Data SheetMcAfee Firewall Enterprise ApplianceFully characterize and contain every new threat and vulnerabilityMcAfee Firewall Enterprise ApplianceSecurity FeaturesAppPrism—Application Discovery andControl including: Packet, stateful, and fullapplication filtering Full application discovery and control Multiple delivery options, includingmulti-firewall appliances (oneappliance managing up to 32virtual firewalls), McAfee FirewallEnterprise for Riverbed, and a virtualfirewall appliance Network address translation (NAT)McAfee AppPrism categoriesAnonymizers / Proxies Authentication services Business web applications Content management Commercial monitoring Database Directory services Email Encrypted tunnels ERP/CRM Filesharing Gaming Instant messaging Infrastructure services IT utilities Mobile software Peer to Peer (P2P) Photo-Video sharing Remote administration Remote desktop / Terminal services Social networking Software / System updates Storage Streaming media Toolbars and PC utilities Voice over IP (VOIP) VPN Webmail Web browsing Web conferencing Sprawling enterprise applications and the broad, fast-changing attack surface of Web2.0 necessitate a new approach to firewall security. First generation firewalls werelimited to port, protocol, and IP addresses. Today, enhanced next generation McAfee firewalls let you confidently discover, control, visualize, and protect new and existingapplications, using visual analytics and user identity for efficient, effective rules. Andto detect complex threats within these applications, we interlock proactive threatintelligence with multiple inspection technologies in one cost-effective, easy-tomanage appliance.Firewalls are traditionally only as strong or as weakas the policies you define. But effective securitypolicies for today’s complex Web 2.0 trafficdepend on fine-grained understanding that canbe hard to come by. You need rapid insight thatgoes far beyond port and protocol to encompassdifferent web applications and users and thesophisticated threats that target them.Where in the past you could await signatures,the breakneck pace of threat evolution todaydemands proactive, predictive diagnosis of risk.Multiple attributes, such as source reputation,content, and behavior, should be assessed toreveal malicious intent before a new threatis confirmed.It’s not enough to predict the threat. Accurate,timely blocking demands concerted action thatcrosses conventional product silos.These demands—plus the call to provecompliance—increase the operational burdenon the network team. Yet budgets remain underpressure. Something has to change.The biggest firewall innovation in 15 yearsWith version 8 of the McAfee Firewall Enterprise,McAfee reinvents the firewall. Three innovationsdeliver unprecedented protection at an unheardof price. We combine full application visibility andcontrol, reputation-aware threat intelligence, andmulti-vector attack protection to improve networksecurity while shaving effort and expense.The firewall solution includes the McAfee FirewallEnterprise appliance family, McAfee FirewallEnterprise Profiler, McAfee Firewall EnterpriseControl Center, and McAfee Firewall Reporter.Today, the weakest link in network security is theapplication layer. So we have taken the firewalltrusted by more ultra-secure environmentsand added broad application discovery andcontrol. You can now protect new and existingWeb 2.0 applications from the risks of dataleakage, network abuse, and malicious attacks.With McAfee technology, you can ensurethe applications using your network benefityour business.DiscoverMcAfee AppPrism technology uses the innovativeFirewall Profiler to identify all traffic and revealthe applications that are really in use, withhelpful context such as source, bandwidth, anddestination. By inspecting encrypted applicationlevel traffic, you can eliminate loopholes favoredby cyber thieves and attackers.ControlFine-grained control allows comprehensiveenforcement of policy based on business needs.Instead of policies matched just to IP address, port,or protocol, you can now place a user name witha role and a set of applications.Construct application usage rules that combineattributes such as:

Data SheetMcAfee Firewall Enterprise SecurityFeatures (continued)Authentication Local Microsoft Active Directory Transparent Identities for ActiveDirectory (McAfee Logon Collector) LDAP (Sun, Open LDAP,Custom LDAP) RADIUS Microsoft WindowsDomain Authentication Microsoft WindowsNTLM Authentication Passport (single sign-on) Strong authentication(SecurID)High availability (HA) Active/active Active/passive Stateful session failover Remote IP monitoringGlobal Threat IntelligenceMcAfee TrustedSource globalreputation service Geo-location filtering McAfee Labs Encrypted application filteringSSH SFTP SCP Bi-directional HTTPS decryptionand re-encryption Intrusion prevention system (IPS)More than 10,000 signatures Automatic signature updates Custom signatures Preconfigured signature groups Anti-virus and anti-spywareProtects against spyware, Trojans,and worms Heuristics Automatic signature updates Web filtering Integrated McAfee SmartFilter filtering and management Block Java, Active-X, JavaScript,SOAPAnti-spamMcAfee TrustedSource globalreputation service VPN IKEv1 and IKEv2 DES, 3DES, AES-128, andAES-256 encryption SHA-1 and MD5 authentication Diffie-Hellmann groups 1, 2, and 5 Policy-restricted tunnels NAT-T XauthMcAfee Firewall