypted connection (the communication cannot be tapped).
You must allow the secured version of all service you use on your firewall.
Many SMTP servers do not support SMTPS and STARTTLS. To provide advanced security, the SMTP server requires secure user authentication.