McAfee FWE-S2008-UPG FWES2008UPGM Data Sheet
Product codes
FWES2008UPGM
McAfee Firewall Enterprise Features
(continued)
(continued)
Authentication
•
Local
•
Microsoft Active Directory
•
Transparent identities for Active
Directory (McAfee logon collector)
•
LDAP (Sun, Open LDAP,
Custom LDAP)
Custom LDAP)
•
RADIUS
•
Microsoft Windows domain
authentication
authentication
•
Microsoft Windows NTLM
authentication
authentication
•
Passport (single sign-on)
•
Strong authentication (SecurID)
•
Supports CAC authentication
High availability
•
Active/active
•
Active/passive
•
Stateful session failover
•
Remote IP monitoring
Global threat intelligence
•
McAfee Global Threat Intelligence
™
network connection reputation
•
Geo-location filtering
•
McAfee Labs
™
Encrypted application filtering
•
SSH
•
SFTP
•
SCP
•
Bidirectional HTTPS decryption and
re-encryption
re-encryption
Intrusion prevention system (IPS)
•
More than 10,000 signatures
•
Automatic signature updates
•
Custom signatures
•
Preconfigured signature groups
Antivirus and antispyware
•
Protects against spyware, Trojans,
and worms
and worms
•
Heuristics
•
Automatic signature updates
Web filtering
•
Integrated McAfee URL filtering and
management
management
•
Block Java, Active-X, JavaScript, SOAP
Antispam
•
McAfee Global Threat Intelligence
network connection reputation
network connection reputation
VPN
•
IKEv1 and IKEv2
•
DES, 3DES, AES-128, and AES-256
encryption
encryption
•
SHA-1 and MD5 authentication
•
Diffie-Hellmann groups 1, 2, and 5
•
Policy-restricted tunnels
•
NAT-T
•
Xauth
Construct application usage rules that combine
attributes such as:
attributes such as:
•
Business or recreational purpose
•
User identity
•
Embedded application control
•
Whitelisting
•
Geo-location
User identity
Without visibility into and control over users and
the context of their use, firewalls cannot defend
against increasingly port-agile, evasive, targeted
applications. McAfee Firewall Enterprise applies
user-aware rules and control over applications.
the context of their use, firewalls cannot defend
against increasingly port-agile, evasive, targeted
applications. McAfee Firewall Enterprise applies
user-aware rules and control over applications.
When a user connects, the system validates
entitlements in real time from your existing user
directory. The firewall quickly applies policies
mapped to user identity that grant explicit use of
an application.
directory. The firewall quickly applies policies
mapped to user identity that grant explicit use of
an application.
By tracking to the user, rules are granular enough
for modern business operation. And identity-
based rules make good operational sense. More
and more enterprises rely heavily on unified use
of user directories and identity management to
support access controls. User changes happen
once and propagate out. Security policies stay up
to date as the user community changes.
for modern business operation. And identity-
based rules make good operational sense. More
and more enterprises rely heavily on unified use
of user directories and identity management to
support access controls. User changes happen
once and propagate out. Security policies stay up
to date as the user community changes.
Embedded application control
Embedded application control gives you the power
to tailor rights within an application. For instance,
you might allow Yahoo!, but block Yahoo! IM, or
allow IM only for specific user groups, perhaps
customer support or sales or locations, such as the
head office.
to tailor rights within an application. For instance,
you might allow Yahoo!, but block Yahoo! IM, or
allow IM only for specific user groups, perhaps
customer support or sales or locations, such as the
head office.
You can also support appropriate corporate use
and blackout policies by specifying when an
application can or cannot be used. Rules could
allow MySpace use during lunchtime, for example,
for customer service teams, while financial
applications are not available to anyone via VPN
on weekends.
application can or cannot be used. Rules could
allow MySpace use during lunchtime, for example,
for customer service teams, while financial
applications are not available to anyone via VPN
on weekends.
Many exploits try to benefit from the lax security
in social networking sites by concealing their
payloads within trendy applets. With McAfee,
in social networking sites by concealing their
payloads within trendy applets. With McAfee,
you can allow access to the beneficial elements of
sites like Facebook, but still minimize the risk of
compromised applications within each site.
sites like Facebook, but still minimize the risk of
compromised applications within each site.
Whitelisting
For advanced control, application whitelisting lets
you explicitly allow only traffic from applications
that have been approved as necessary or
appropriate. Compared to lengthy blacklists,
whitelisting whittles down the number of rules
you need to write and maintain.
you explicitly allow only traffic from applications
that have been approved as necessary or
appropriate. Compared to lengthy blacklists,
whitelisting whittles down the number of rules
you need to write and maintain.
Geo-location
As botnets proliferate through popular social
networking applications, it has become more
important to be able to lock down rogue
applications that attempt to communicate to
certain locations. Geo-location lets you cut off this
contact to keep your data from exfiltrating and
prevent your systems from being used for mischief.
important to be able to lock down rogue
applications that attempt to communicate to
certain locations. Geo-location lets you cut off this
contact to keep your data from exfiltrating and
prevent your systems from being used for mischief.
We give you this fine-grained control while
making rules development less complex. In
fact, there’s just one policy in one view. One
straightforward console presents the options
required to efficiently manage all rules and add
defenses. This unified model is especially beneficial
over time and across teams, as we also highlight
rule interactions and overlaps. With colored fields
highlighting potential conflicts, you avoid errors
and enhance performance.
fact, there’s just one policy in one view. One
straightforward console presents the options
required to efficiently manage all rules and add
defenses. This unified model is especially beneficial
over time and across teams, as we also highlight
rule interactions and overlaps. With colored fields
highlighting potential conflicts, you avoid errors
and enhance performance.
Protection
McAfee AppPrism helps you reduce risks from
application-level threats while you optimize use of
corporate bandwidth. Behind McAfee AppPrism
stands the power of McAfee Labs
McAfee AppPrism helps you reduce risks from
application-level threats while you optimize use of
corporate bandwidth. Behind McAfee AppPrism
stands the power of McAfee Labs
™
. Our threat
researchers use threat research and intelligence
data to continually recognize and assess risk
for 31 categories of applications, ranging from
anonymizers to video and photo sharing.
data to continually recognize and assess risk
for 31 categories of applications, ranging from
anonymizers to video and photo sharing.
By assigning dynamic reputations for sites,
senders, and locations, we can block an average
senders, and locations, we can block an average
70 percent of undesirable traffic before you ever
see it. Because of this capability, it can even spot
the subtle command and control (C&C) channel
of botnets.
the subtle command and control (C&C) channel
of botnets.