McAfee Firewall Management - NDM

2y ago
18 Views
3 Downloads
768.53 KB
8 Pages
Last View : 23d ago
Last Download : 6m ago
Upload by : Xander Jaffe
Transcription

Data SheetMcAfee Firewall ManagementComprehensive visibility, control, and reporting, plus streamlined andintuitive rule management to simplify next-generation firewall managementThe Problem“60 to 70 percent of all firewalls aremisconfigured,” rendering them “ worse than useless.”—Chris Christiansen, IDCThe SolutionMcAfee Firewall EnterpriseThe more complex your organization, the more value you gain from visibility, control,and efficiency in firewall management. McAfee includes powerful, easy-to-usemanagement software with every McAfee Firewall Enterprise to help you know whois doing what when and be confident that firewall activities are not getting in theway of business. Optional McAfee Firewall Enterprise Control Center and McAfeeePolicy Orchestrator (McAfee ePO ) software share information to minimize thecomplexity and compliance challenges of enterprise and multi-tenant installations.Available appliances ensure that protection and troubleshooting scale withoutimpairing network traffic.Highlights Centralized policy and devicemanagement based on usersand applications Intuitive, reusable policies and toolsthat spotlight rule interactions,overlaps, gaps, and chances foroptimization Integrated dashboards, correlatedand custom alerts, and real-timelog viewing Role-based administration andchange controls Logical separation of policies andconfiguration domains Forensics and reporting included atno extra charge Enterprise scalability and reliability Log trending and analytics Data sharing with endpoint systemsthrough ePolicy Orchestratorsoftware More than 550 out-of-the-boxreportsNext-generation firewalls allow IT to permit safe,liberal use of social media and web applicationswhile retaining visibility and fine-grained policycontrol for compliance. However, as organizationsintroduce more security—such as identity- andapplication-aware rules, content inspection,anti-virus, and IPS—these overlays can addcomplexity to firewall management unlessfirewall administrators also adopt more efficientmanagement processes and tools.With conventional firewalls, management hasbeen the largest factor in the cost of ownership.Routine tasks consume endless hours. Whenthere’s a network outage, teams frantically piecetogether what happened, often striving to simplyprove the firewall was not at fault.As organizations take advantage of the securitycontrols in next-generation firewalls, integratedtools and automation should reduce rule setcomplexity and streamline incident response.Our McAfee firewall management solutionscan help ensure your next-generation policyenforcement controls have the appropriateimpact on your network, enabling valuablebusiness services without hindering users oroverwhelming operations.More Confidence, Lower CostThe McAfee firewall management solutioncombines management, reporting, and analytictools for better visibility, effective security, andstreamlined operations, including intuitiverule management. Solution components worktogether to lower firewall management effortand costs. McAfee covers the crucial facets offirewall management: Firewall administration—Enable fine-grainedrules, audit operations, and centrally managepolicies and configurations—all with highlyintuitive management capabilities Trending, visualization, and analytics—Monitoryour firewall day to day, correlate data, andanalyze real-time information flows withinone environment Historic analysis and reporting—Handle thelong-term retention of firewall audit data andstreamline compliance with 550 reports Host integration—Leverage McAfee ePO software to share host and firewall data

