In Configuration → Traffic Policy → Intrusion Prevention, enable detection of known types of network intrusions coming from the Internet and from known intruders. The default setting is optimized and it is usually not necessary to change it. Howeever, it is recommended to check Security regularly and evaluate possible false alarms.
For details, see Kerio Control — Administrator's Guide (http://www.kerio.com/control/manuals).