We're always sad to see a former champion start to slip. It was just two years ago that Kerio Personal Firewall was the top of its game, but today its slowly becoming a shadow of its former self. Kerio stopped development of the program in 2005 and it has since been taken on by Sunbelt.
It's touted as a replacement for the popular free firewall from Sygate, now discontinued. The full version is still feature-rich, easy to use and a bargain at £10. If you download the program and choose not to register it, a basic free firewall remains. Although it's shown strength in the past, the results of most tests with the new KPF were disappointing.
It passed our port scan with stealth, but failed nearly half of our leak tests and was easily shut down by more than half of the kill tests we threw at it.
Even more disconcerting is a default program setting that sets 'Any other application' (those not explicitly configured for program-based control) to access the Internet via an Allow setting. We noticed this when researching why we weren't seeing any alerts (or traffic blocking) as new programs were opened. We even installed KPF on another system, thinking we'd made a mistake.
In fairness, we were able to resolve the issue with one simple change, namely changing the aforementioned setting from Allow to Ask. The problem is that a less-experienced user might never know to do the same. While this setting results in far less alert messages, it increases risk factors as well.
We think that with a few key improvements, Sunbelt's KPF could be a real replacement for Sygate Personal Firewall. However, for that to happen Sunbelt will need to put this firewall through a new set of paces.