Data SheetDoes your current firewallmanagement help you? Quickly identify who used whatapplication Write policies to control user accessto applications See rule interactions in advance Easily identify rules that match traffic Design and validate appropriaterules Enable real-time content andsecurity controls with a few clicks Write fine-grained rules in yourbusiness’ language: users and apps Maintain threat visibility asattacks emerge View analytics, trending, andvisualization of log data in a singleenvironment Quickly identify problems andfind resolutions Reduce policy size and complexity Share data between networkand host Automate everyday workflows Streamline compliance reporting Optimize policies and clean up rules Integrate the firewall with existing ITinfrastructure, change processes, andorganizational structuresMcAfee Firewall ManagementFirewall AdministrationMcAfee provides both local and centralizedoptions for configuring, monitoring, andmaintaining firewall devices and capabilities.geo-location, decryption, or reputation. You canpermit use of potentially risky applications butimpose protections that match the application’sthreat vectors. For example:Local AdministrationThe McAfee Admin Console offers a basicenvironment for connecting to and managing oneor more firewalls. This console makes it easy toimplement policies that take advantage of all theoptions of the next-generation McAfee FirewallEnterprise. In one view, you enable granular,targeted security controls, constructing a singlerule for each policy using the business language ofapplications and users. Apply AV and IPS to web conferencing Limit use of SSH and SSH tunneling to specificusers and block port forwarding to preventmalicious traffic Use geo-location to disallow and IPS to scantraffic to and from a dark portion of the web Decrypt inbound traffic for content inspection,exempting based on policy, and re-encryptA monitoring dashboard and one-click accessto powerful network tools such as TCPdump,ARP, Ping, and nslookup bring together the coreprocesses for managing individual firewalls. Fullconfiguration and management capabilities areavailable at the command line as well.Fine grained control of applicationsand defensesFor each rule, a few clicks within one graphicaluser interface activate rich security controls, suchas intrusion prevention (IPS), anti-virus (AV),As you draft each rule, you can control subcapabilities of applications, such as games onwebsites, and restrict access and capabilities at theuser level to match roles. Rules stay up to date asusers change roles or leave the company. A searchoption helps you find applications, categories, andcapabilities that your policy should reflect.To reduce complexity and troubleshooting, thisconsole presents rule interactions on a tab. Thedisplay highlights the rules and areas of each rulethat could cause potential problems. You canimmediately identify conflicts that could preventyour new rule from taking effect.Command Line ControlsWith McAfee, advanced users havethe option of broad commandline control: Full Unix shell and tool access View all firewall log files, historic orreal time Fully configure or import policy Access command line interface (CLI)at Console or over SSHMcAfee Firewall Enterprise Admin Console provides quick access and complete control over your firewalls

Data SheetMcAfee Firewall Enterprise ControlCenter Advantages Quickly search for rules and objectsto reuse in existing or new firewalls Define packet filtering andapplication-layer rules quickly andefficiently in a graphical, objectbased environment Use wizards to reduce the sizeand complexity of your rule base,reduce overlaps and duplications,and simplify common tasks likeVPN deployments Receive, consolidate, and displaycustomized alerts from managedfirewalls through a secure channel Validate policy consistency andunderstand rule interactions prior todistribution Import firewall configurations, makechanges, and then export back toall devices, saving significant timeand effort Backup and restore firewallconfigurations to recover fromconfiguration errors, or replicatea trusted configuration on a newsystem quickly and easily Control individual or groups offirewalls by re-initializing thenetwork or rebooting Cost-effectively manage multipleentries, organizations, orconfiguration domains (for managedservices) or organizations Trackall user actions in a sessionby associating them with achange ticket Support audit and regulatorycompliance by viewing all changesin the audit trail with the changeticket number Automatically update all firewallswith the latest software releasesand patches Right-click on a firewall in ControlCenter and launch immediatecommand line access via SSHMcAfee Firewall ManagementIntuitive dashboard and real-timeaudit viewerThe firewall dashboard provides quick details onsystem status, allows simple confirmation andupdating of security services, and highlightsthe latest number of applications discoveredand policies in use over your chosen time span.Additionally, the real-time audit viewer within theconsole helps you keep abreast of active rulesand troubleshoot issues. You can filter audit logsusing predefined or custom filters, color code theresults to accentuate threat events, and scheduleautomatic exporting of data to reporting systems,like McAfee Firewall Reporter or McAfee Security Innovation Alliance partner products.Central AdministrationIn environments with multiple firewalls, firewalladministrators can use the local firewalladministration console for full policy and deviceconfiguration, to set up and monitor dashboards,and to perform troubleshooting by viewing packetcaptures and logs in real time.But how do you see the big picture? How do youcapture economies of scale and reduce overlapsin rules, policies, and operations? The optionalMcAfee Firewall Enterprise Control Centerdedicated or virtual appliance centralizes firewallmanagement across multiple firewalls, boostingconsistency and slashing maintenance effort.Control Center helps you implement firewallsecurity configuration settings, policies, and policychanges quickly, easily, and accurately acrossyour entire firewall infrastructure. This integratedenvironment unites all of the McAfee firewallmanagement tools.Powerful yet simple rule creation, validation,and distributionAn enterprise security policy may require hundredsof rules deployed across a fleet of firewalls. Largepolicies with many rules are harder to manage andincrease the chance of user error, which puts thenetwork at risk.The Control Center environment helps youconstruct and optimize policies to minimize thenumber of rules, streamlining execution for betterfirewall performance. You can allow the traffic andinspections that you need, without extra checksthat slow it down.Control Center includes graphical, fully integratedpolicy management tools that handle your entireenterprise network—from the edge to the core.The single rule policy concept available for localadministration is enriched here to match the challenges of managing multiple systems, handlingcomplex network topologies, and reusing rules. Asyou define powerful rules to take full advantage offiltering and protection features and act on applications and users, Control Center helps you leverage these rules across your firewall infrastructure.Drag-and-drop rule “objects” make it easy toconfigure, reuse, merge, optimize, troubleshoot,and clean up (remove unused) policies as youcreate specific configurations for each appliancein a multi-firewall environment. To control accessto specific systems, such as database servers, youcan search by rules within objects, such as IPaddress or port. Just drag and drop the resultingrule objects to the correct rule fields to create orupdate access controls. Before you update the rule,just click to see if there are overlaps and confirmthat the rule will fire.McAfee Firewall Enterprise Control Center centralizes and eases management of multiple firewalls

