Datasheet
See the “Who” On Your Network
McAfee rewalls leverage
McAfee Logon Collector which
simplies discovery, logon, and
authentication processes across
all McAfee rewall management
tools as well as McAfee Data Loss
Prevention. This non-invasive
process maps IP addresses to
users for all types of trafc
to enable user-based policies
without requiring the user to
authenticate to the rewall or
use a protocol that supports
authentication.
•
Quickly discover who is using
which application and check
authenticationstatus.
•
Enforce user-based access
control policies without a
separate authentication step.
•
Leverage users and groups in
your Microsoft Active Directory.
•
Enforce additional active
authentication for users not
logged in to the domain.
•
Authenticate using captive
portal, NTLM, Radius, LDAP,
andActiveDirectory.
Cost-Effectively Manage Multiple
Entities or Organizations
McAfee Firewall Enterprise
Control Center helps managed
service providers and
organizations with multitenant
management or reporting
requirements administer the
rewalls of multiple customers
orseparate entities.
•
Create “domains” or “zones”
that act as separate McAfee
Firewall Enterprise Control
Center instances—administrators
only see the rewall and policies
for their particular customer
orentity.
•
Separate congurations for
several enterprises and hide
information about an enterprise
from administrators of other
enterprises.
•
Keep conguration simple
and save time and effort with
common rule objects; cross-
enterprise policy objects can
still be shared or reused by
alldomains.
•
Role-based access control helps
enforce change-control policies.
Search lters let you selectively view the rules for
a particular rewall, rewall group, or the entire
organization, and then easily modify those rules.
Once dened, you can distribute rules to hundreds
of rewalls, sharing them across logical enterprise
groups, such as global, group, cluster, or local
domains, or conguration domains, such as those
offered by managed-service providers.
Optimized policies deliver better rewall
performance and better security
Over time, rule sets tend to grow, overlap, and
become ineffective, making it easier to make
mistakes. To reduce the number of rules, our tools
automate clean up. Wizards help you scan for,
identify, and merge similar rules (a common set of
parameters) and delete duplicate or unused rules
to keep rule sets manageable.
For example, multiple administrators might create
separate objects that have different names, but
perform the same function. The “merge objects”
command will look for this situation and clean it
up with a single common object. Fewer rules to
consider equals better performance.
Adaptive objects allow rule grouping
andreuse
Administrators implement policies by dening
intelligent objects once, and then reusing them
whenever and wherever they make sense. With
object grouping, you can do much more with a
single rule and consolidate rule sets.
McAfee Firewall Enterprise Control Center
supports many types of objects, including rewalls
and rewall groups, hosts, networks, address
ranges, applications, endpoint groups, and
services, including geo-locationobjects.
McAfee Firewall Enterprise Control Center also
gives you visibility into rule usage. You can identify
the most used rules, least used rules, and rules
that have not been matched by rewall trafc in
the last 30 days. This real-world data lets you:
•
Move most-used rules to the top of the rule list
so trafc can be processed quickly.
•
Investigate least-used rules to see if they are
working as intended.
•
Delete or disable unused rules that must be
justied during audits.
You can even compare policy congurations on all
of your McAfee Firewall Enterprise Control Center-
managed devices to ensure consistency across
your network. Robust conguration management
lets you centrally track, trace, and validate all
policy changes.
Manage and monitor rewall software
For efcient and consistent updates, McAfee
Firewall Enterprise Control Center can
automatically detect when new releases and
rmware are available on the McAfee site. Simply
download the les you need and store them
on McAfee Firewall Enterprise Control Center’s
Management Server for manual or automated
installation. When you are ready to install, you
canpush new releases to one system or to
hundreds simultaneously.
McAfee Firewall Enterprise Control Center
displays the installation history for all managed
rewalls along with the progress of the current
deployment. If needed, you can restore a trusted
device conguration in seconds with a few clicks
of the mouse.
Complete access control with role-based
administration and conguration domains
Some conguration changes are routine, while
others are far-reaching. Role-based access allows
you to exert centralized, consistent, policy-based
control over distributed teams, determining which
management functions can be viewed or changed
based on each person’s responsibilities. Role-
based access can also ensure that only approved
users create or validate rules, reducing the risk of
unauthorized changes or rule conicts breaking
the rewall. Customers subject to Payment
Card Industry Data Security Standard (PCIDSS)
often employ role-based access to enforce
changecontrols.
You can create any number of roles to address
each organization’s needs and privileges, associate
rules with roles (to limit modications), and
establish priority protections for rules. Different
roles could be dened to:
•
Change only domain name system (DNS) entries.
•
View event or audit logs.
•
Create rules associated with a specic network
service or protected server.
You might dictate that certain rules must always
be at the top of the policy list and moved only
by certain privileged users. Roles, like the rules
you build, link to users and groups in LDAP and
Active Directory so the system can auto-create
or auto-deactivate users as they connect to
McAfee Firewall Enterprise Control Center for the
rsttime.