3 technical limitations 13 – Kerio Tech Network Monitor User Manual

3.3 Technical Limitations

13

The most common case is the situation when the mail server runs on the computer that

is also the internet gateway. Kerio Network Monitor then “sees” only the local communi-

cation of the clients with the mail server. In the default configuration of Kerio Network

Monitor

are created rules, which consider this communication to be the Internet com-

munication (so that the volume of the data is measured. It is necessary to keep in mind

that the volume of the date is measured also when the users are sending mail locally to

each other.

If the mail server runs on another (“inner”) computer, Kerio Network Monitor records E-

mail communication outside of the local network twice: when the client communicates

with the mail server in the Internet. Then it is useful to change predefined rules for the

SMTP, POP3 and IMAP services so that the rules are valid only for IP address of the mail

server — e.g.:

<192.168.1.10> <255.255.255.255> TCP25 on Internet

and add the rules for ignoring any other mail communication — e.g.:

<all addresses> <all addresses> TCP25 discard packet

These rules must be in the list of the rules lower than the rules for particular mail server.

Detail description can be found in chapter

6.1

Proxy Server

Similarly as in the case of the mail server located on the computer, which is the internet

gateway, raises the problem with monitoring the communication of the clients with the

proxy server, when the data is taken from its case — also this data will be evaluated as

downloaded from the Internet.

This problem can be avoided only by switching of the cache, which can be unpleasant

under some conditions.

Encrypted Connection

Data encrypted by any protocol cannot be analyzed by Kerio Network Monitor. Only size

of transferred data can be monitored in such cases.