Configuring antivirus protection

Kerio Control provides integrated Kerio Antivirus powered by the Bitdefender antivirus engine, which check objects (files) transmitted by HTTPHypertext Transfer Protocol - protocol for exchange of hypertext documents in HTML., FTPFile Transfer Protocol - Protocol for transferring computer files from a server., SMTP and POP3Post Office Protocol 3 - A protocol used by local email clients to retrieve emails from mailboxes over a TCP/IP connection. protocols.

In case of HTTP and FTP protocols, the firewall administrator can specify which types of objects are scanned.


Use of Kerio Antivirus requires a special license.

Conditions and limitations of antivirus scan

Antivirus check of objects transferred by a particular protocol can be applied only to traffic where a corresponding protocol inspector which supports the antivirus is used. This implies that the antivirus check is limited by the following factors:

If you set a strict content filtering policy, ensure that Kerio Antivirus can reach the following URLs:


For details about creating content rules, see Configuring the Content Filter.

Configuring antivirus protection

  1. In the administration interface, go to Antivirus.
  2. On tab Kerio Antivirus, select option Use Kerio Antivirus This option is available if the license key for Kerio Control includes a license for the Kerio Antivirus module or in trial versions.
  3. Select option Check for update every ... hours. If any new update is available, it is downloaded automatically. If the update attempt fails, detailed information are logged into the Error log.


If the update attempt fails, detailed information are logged into the Error log.

  1. Check protocols HTTP, FTP and POP3 in the Protocols section. For advanced options, go to the following tabs:
  1. SMTP scanning is disabled by default. You can enable it for inbound connections. However, if you use Kerio Connect with greylisting, do not enable SMTP scanning.
  2. In Settings, maximum size of files to be scanned for viruses at the firewall can be set. Scanning of large files are demanding for time, the processor and free disk space, which might affect the firewall's functionality. It might happen that the connection over which the file is transferred is interrupted when the time limit is exceeded.


We strongly discourage administrators from changing the default value for file size limit. In any case, do not set the value to more than 4 MB.

  1. Click Apply.