Data SheetSee the “Who” On Your NetworkMcAfee firewalls leverage McAfeeLogon Collector (MLC) simplifiesdiscovery, logon, and authenticationprocesses across all McAfee firewallmanagement tools as well as McAfeeData Loss Prevention. This noninvasive process maps IP addressesto users for all types of traffic toenable user-based policies withoutrequiring the user to authenticateto the firewall or use a protocol thatsupports authentication Quickly discover who is usingwhich application and checkauthentication status Enforce user-based access controlpolicies without a separateauthentication step Leverage users and groups in yourMicrosoft Active Directory Enforce additional activeauthentication for users not loggedin to the domain Authenticate using captiveportal, NTLM, Radius, LDAP, andActive DirectoryCost-Effectively Manage MultipleEntities or OrganizationsControl Center helps managedservice providers and organizationswith multi-tenant management orreporting requirements administerthe firewalls of multiple customers orseparate entities. Create “domains” or “zones” thatact as separate Control Centerinstances—administrators only seethe firewall and policies for theirparticular customer or entity. Separate configurations for severalenterprises and hide informationabout an enterprise fromadministrators of other enterprises Keep configuration simple andsave time and effort with commonrule objects; cross-enterprise policyobjects can still be shared or reusedby all domains Role-based access control helpsenforce change control policiesMcAfee Firewall ManagementSearch filters let you selectively view the rules fora particular firewall, firewall group, or the entireorganization, and then easily modify those rules.Once defined, you can distribute rules to hundredsof firewalls, sharing them across logical enterprisegroups, such as global, group, cluster, or localdomains, or configuration domains, such as thoseoffered by managed service providers.Optimized policies deliver better firewallperformance and better securityOver time, rule sets tend to grow, overlap, andbecome ineffective, making it easier to makemistakes. To reduce the number of rules, our toolsautomate clean up. Wizards help you scan for,identify, and merge similar rules (a common set ofparameters) and delete duplicate or unused rulesto keep rule sets manageable.For example, multiple administrators might createseparate objects that have different names, butperform the same function. The “merge objects”command will look for this situation and clean itup with a single common object. Fewer rules toconsider equals better performance.Adaptive objects allow rule groupingand reuseAdministrators implement policies by definingintelligent objects once, and then reusing themwhenever and wherever they make sense. Withobject grouping, you can do much more with asingle rule and consolidate rule sets.Control Center supports many types ofobjects, including firewalls and firewall groups,hosts, networks, address ranges, applications,endpoint groups, and services, including geolocation objects.Control Center also gives you visibility into ruleusage. You can identify the most used rules, leastused rules, and rules that have not been matchedby firewall traffic in the last 30 days. This realworld data lets you:You can even compare policy configurations onall of your Control Center-managed devices toensure consistency across your network. Robustconfiguration management lets you centrally track,trace, and validate all policy changes.Manage and monitor firewall softwareFor efficient and consistent updates, ControlCenter can automatically detect when newreleases and firmware are available on the McAfeesite. Simply download the files you need and storethem on Control Center’s Management Server formanual or automated installation. When you areready to install, you can push new releases to onesystem or to hundreds simultaneously.Control Center displays the installation historyfor all managed firewalls along with the progressof the current deployment. If needed, you canrestore a trusted device configuration in secondswith a few clicks of the mouse.Complete access control with role-basedadministration and configuration domainsSome configuration changes are routine, whileothers are far-reaching. Role-based access allowsyou to exert centralized, consistent, policy-basedcontrol over distributed teams, determiningwhich management functions can be viewed orchanged based on each person’s responsibilities.Role-based access can also ensure that onlyapproved users create or validate rules, reducingthe risk of unauthorized changes or rule conflictsbreaking the firewall. Customers subject to PCIDSS often employ role-based access to enforcechange controls.You can create any number of roles to addresseach organization’s needs and privileges, associaterules with roles (to limit modifications), andestablish priority protections for rules. Differentroles could be defined to: Change only Domain Name System (DNS) entries View event or audit logsCreate rules associated with a specific networkservice or protected server Move most-used rules to the top of the rule listso traffic can be processed quickly Investigate least-used rules to see if they areworking as intended Delete or disable unused rules that must bejustified during auditsYou might dictate that certain rules must alwaysbe at the top of the policy list and moved only bycertain privileged users. Roles, like the rules youbuild, link to users and groups in LDAP and ActiveDirectory so the system can auto-create or autodeactivate users as they connect to Control Centerfor the first time.

