The more complex your organization, the more value you gain from visibility, control, and efficiency in firewall management. McAfee includes powerful, easy-to-use management software with every McAfee® Firewall Enterprise to help you know who is doing what when and be confident that firewall activities are not getting in the way of business. Optional McAfee Firewall Enterprise Control Center and McAfee ePolicy Orchestrator® (McAfee ePO™) software share information to minimize the complexity and compliance challenges of enterprise and multitenant installations. Available appliances ensure that protection and troubleshooting scale without impairing network traffic.
Next-generation firewalls allow IT to permit safe, liberal use of social media and web applications while retaining visibility and fine-grained policy control for compliance. However, as organizations introduce more security—such as identity- and application-aware rules, content inspection, antivirus (AV), and intrusion prevention system (IPS)—these overlays can add complexity to firewall management unless firewall administrators also adopt more efficient management processes and tools.
With conventional firewalls, management has been the largest factor in the cost of ownership. Routine tasks consume endless hours. When there’s a network outage, teams frantically piece together what happened, often striving to simply prove the firewall was not at fault.
As organizations take advantage of the security controls in next-generation firewalls, integrated tools and automation should reduce rule-set complexity and streamline incident response. Our McAfee firewall management solutions can help ensure your next-generation policy enforcement controls have the appropriate impact on your network, enabling valuable business services without hindering users or overwhelming operations.
- Centralized policy and device management based on users and applications.
- Intuitive, reusable policies and tools that spotlight rule interactions, overlaps, gaps, and chances for optimization.
- Integrated dashboards, correlated and custom alerts, and real-time log viewing.
- Role-based administration and change controls.
- Logical separation of policies and configuration domains.
- Forensics and reporting included at no extra charge.
- Enterprise scalability and reliability.
- Log trending and analytics.
- Data sharing with endpoint systems through McAfee ePolicy Orchestrator software.
- More than 550 out-of-the-box reports.
Features & Benefits:
Does Your Current Firewall Management Help You?
- Quickly identify who used what application.
- Write policies to control user access to applications.
- See rule interactions in advance.
- Easily identify rules that match traffic.
- Design and validate appropriate rules.
- Enable real-time content and security controls with a few clicks.
- Write fine-grained rules in your business’ language: Users and apps.
- Maintain threat visibility as attacks emerge.
- View analytics, trending, and visualization of log data in a single environment.
- Quickly identify problems and find resolutions.
- Reduce policy size and complexity.
- Share data between network and host.
- Automate everyday workflows.
- Streamline compliance reporting.
- Optimize policies and clean up rules.
- Integrate the firewall with existing IT infrastructure, change processes, and organizational structures.
Command Line Controls
With McAfee, advanced users have the option of broad command line control:
- Full Unix shell and tool access.
- View all firewall log files, historic or real time
- Fully configure or import policy.
- Access command line interface (CLI) at console or over SSH.
See the “Who” On Your Network
McAfee firewalls leverage McAfee Logon Collector which simplifies discovery, logon, and authentication processes across all McAfee firewall management tools as well as McAfee Data Loss Prevention. This non-invasive process maps IP addresses to users for all types of traffic to enable user-based policies without requiring the user to authenticate to the firewall or use a protocol that supports authentication.
- Quickly discover who is using which application and check authentication status.
- Enforce user-based access control policies without a separate authentication step.
- Leverage users and groups in your Microsoft Active Directory
- Enforce additional active authentication for users not logged in to the domain.
- Authenticate using captive portal, NTLM, Radius, LDAP, and Active Directory.
McAfee Firewall Enterprise Control Center Advantages
- Quickly search for rules and objects to reuse in existing or new firewalls.
- Define packet filtering and application-layer rules quickly and efficiently in a graphical, object-based environment.
- Use wizards to reduce the size and complexity of your rule base, reduce overlaps and duplications, and simplify common tasks like VPN deployments.
- Receive, consolidate, and display customized alerts from managed firewalls through a secure channel.
- Validate policy consistency and understand rule interactions prior to distribution.
- Import firewall configurations, make changes, and then export back to all devices, saving significant time and effort.
- Backup and restore firewall configurations to recover from configuration errors, or replicate a trusted configuration on a new system quickly and easily.
- Control individual or groups of firewalls by re-initializing the network or rebooting.
- Cost-effectively manage multiple entries, organizations, or configuration domains (for managed services) or organizations.
- Track all user actions in a session by associating them with a change ticket.
- Support audit and regulatory compliance by viewing all changes in the audit trail with the change ticket number.
- Automatically update all firewalls with the latest software releases and patches.
- Right-click on a firewall in McAfee Firewall Enterprise Control Center and launch immediate command line access via SSH.
Available as a Virtual or Dedicated Appliance
A virtual Firewall Enterprise Profiler is included with every McAfee Firewall Enterprise product. In addition, many customers choose to purchase our dedicated Profiler appliance running on McAfee Linux. By operating on a dedicated appliance, out of band, the McAfee Firewall Enterprise Profiler can handle larger data sets, display real-time events, run troubleshooting queries, and let you explore rule sets without affecting on-going firewall or network performance.
McAfee ePO platform integration enables visibility into:
- Firewall alerts.
- Firewall health statistics.
- Historical performance trends
- Tracking of version and patch levels.
- Hosts and endpoints used in policies.
- Host profile information directly from analytical tools.
Cost-Effectively Manage Multiple Entities or Organizations
McAfee Firewall Enterprise Control Center helps managed service providers and organizations with multitenant management or reporting requirements administer the firewalls of multiple customers or separate entities.
- Create “domains” or “zones” that act as separate McAfee Firewall Enterprise Control Center instances—administrators only see the firewall and policies for their particular customer or entity
- Separate configurations for several enterprises and hide information about an enterprise from administrators of other enterprises.
- Keep configuration simple and save time and effort with common rule objects; cross-enterprise policy objects can still be shared or reused by all domains.
- Role-based access control helps enforce change-control policies.
- Profiler features a next generation web UI viewable from any web enabled device, or from within Control Center to integrate monitoring with other workflows and assist incident response.
- McAfee ePO platform integration allows the opening of tickets and other actions based on changing behaviors sent from McAfee Firewall Enterprise Profiler
- Visualization of all firewall actions in terms of who/what/where improves diagnosis and provides guidance into needed rule changes.
- Correlates 30 days worth of firewall actions to network users and roles in real-time to quickly validate impact of changes.
- On-demand access to McAfee ePO platform asset directory confirms that the right countermeasures are active on a host, such as AV and endpoint encryption.
- Identify root cause categorizations for denied traffic.
- Pulls firewall policy and rule objects to show the details of the rule and also provides reports in terms of firewall policy objects.
- Timeframe comparison and prioritized visualization for detecting important changes in access patterns.
- Create reporting objects to improve or focus analysis in particular areas of the network.
- Use graphical reports to convey situational awareness, threats by geographic location, applications traversing the firewall, and other information to those who need to know.
- Can be deployed quickly and leverages existing network devices and infrastructures.
- Intercepts login authentications without host agents or additional inline devices.
- Enables trending and analysis without manually intensive, after-the-fact log collection and review.