McAfee SG720 TrustedSource, 1Y SL, 1Y Gold US700M001PAAA User Manual
Product codes
US700M001PAAA
Solution Brief
McAfee UTM Firewall
Create A Secure Distributed Office Environment with McAfee UTM Firewall
As organizations deploy anti-malware engines, anti-spam solutions, and application layer firewalls at their
corporate offices, security staff want their remote users covered by the same type of protection technologies.
One of the best ways to accomplish this is to implement a scaled-down, more cost-effective solution at the
remote locations, and route all traffic through the corporate office via a secure tunnel.
corporate offices, security staff want their remote users covered by the same type of protection technologies.
One of the best ways to accomplish this is to implement a scaled-down, more cost-effective solution at the
remote locations, and route all traffic through the corporate office via a secure tunnel.
UTM Firewall’s high availability and VPN failover capability enable you to ensure users always have
secure, seamless connections to resources at corporate headquarters. UTM Firewall detection services
can identify if a connection is down and automatically bring up a secure VPN tunnel until the primary
connection is available again—completely transparent to end users.
secure, seamless connections to resources at corporate headquarters. UTM Firewall detection services
can identify if a connection is down and automatically bring up a secure VPN tunnel until the primary
connection is available again—completely transparent to end users.
CORPORATE
HEADQUARTERS
HEADQUARTERS
INTERNET
T
TT
I
IN
N
VPN
VPN
DETROIT
TOKYO
SIDNEY
HOME OFFICE
PARIS
MIAMI
McAfee UTM Firewall
Figure 2: Hub and spoke architecture
McAfee UTM Firewall Family Benefits, Features, and Advantages
Enterprise-class
McAfee UTM Firewall’s configurable firmware is based on embedded Linux. This design provides a
virtually unlimited range of precise tuning options for such elements as Quality of Service (QoS), traffic
shaping, VPN tunnel topology, routing, and fine-grained firewall rule sets.
McAfee UTM Firewall’s configurable firmware is based on embedded Linux. This design provides a
virtually unlimited range of precise tuning options for such elements as Quality of Service (QoS), traffic
shaping, VPN tunnel topology, routing, and fine-grained firewall rule sets.
UTM Firewalls support both business- and consumer-grade broadband, ADSL, dedicated circuits from T-1
and up, narrowband modems, Wi-Fi, and 3G wireless options. Advanced networking features include
support of port- and tag-based VLAN, OSPF, BGP, RIP, RIPv2, RAS, RADIUS, TACACS+, MS-CHAP V2, and
more. Web and DNS caching is also available.
and up, narrowband modems, Wi-Fi, and 3G wireless options. Advanced networking features include
support of port- and tag-based VLAN, OSPF, BGP, RIP, RIPv2, RAS, RADIUS, TACACS+, MS-CHAP V2, and
more. Web and DNS caching is also available.
Failover and Load Balancing
In addition to the ability to leverage 3G wireless networks for high availability and failover solutions,
McAfee UTM Firewall family products are also equipped with a serial port to ensure uninterrupted
connectivity. If the broadband Internet connection is lost, UTM Firewall products can automatically create
a new narrowband connection using an external ISDN or analog modem. The SG560, SG560U, SG560D,
SG565, SG580, and SG720 appliances support multiple broadband ports to ensure uninterrupted WAN
access and maximum bandwidth.
In addition to the ability to leverage 3G wireless networks for high availability and failover solutions,
McAfee UTM Firewall family products are also equipped with a serial port to ensure uninterrupted
connectivity. If the broadband Internet connection is lost, UTM Firewall products can automatically create
a new narrowband connection using an external ISDN or analog modem. The SG560, SG560U, SG560D,
SG565, SG580, and SG720 appliances support multiple broadband ports to ensure uninterrupted WAN
access and maximum bandwidth.
Virtual Private Network (VPN)
Whether connecting site to site or with mobile users, UTM Firewalls support the most popular types of
VPN technology, including PPTP, L2TP, GRE, and IPSec. Even the smallest UTM Firewall security appliances
include a robust IPSec VPN solution for securely interconnecting multiple offices across the public
Internet without investing in a dedicated wide area network. The UTM Firewall VPN configurations
support 3DES, AES, and other popular commercial encryption algorithms. Unique technology
called “VPN offloading” allows multiple UTM Firewall appliances to load balance and act as a VPN
concentrator, managing any number of VPN tunnels.
Whether connecting site to site or with mobile users, UTM Firewalls support the most popular types of
VPN technology, including PPTP, L2TP, GRE, and IPSec. Even the smallest UTM Firewall security appliances
include a robust IPSec VPN solution for securely interconnecting multiple offices across the public
Internet without investing in a dedicated wide area network. The UTM Firewall VPN configurations
support 3DES, AES, and other popular commercial encryption algorithms. Unique technology
called “VPN offloading” allows multiple UTM Firewall appliances to load balance and act as a VPN
concentrator, managing any number of VPN tunnels.
SG560, SG560U and SG560D
—
Developed for slightly larger offices
where higher performance is
needed than the SG310. It includes
a metal case, hardware encryption
acceleration for better VPN
performance and port based VLAN
capability. Both SG560U and SG560D
models include a USB port for 3G
wireless support, and the McAfee
UTM Firewall SG560D includes an
internal ADSL2/2+ modem.
where higher performance is
needed than the SG310. It includes
a metal case, hardware encryption
acceleration for better VPN
performance and port based VLAN
capability. Both SG560U and SG560D
models include a USB port for 3G
wireless support, and the McAfee
UTM Firewall SG560D includes an
internal ADSL2/2+ modem.
SG565
—With the adoption of wireless
LANs (WLANs), organizations of
all sizes benefit from the ability to
access information when away from
a desk. The McAfee UTM Firewall
SG565 extends the capabilities of
the SG560 to include 802.11b/g
WLAN support and two USB host
ports. USB ports allow you to expand
on-board storage, or even provide
3G network access through USB 3G
wireless modems—either as a primary
connection or a high-availability
option. The SG565 also offers IDS/IPS,
and web caching.
all sizes benefit from the ability to
access information when away from
a desk. The McAfee UTM Firewall
SG565 extends the capabilities of
the SG560 to include 802.11b/g
WLAN support and two USB host
ports. USB ports allow you to expand
on-board storage, or even provide
3G network access through USB 3G
wireless modems—either as a primary
connection or a high-availability
option. The SG565 also offers IDS/IPS,
and web caching.
SG580
—The McAfee UTM Firewall
SG580 consolidates firewall, intrusion
prevention, and secure VPN access.
Its networking capabilities enable
small offices and branch offices of
large enterprises to safely and easily
connect their networks of PCs, PDAs,
web and application servers to the
Internet via broadband circuits from
T-1 to T-3 and xDSL, or narrowband
connections (modem and ISDN).
Includes up to five separate security
zones, link failover and Internet
session load balancing, and built-in
web proxy cache.
prevention, and secure VPN access.
Its networking capabilities enable
small offices and branch offices of
large enterprises to safely and easily
connect their networks of PCs, PDAs,
web and application servers to the
Internet via broadband circuits from
T-1 to T-3 and xDSL, or narrowband
connections (modem and ISDN).
Includes up to five separate security
zones, link failover and Internet
session load balancing, and built-in
web proxy cache.