Data SheetProfiler Advantages Profiler features a next generationweb UI viewable from any webenabled device, or from withinControl Center to integratemonitoring with other workflowsand assist incident response McAfee ePO platform integrationallows the opening of tickets andother actions based on changingbehaviors sent from Profiler Visualization of all firewall actions interms of who/what/where improvesdiagnosis and provides guidance intoneeded rule changes Correlates 30 days worth of firewallactions to network users and roles inreal-time to quickly validate impactof changes On-demand access to McAfee ePOplatform asset directory confirmsthat the right countermeasures areactive on a host, such as AV andendpoint encryption Identify root cause categorizationsfor denied traffic Pulls firewall policy and rule objectsto show the details of the rule andalso provides reports in terms offirewall policy objects Timeframecomparison andprioritized visualization for detectingimportant changes in access patterns Create reporting objects to improveor focus analysis in particular areasof the network Use graphical reports to conveysituational awareness, threats bygeographic location, applicationstraversing the firewall, and otherinformation to those who needto know Can be deployed quickly andleverages existing network devicesand infrastructures Intercepts login authenticationswithout host agents or additionalinline devices Enables trending and analysiswithout manually intensive, afterthe-fact log collection and reviewMcAfee Firewall ManagementTrending, Visualization, and AnalyticsAfter you have configured your firewalls, use yourMcAfee Firewall Enterprise Profiler for situationalawareness about changing usage and threats andat-a-glance monitoring day to day. It helps youdiscover, visualize, and monitor application usageby user group and risk level.With Profiler’s graphical displays, you spendminutes rather than hours planning changes,optimizing rules, and troubleshooting firewallrelated network or application outages. Profilerhelps replace substantial manual effort and logviewing with a few simple clicks.This software, included with your Firewall purchaseor available in a dedicated appliance, takes feedsfrom the firewall, analyzes the data for visibilityinto how the firewall rules are affecting thenetwork, and helps you detect changes in accesspatterns in real time.Application discovery and real-timeusage visualizationWhile McAfee Firewall Enterprise discovers theapplications traversing the network, Profilervisualizes those applications, both inbound andoutbound. It also shows you how bandwidth isbeing used, by risk level and user group.Dynamic displays highlight changes on thenetwork, comparing timeframes and prioritizingevents to help you detect alterations in accesspatterns that could signal a problem. You cantrack what happens for any time period at thefirewall, characterizing users and assets based onreal-time network activity and visualizing firewalldeny/allow actions in context. This clarity lets youdetermine which applications are required andwhich are not, and create policies in the firewallthat control access to applications. With data toback up decision-making, you can reduce costin terms of bandwidth use, improve productivity,and tune rules or educate users to ensure usagematches organizational policies.Threat and geographic visualizationSince many attacks are targeted and subtle,Profiler gives you tools to determine if the systemsprotected by your firewalls are under attack,identify threats, confirm countermeasures are inplace, and prioritize risks. The system highlightsSince crises seem to hit most often when you’re away from the office, you can troubleshoot firewall events from anyweb browser