Enterprise Appliance Business or recreational purpose User identity Embedded application control Whitelisting Geo-locationUser IdentityWithout visibility into and control over users andthe context of their use, firewalls cannot defendagainst increasingly port-agile, evasive, targetedapps. McAfee Firewall Enterprise applies useraware rules and control over applications.When a user connects, the system validatesentitlements in real time from your existing userdirectory. The firewall quickly applies policiesmapped to user identity that grant explicit use ofan application.By tracking to the user, rules are granular enoughfor modern business operation. And identitybased rules make good operational sense. Moreand more enterprises rely heavily on unified useof user directories and identity management tosupport access controls. User changes happenonce and propagate out. Security policies stay upto date as the user community changes.Embedded Application ControlEmbedded application control gives you the powerto tailor rights within an application. For instance,you might allow Yahoo, but block Yahoo IM, orallow IM only for specific user groups, perhapscustomer support or sales, or locations, such asthe head office.You can also support corporate appropriate useand blackout policies by specifying when anapplication can or cannot be used. Rules couldallow MySpace use during lunch time, for example,for customer service teams, while financialapplications are not available to anyone via VPNon weekends.Many exploits try to benefit from the lax securityin social networking sites by concealing theirpayloads within trendy applets. With McAfee, youcan allow access to the beneficial elements ofsites like Facebook, but still minimize the risk ofcompromised applications within each site.WhitelistingFor advanced control, application whitelisting letsyou explicitly allow only traffic from applicationsthat have been approved as necessary orappropriate. Compared to lengthy blacklists,whitelisting whittles down the number of rulesyou need to write and maintain.Geo-locationAs botnets proliferate through popular socialnetworking applications, it has become moreimportant to be able to lock down rogueapplications that attempt to communicate tocertain locations. Geo-location lets you cut off thiscontact to keep your data from exfiltrating andprevent your systems being used for mischief.We give you this fine-grained control whilemaking rules development less complex. Infact, there’s just one policy in one view. Onestraightforward console presents the optionsrequired to efficiently manage all rules and adddefenses. This unified model is especially beneficialover time and across teams, as we also highlightrule interactions and overlaps. With colored fieldshighlighting potential conflicts, you avoid errorsand enhance performance.VisualizeIt’s time to move from managing rules tomanaging risk. McAfee Firewall Enterprise Profilersimplifies assessment of network traffic so youcan add new applications quickly. Our intuitivevisual analytics give you a way to measure theeffectiveness of each rule change instantly, so youcan tune policies for the maximum benefit.Rich graphical tools correlate application activitiesin real time, based on user identity, geo-location,and usage levels. You can easily see who is usingwhat applications. This integrated view lets youexchange hours of due diligence, experimentation,and troubleshooting for just a few clicks. Forsome users, the biggest advantage is seeingimmediately whether or not a problem was reallydue to the firewall and being able to navigate toits root cause.

Data SheetMcAfee Firewall Enterprise ApplianceMcAfee SecureOS Operating SystemFeaturesMcAfee Type Enforcement technology Preconfigured operating system (OS)security policy OS compartmentalization Network stack separation McAfee Firewall EnterpriseControl Center Windows graphical user interface Local console Full command line USB disaster recovery configurationbackup and restore Rapid troubleshooting andfirewall rule impact analysis withMcAfee Firewall Enterprise Profiler(sold separately)Logging, monitoring, and reportingOn-box logging Scheduled log archivingand exporting Firewall Enterprise logsoftwareExtract format (SEF) Export formats (XML, SEF,W3C, WebTrends) Syslog SNMP v1, v2c, and v3 McAfee Firewall ReporterSEM included Networking and routingDynamic routing (RIP v1 and v2, OSPF,BGP, and PIM-SM) Static routes 802.1Q VLAN tagging DHCP client Default route failover QoS Secure serversSecure DNS (single or split) Secure sendmail (single or split) Appliances and hardwareUpgrade warranty to four-hourresponse for most models Virtualization solutions and ruggedappliance options available Single-, dual-, and quad-coreprocessors ASIC-based acceleration RAID HDD configurations Redundant power supplies Technical support 24/7 telephone-basedtechnical support 24/7 technical support with webbased ticketing and knowledgebaseGlobal Threat Intelligence featuring McAfee Trusted Source allows or blocks traffic based upon reputationProtectMcAfee AppPrism helps you reduce risks fromapplication-level threats while you optimize use ofcorporate bandwidth. Behind AppPrism stands thepower of McAfee Labs . Threat researchers useMcAfee TrustedSource technology to continuallyrecognize and assess risk for 31 categories ofapplications, ranging from anonymizers to videoand photo sharing.By assigning dynamic