McAfee’s Firewall Enterprise v8 offers some impressive new features that can make analyzing your network applications traffic easier for IT staffs. In this video, I show you how to troubleshoot some common problems and using the Profiler graphical interface, zero in on how to fix them.
McAfee’s Firewall Enterprise version 8 has more protection that can be more easily configured than the Cisco Adaptive Security Appliance (ASA) 5500. We look at three distinguishing areas in this video:
• creating firewall rules
• protecting their network users and applications
• integrating other security features into their firewalls
We tested a beta of the McAfee Firewall Enterprise on a live network in April 2010, using its Windows-based client and also ran the Cisco ASDM client in its demo mode for comparison purposes.
3965 Freedom Circle
Santa Clara, CA 95054
Pricing: Starts at $1500 with higher prices for higher throughput and additional network interfaces
We show in this short video an innovative method available in McAfee Firewall v8 that is called AppPrism. It can identify particular applications and control parts of their behavior, such as blocking Instant Messaging file transfer but allowing the actual IM chats themselves.
3965 Freedom Circle
Santa Clara, CA 95054
Pricing: Included with the Firewall v8 release
Network admins need more granular control over how Secure Shell (SSH) connections traverse their networks, and in this short video, we show how McAfee Firewall v8 can be used to allow SSH for file transfer and terminal connections but be used to block BitTorrent apps from tunneling through that protocol.
McAfee Firewall v8 has a lot of flexibility when it comes to blocking difficult applications like BitTorrent, and in this short video, we show you how to do so using a combination of features in the firewall.
Profiler makes it easier to troubleshoot and manage up to five McAfee Enterprise firewalls from one central console and help you keep up with changes to your network and applications. You can examine the implications to real-time changes in your network before you commit them and also quickly do ad hoc analysis on rule sets.
TrustedSource and other sites are used to answer questions such as – is someone sending spam that looks like it is coming from my domain, called spoofing? Has my Web site been compromised recently? Do I have an open relay email server that I don’t know about? The Internet is a nasty place, and the idea that a service can be watching globally for exploits is a good one.
Secure Computing Inc.
55 Almaden Boulevard, Suite 500
San Jose, CA 95113
Category: Internet reputation management
Free service, although registration required for additional features
Summary: TrustedSource has a variety of tools to investigate spoofing, spamming, and bot net proliferation that is taking place using your domain names. It is also included as part of a series of products offered by Secure Computing and others as a way of providing real-time threat blocking services.
Pros: Easy to use, a wide variety of information is presented in clear detail
Cons: It is a lot like brushing your teeth; you need to develop a daily habit of checking your site.
McAfee/Secure Computing’s Secure Mail email security appliance combines several different but complementary protection technologies for both inbound and outbound emails in one easy-to-setup box. While lots of vendors have anti-spam products, Secure Mail offers a superior way to stay ahead of the constantly changing and increasingly sophistication of spammers, and the company guarantees it can block 99% of unwanted inbound emails. It also has a wide range of outbound protective features that can help corporations be in compliance with various reporting rules such as SoX and PCI.
Product category: Email security appliance
Pricing: Base unit starts at $1,995, plus an additional $13.00 per user/year, lower for multi-year contracts and for more than 500 user networks. There are more powerful and costly appliances for larger networks.
We tested version the S10 appliance, which is the smallest and least expensive unit, running software version 6.7 on a small network in September 2008.
Secure Computing www.securecomputing.com 1-800-379-4944
55 Almaden Boulevard, Suite 500, San Jose, CA 95113
• Dashboard shows you status at-a-glance
• Almost all critical features managed by a Web browser
• Combines inbound and outbound email protection with global intelligence features of TrustedSource.org
• Changing startup configuration values once you complete the wizard can be tricky to find the right input screens
• Reports can be difficult to interpret
McAfee/Secure Computing’s Secure Web Protection service offers a proxy server to protect both malware and not-worksafe Web sites. It is a simple and unbotrusiveway to protect your browsing. It isn’t useful for protecting Web servers from inbound attacks, for example, and shouldn’t substitute for a fully-featured intrusion appliance, but it can protect individuals and small networks especially with a lot of home-based and remote office users. It is based on the company’s experience with both its TrustedSource reputation management (see the separate review here) and its Secure Web security appliances.
Secure Computing www.securecomputing.com 55 Almaden Boulevard, Suite 500, San Jose, CA 95113
Product category: Web filtering and malware protection service
Pricing: 30-day free trial of the service for up to 250 users.
12 month subscription for both malware and filtering is $5 a month per user for 25 users. Quantity discounts available, and just filtering is less.
We tested the beta version of the service on a small network in September 2008.
• Dashboard shows you status at-a-glance and easy to setup
• All critical features managed by a Web browser
• Uses the global intelligence features of TrustedSource.org
• Service needs improvement to stop malware from entering via SSL connections