Data SheetMcAfee Firewall Managementchanges in risk so you can quickly take action andit dynamically adjusts risk ratings according toasset value, application risk, and identified threats.Profiler presents events correlated against firewallpolicy in the context of all firewall actions. Tospeed assessment, you see details for each event,including users, geographic location, and sourceand destination IP addresses and ports. The displaylets you drill down to show specific users withinthe user group and look at the rule and the reasonfor a “deny” action. To verify that protectivemeasures are working, you can see a reportthat shows security countermeasures appliedby application.Geo-location can be a strong indicator of risk.Profiler can tell you the locations and sourcesof traffic and threats. Are you getting BitTorrenttraffic from countries or regions where you do notdo business? Are your hosts connecting to riskyneighborhoods on the web? You can determineboth the source and the destination of traffic—internal, external, or through a partner—searchingby application and user group. You can drill intousage bubbles to see rules, IP addresses, users,and more and determine if traffic is business- ornon-business-related.Use Profiler to discover the applications your users are accessing andvisualize the risk and network impact.Rapidly diagnose outagesDuring an application outage, filters help youquickly identify and scope the problem, digginginto the root cause without leaving the firewallenvironment. You can drill down within bubblecharts to understand what users or specificapplications are involved, for example TeamVieweror WebEx, and click through directly toinvestigate further.Drill downs show users, countries involved,applications, usage levels, and the firewall rulesthat are allowing or blocking the particularapplications. As you implement fixes, the realtime monitoring allows you to validate instantlythat the rule set change had the desired effect ontraffic, applications, or users.Quick and direct reportingProfiler’s graphical reports and reusable reportingobjects help you convey information to otherswithin your organization to guide actions andexplain events or new requirements. Built-inreports cover pre-defined application and userbased topics, which let you document events andactivities without going into another tool. Reportscan reflect any level and any filtered or specificview in Profiler. You can print, save, or exportreports into PDF or CSV formats.Proactive support to validate changesVisibility into users, applications, and trends makesit possible to profile the impact of infrastructurechanges. Profiler lets you confirm that systemsand traffic are back to normal and users haveappropriate access to applications.Broad, exhaustive reportingAvailable as a virtual ordedicated applianceA virtual Firewall Enterprise Profiler isincluded with every McAfee FirewallEnterprise product. In addition, manycustomers choose to purchase ourdedicated Profiler appliance runningon McAfee Linux. By operatingon a dedicated appliance, out ofband, the Profiler can handle largerdata sets, display real-time events,run troubleshooting queries, andlet you explore rule sets withoutaffecting on-going firewall ornetwork performance.Application and identity-basedreportsReports identify the top applications going through the firewall and spotlight theindividuals who are using those applicationsGlobal Threat Intelligencereputation reportGraphically see the spam that has been dropped at the network edge using reputationbased filteringProtocol and web usageProvides a clear picture of protocol and web usage by user, department, and/or device.Identifies inappropriate usage including user activity associated with security applianceURL filtering.Bandwidth usageView bandwidth utilization by department, client, and applicationRegulatory complianceReport templates take the pain out of regulatory compliance for Sarbanes-Oxley, PaymentCard Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), GrammLeach-Bliley Act (GLBA), and the Federal Information Security Management Act (FISMA).Configuration managementDocument configuration change detail to prove that corporate networks are configuredto government requirements

