Configuration Tool: Manage Complex, Dynamic Security Policies across Multiple Firewalls
An enterprise security policy may require hundreds of rules deployed across a fleet of firewalls. You need an efficient way to compare your security policy to your actual security implementation. With Control Center, you can selectively view the rules for a particular firewall, firewall group, or the entire organization and then easily modify those rules.
The Configuration Tool provides an efficient and intuitive graphical user environment. Administrators implement security policies by defining Intelligent Objects once and then reusing them whenever and wherever they’re needed. McAfee Firewall Enterprise Control Center supports many types of objects, including firewalls and firewall groups, hosts, networks, address ranges, endpoint groups, and services, including geo-location objects.
With the McAfee Firewall Enterprise Control Center appliance, centralized management
is simple and effective for any number of McAfee Firewall Enterprise appliances.
When policies change or attacks emerge, just update the affected objects. Control Center can instantly apply those changes to all McAfee Firewall Enterprise appliances across the enterprise. You can even compare policy configurations on all of your Control Center-managed devices to ensure consistency across your network. Robust configuration management features let you centrally track, trace, and validate all policy changes.
|Benefits of Configuration Tool Wizards|
|Duplicate Rules Wizard
||Scans your policies for duplicate rules to reduce the size and complexity of your rule base
|Merge Rules Wizard
||Upon importing firewall rules, identifies rules with a common set of parameters and merges multiple rules into a single rule
|IPSec VPN Wizard
||Defines and implements complex mesh, star, and remote access topologies. Easily creates VPN peers and edits key exchange properties. Control Center then automatically creates the secure VPN channels for you.
Administration Tool: Maintain Complete Access Control of Your Firewallswith Role-Based Administration
Some configuration changes are routine, while others are profound and far-reaching. Role-based administration allows you to determine which management functions can be viewed or changed based on each person’s network responsibilities. Create any number of roles with the Administration Tool. For example, one administrator role may be allowed to change only DNS entries, a second to view event logs, a third role to create rules associated with a specific network service or protected server, and another to allow junior administrators to create policies but not push them. Role-based administration ensures the appropriate division of management responsibility and maximum flexibility.
Use the Administration Tool to delegate appropriate levels of
policy monitoring and control to each administrator.
Easily keep all devices current. The Software Update Tool lets you centrally view
and track the software patch releases available for deployment of each device.
|Benefits of Administration Control|
- Lower costs by promoting centralization of key security personnel and consistent policy implementation throughout the network.
- Reduce complexity of security device administration while maintaining the flexibility to address each organization’s diverse needs.
- Use role-based administration to customize McAfee Firewall Enterprise Control Center access to match your team structure and separation of duties.
- Mitigate policy change overlap by locking support for simultaneous administrative users to ensure security policy changes are implemented and validated at separate intervals.
- Meet regulatory compliance requirements to limit auditing and other critical functions to specific individuals within the organization, improving security and reducing legal exposure.
Software Update Tool: Manage and Monitor Security Software
Your security infrastructure may include numerous firewalls deployed from the edge to the core of your network. McAfee Firewall Enterprise Control Center’s Software Update Tool makes it easy to ensure you are running the latest software on all your McAfee Firewall Enterprise appliances.
Collect and track releases within the software repository
The Repository Manager can automatically detect when new releases and firmware are available on McAfee’s FTP site. Download the files you need and store them on Control Center’s Management Server for manual or automated installation. View the readme files to determine which devices are affected. The Software Update Tool records all of the relevant file information, including the name, description, version number, target device, release date, and deployment status.
Centrally manage software installations
Install new releases to one system or to hundreds simultaneously. The Software Update Tool displays the installation history for all managed devices along with the progress of the current deployment. If needed, you can restore a trusted device configuration in seconds with a few clicks of the mouse. The Software Update Tool dramatically reduces the time and effort needed to keep your McAfee systems in peak condition.
Reporting and Monitoring Tool: Stay on Top of the Network
McAfee Firewall Reporter is integrated with Control Center
For an in-depth historical and trending analysis that’s focused on your McAfee Firewall Enterprise audit stream data, use the McAfee Firewall Reporter security event management (SEM) software that’s included with Firewall Enterprise appliances. Firewall Reporter software can be accessed and used right in the Control Center GUI, delivering central monitoring, correlated alerting, and reporting on any number of McAfee Firewall audit streams.
A variety of reports are available to provide comprehensive, device-specific information from your network of McAfee Firewall Enterprise appliances. The Control Center Reporting and Monitoring Tool lets you generate and view reports about individual devices and groups of devices. These reports are operator-focused to identify, investigate, correct, and close any issue with an individual security device. The Reporting and Monitoring Tool also includes Sarbanes-Oxley (SOX) reporting and monitoring.
McAfee Firewall Enterprise Control Center’s detailed reports
provide comprehensive, device-specific information.
McAfee Firewall Reporter software, which is included with McAfee Firewall Enterprise appliances,
provides 300 graphical reports for historical and trending analysis.
Firewall Reporter’s 300 reports give you immediate action points to keep the enterprise safer. The graphically rich tool strengthens your overall security posture, gives quick evidence of regulatory compliance with SOX, Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), Gram-Leach-Bliley Act (GLBA), and Federal Information Security Management Act of 2002 (FISMA), and proves the effectiveness and value of your McAfee Firewall investment to management.
Together, McAfee Firewall Enterprise Control Center and McAfee Firewall Reporter provide complete reporting to keep you on top of your environment to efficiently and proactively manage your network of McAfee Firewalls.
Your Enterprise-Class Central Management Platform
McAfee is world-renowned for the multi-level secure operating environment that powers our firewall appliances. The Windows client and all firewalls communicate with the management server using SSL-encrypted XML. SSL with client certificates are used for encryption and two-way authentication from all devices to the management server. For utmost convenience, McAfee Firewall Enterprise Control Center includes a built-in Certificate Authority.