reputations for sites, senders,and locations, we can block an average 70percent of undesirable traffic before you ever seeit. Because of this capability, it can even spot thesubtle command and control (C and C) channelof botnets.The only firewall with reputation analysis andglobal threat intelligenceOnly McAfee includes reputation technology ina firewall, and it is just one element of McAfeeGlobal Threat Intelligence. At McAfee, over fourhundred security researchers—more than theentire staff at some vendors—collaborate acrossweb, spam, vulnerability, host and networkintrusion, malware, and regulatory complianceresearch. This breadth allows them to characterizeevery new threat and vulnerability.Their efforts, informed by more than one hundredmillion sensors around the world, deliver realtime predictive risk analysis to guard you againstevolving multi-faceted threats.Unlike old-fashioned firewalls that rely onsignatures, automated threat feeds from McAfeeLabs keep you up to date without taking yourfirewall off line. With the increase in advancedpersistent threats like Operation Aurora, McAfeeGlobal Threat Intelligence is the most sophisticatedprotection you can own, helping you mitigatevulnerabilities, avoid regulatory violations, andlower the cost of remediation.Multi-vector security in oneintegrated applianceOne reason customers choose McAfee is ourextensive security and compliance portfolio.Now, we place this might right at your door.Facing off against the complex threats in Web2.0 applications, exploit cocktails, phishing, andtargeted attacks, McAfee Firewall Enterprise nowcombines multiple crucial threat protections inevery firewall appliance.Before, firewalls were limited to access control andsegmentation. Adequate protection required theexpense of implementing and maintaining severalseparate products. Now, one box combines: McAfee AppPrism—Full application discoveryand control Intrusion prevention TrustedSource global reputation analysis URL filtering with McAfee SmartFilter technology Encrypted application filtering Anti-Virus, anti-spyware, and anti-spamOur experience building multi-vector solutionshas helped us deliver all these protections withoutcompromising performance or productivity. Andwithout charging extra.

Data SheetMcAfee Firewall EnterpriseProduct LineThe Firewall Enterprise product lineincludes appliances appropriatefor businesses of all sizes, as well ascompanion products such as McAfeeFirewall Enterprise Profiler, McAfeeFirewall Enterprise Control Center,and McAfee Firewall Reporter. Theseproducts work together to streamlinemanagement activities and reduceoperational costs. Flexible, hybriddelivery options include physicalappliances, multi-firewall appliances,virtual appliances, and appliancesfor rugged-use environments. Askfor individual product datasheets formore information.McAfee Firewall Enterprise ApplianceFine-grained control made manageableReliable security must also be easy to configure.The intuitive Firewall Enterprise administrativeconsole lets your administrators create rules andselectively apply defenses such as applicationfilters, IPS signatures, and URL filtering from asingle screen. New software feature updates aredelivered automatically via the Internet, reducingmaintenance effort. Simply determine theschedule with a single click.The Firewall Enterprise product line includesadditional tools for simplifying management:McAfee Firewall Reporter and McAfee FirewallEnterprise Control Center.Included at no additional cost, Firewall Reportersoftware turns audit streams into actionableinformation. This award-winning securityevent management (SEM) tool delivers centralmonitoring, and correlated alerting and reporting.Choose from more than 500 graphical reportsto depict network traffic and help meet all majorregulatory requirements.Sold separately, McAfee Firewall EnterpriseControl Center offers centralized firewall policymanagement for multiple Firewall Enterpriseappliances. It lets you maximize operationalefficiency, simplify policy control, optimize rules,streamline software updates, and demonstrateregulatory compliance. You can even comparepolicy configurations on all of your ControlCenter-managed devices to ensure consistencyacross your network. Robust configurationmanagement lets you centrally track, trace, andvalidate all policy changes.Furthermore, Control Center integrates withMcAfee ePolicy Orchestrator (ePO ), providingePO with visibility into firewall health dataand reports.Most secure firewall hardware platformAt its core, McAfee Firewall Enterprise runs onthe high-speed, high assurance McAfee SecureOSoperating system. Patented McAfee TypeEnforcement technology secures the OS itself foran unparalleled level of platform security. Perhapsit is why SecureOS has an unparalleled CERTadvisory record: no emergency security patcheshave ever been required.The pre-configured operating system securitypolicy prevents compromises, and the entireoperating system is compartmentalized soattackers cannot disrupt its work.These extra steps allowed us to be the first firewallto achieve Common Criteria EAL 4 certificationwith US DoD Protection Profile compliance.Because of our innovation and advancedsecurity, the McAfee Firewall Enterprise protects15,000 networks around the world, includingthousands of government agencies, Fortune 500organizations, and seven of the top 10 financialinstitutions. Put us to work protecting you.