Data SheetMcAfee ePO platform integrationenables visibility into: Firewall alerts Firewall health statistics Historical performance trends Trackingof version and patch levels Hosts and endpoints used in policies Host profile information directlyfrom analytical toolsMcAfee Firewall ManagementEvent Analysis and ReportingAdministrators use McAfee Firewall EnterpriseProfiler daily to understand changing situations.They turn to McAfee Firewall Reporter to seethe larger landscape of historical events andaggregate data for audit and compliance activities.Viewed within McAfee Firewall Enterprise ControlCenter or from its own web-based GUI, FirewallReporter centralizes audit streams, correlates alertsacross devices, handles the longer-term retentionof firewall audit data, and streamlines compliance.Operator-focused reportsMore than 550 reports cover all areas of thefirewall including application and user basedreports by geo-location, security zone, systemhealth, and many other areas that providecomprehensive, device-specific information onindividual or groups of firewalls. Reports areoperator-focused to help you identify, investigate,correct, and close any issue. Visibility helpsyou secure the network, manage bandwidthrequirements, and ensure appropriate usage.Identity and application-based reports unlockthe capabilities of your next-generation firewall,augmenting existing regulatory reports. Historicalattack reports can show events categorized by hour,day, week, month, quarter, or current comparisonsby each device, as well as across all devices.Integrated and scalableMcAfee Firewall Reporter integrates with ControlCenter and is included with McAfee FirewallEnterprise. It scales to the largest environments togenerate a complete picture of enterprise securityevents with no hours wasted in manual analysis ofindividual device logs.ePolicy Orchestrator Platform IntegrationSeveral McAfee firewall management toolsintegrate with the McAfee ePO platform to helpnetwork managers collaborate with enterprisesecurity administrators, helpdesk teams, andauditors. For instance, the Profiler sends trendand change data to McAfee ePO software thatcan trigger a helpdesk ticket. Integrations likethese make it easier to understand the context ofevents for faster resolution and uncover the mostpressing issues that require intervention.McAfee Firewall Enterprise Control Center,McAfee Firewall Enterprise Profiler, and McAfeeePO software can correlate host and firewallhealth data within the firewall managementconsole. You can view top-level data formultiple firewalls or drill down for detailed dataon a firewall or the Control Center or Profilerappliance that monitors it. Profiler can obtainhost information from an event’s drill down tocomprehend the situation more quickly.Get StartedBy integrating, automating, and centralizingmanagement activities throughout the firewallmanagement workflow, McAfee offers crucialtools that will help you extract the maximumprotection and compliance value out ofyour firewall investment, with the minimumof time and tedium. The McAfee firewallmanagement tools work together to maximizeoperational efficiency, simplify policy control,and demonstrate regulatory compliance, whiledriving down management costs. Learn more atwww.mcafee.com/firewall.

Data SheetMcAfee Firewall ManagementTechnical SpecificationsControl Center AppliancesMcAfee Firewall Enterprise ControlCenter Appliances (from top down)are the C1015, C2050, and C3000McAfee Firewall Enterprise ProfilerAppliance, the P1000Profiler ApplianceHardware SpecsC1015C2050C3000P1000Form Factor1U1U1U1UManagement Capability(Max)15 Firewalls50 Firewalls100 or Unlimited*FirewallsN/ANetwork Interfaces(10/100/1000 copper)2222Hard Drive1 x 500GB SATA 7.2k2 x 300GB SAS 10k4 x 300GB SAS 10k2 x 300GB SAS 10kRAIDN/ARAID 1RAID 5RAID 1Optical DriveNone8x DVD-ROM8x DVD-ROM8x DVD-ROMOut of Band ManagementYesYesYesYesRemote AccessNoYesYesYesPower SupplySingle 350WDual 650WDual 650WDual 650WPower Consumption@110V, 306W, 2.8A@110V, 360W, 3.3A@110V, 381W, 3.5A@110V, 360W, D)1.69”x16.9”x27.19”(HxWxD)Weight22 lbs.31 lbs.32 lbs.31 lbs.MTBF130,494 hours66,531 hours61,423 hours66,531 hours* C3000 features a license upgrade to allow management of an unlimited quantity of firewallsVMware Player, VMware Server, or VMware Workstation software is required to host the Profilervirtual appliance.McAfee2821 Mission College BoulevardSanta Clara, CA 95054888 847 8766www.mcafee.comMcAfee, McAfee ePolicy Orchestrator, McAfee ePO, and the McAfee logo are registered trademarks or t

McAfee Firewall Enterprise Admin Console provides quick access and complete control over your firewalls. Data Sheet McAfee Firewall Management McAfee Firewall Enterprise Control Center Advantages Quickly search fo

Related Documents:

McAfee Firewall Enterprise Control Center Release Notes, version 5.3.1 McAfee Firewall Enterprise Control Center Product Guide, version 5.3.1 McAfee Firewall Enterprise McAfee Firewall Enterprise on CloudShield Installation Guide, version 8.3.0 McAfee Network Integrity Agent Product Guide, version 1.0.0.0

the McAfee Firewall Admin Console client software, the hardware or virtual platform for running the firewall software. Configuration B. comprises: the McAfee Firewall Enterprise software, including its SecureOS operating system, the McAfee Firewal

McAfee Management of Native Encryption (MNE) 4.1.1 McAfee Policy Auditor 6.2.2 McAfee Risk Advisor 2.7.2 McAfee Rogue System Detection (RSD) 5.0.4 and 5.0.5 McAfee SiteAdvisor Enterprise 3.5.5 McAfee Virtual Technician 8.1.0 McAfee VirusScan Enterprise 8.8 Patch 8 and Patch 9 McA

McAfee, Inc. McAfee Firewall Enterprise 4150E Hardware Part Number: NSA-4150-FWEX-E Firmware Versions: 7.0.1.03 and 8.2.0 FIPS 140-2 Non-Proprietary Security Policy FIPS Security Level: 2 Document Version: 0.6 Prepared for: Prepared by: McAfee, Inc. Corsec Security, Inc. 282

4 From McAfee.com, copy the McAfee ePO software to the virtual McAfee ePO server. 5 From the McAfee ePO server, run the setup utility. 6 Using a remote browser, log on to McAfee

McAfee Firewall Enterprise 1100F, 2150F, and 4150F Page 4 of 47 . Admin Console is McAfee’s proprietary GUI management software tool that needs to be installed on a Windows-based workstation. This is the primary management tool. All Admin Console

McAfee Firewall Enterprise 1100E, 2150E, and 4150E Page 4 of 41 . Administration Console – The Administration Console (or Admin Console) is the graphical software that runs on a Windows computer within a connected network. Admin Console is McAfee’s proprietary GUI management s

b. What is AngularJS? 2. Basic Angular Security Concepts a. Strict Contextual Auto Escaping b. The HTML Sanitizer 3. Common Security pitfalls a. Server-Side Template Injection b. Client-Side Template Injection c. Converting strings to HTML d. White- and Blacklisting URLs 4. Conclusion Agenda