Data SheetHardware Specs1Form factorMcAfee Firewall Enterprise ApplianceS10044105101100210021502150 VX-XX4150Mini 1USmall 1USmall 1UEnterprise 1UEnterprise 2UEnterprise 2UEnterprise 2UEnterprise 5UUnlimited user licensesYesYesYesYesYesYesYesYesRecommended users100300600Med ID 1RAID 1RAID 5RAID 5RAID 5Power supplySingleSingleSingleDualDualDualDualDualCopper /22–Gb10/22–Gb22/24–Gb14/26–GbFiber interface option(max)N/AN/AN/A61212N/A1210 Gb interface option(max)N/AN/AN/A66666SSL/HTTPS decrypting,filtering, andre-encryptingYesYesYesYesYesYesYesYesRegulatory complianceFCC (U.S. only) Class B, ICES (Canada) Class B, CE Mark (EN 55022 Class B, EN55024, EN61000-3-2, EN61000-3-3), VCC (Japan) Class B, BSMI(Taiwan) Class A, C-Tick (Australia/New Zealand) Class B, SABS (South Africa) Class B, MIC (Korea) Class B, UL 60950, CAN/CSA C22.2 No. 60950,IEC 60950Performance1Firewall performance2500 Mbps1 Gbps2 Gbps6 Gbps6 Gbps10 Gbps6 Gbps12 GbpsStateful inspectionthroughput300 Mbps750 Mbps1.5 Gbps3 Gbps3 Gbps5 Gbps5 Gbps6.5 GbpsApplication filteringthroughput100 Mbps600 Mbps1.2 Gbps2.5 Gbps2.5 Gbps3.5 Gbps4 Gbps5 Gbps50 Mbps115 Mbps275 Mbps500 Mbps500 Mbps850 Mbps850 Mbps1 Gbps100 Mbps200 Mbps275 Mbps300 Mbps300 Mbps400 Mbps400 Mbps700 MbpsAnti-virusIPSec VPN throughputDimensions, weight, environmentalWidth10.7 in272 mm17.6 in44.7 cm17.6 in44.7 cm18.9 in48.2 cm17.4 in44.3 cm17.4 in44.3 cm17.4 in44.3 cm19.00 in48.25 cmDepth7.7 in195 mm16.75 in42.54 cm21.5 in54.6 cm30.4 in77.2 cm26.8 in68.1 cm26.8 in68.1 cm26.8 in68.1 cm24.4 in62.1 cmHeight1.7 in44 mm1.68 in4.2 cm1.68 in4.2 cm1.67 in4.26 cm3.4 in8.64 cm3.4 in8.64 cm3.4 in8.64 cm8.57 in21.77 cmWeight8.8 lbs4 kg15.3 lbs6.94 kg26 lbs11.8 kg39.0 lbs17.7 kg57.5 lbs26.1 kg57.5 lbs26.1 kg57.5 lbs26.1 kg77 lbs35 kg45 W110/220 V345 W110/220 V345 W110/220 VDual 717 W110/220 VDual 870 W110/220 VDual 870 W110/220 VDual 870 W110/220 VDual 870 W110/220 V0º C – 40º C32º F – 104º F10º C – 35º C50º F – 95º F10º C – 35º C50º F – 95º F10º C – 35º C50º F – 95º F10º C – 35º C50º F – 95º F10º C – 35º C50º F – 95º F10º C – 35º C50º F – 95º F10º C – 35º C50º F – 95º FPower supply detailsOperating temperature1. All specification and performance results are based on the S- and F-series of appliances.2. Performance data represents the maximum capabilities of the systems as measured under optimal testing conditions. Deployment and policy considerations may impact performance results.McAfee, Inc.3965 Freedom CircleSanta Clara, CA 95054888 847 8766www.mcafee.comMcAfee and the McAfee logo are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and othercountries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein areprovided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied.Copyright 2010 McAfee, Inc.8815ds nts nextgen-firewall 0610 kg

The firewall solution includes the McAfee Firewall Enterprise appliance family, McAfee Firewall Enterprise Profiler, McAfee Firewall Enterprise Control Center, and McAfee Firewall Reporter. Today, the weakest link in network security is the application layer. So we have taken the firewall trusted by more ultra-secure environments