Embed Size (px)
Citation preview
McAfee Confidential—Internal Use Only
McAfee Firewall Enterprise
Next Generation Firewall
Ramy Muhammad Ahmad
Regional Systems Engineer
Middle East & North Africa
McAfee Confidential—Internal Use Only
Agenda
• Firewall Concept.
• McAfee Firewall History.
• McAfee Unique Features.
• Offered Models.
• Live Demo.
McAfee Confidential—Internal Use Only
• Firewall Concept.
McAfee Confidential—Internal Use Only
Firewall Concept
About the Course 4
McAfee Confidential—Internal Use Only
• McAfee Firewall History.
McAfee Confidential—Internal Use Only
McAfee Firewall History
• Strong Pedigree and 30 years of Continued Investment
1984: Mastering the art of
Secure Operating Systems as part of Honeywell for the
National Security Agency (NSA) Integrated
1994: Released
first firewall version 1.0
2002: Acquired Gauntlet Firewall
Integrated
2003: Acquired
N2H2 Web Filtering
Integrated
2005: Acquired
CyberGuard Firewall
Integrated
2006: Acquired
CipherTrust Email
Security Integrated
2008: Acquired by
McAfee “World’s largest
dedicate Security
Company”
• High Assurance Brand and Reputation Protection
- Allowing you to connect globally and expand your business securely
2010: Next
Generation Application
Control Integrated
McAfee Confidential—Internal Use Only
• McAfee Unique Features.
McAfee Confidential—Internal Use Only
Networking and Security Service Integration
Comprehensive Firewall
• Secure OS
• Packet filter
• Application Layer
• App Prism
• Stateful inspection
• SSL Inspection
Comprehensive Firewall
• NAT
• PAT
• High Availability
• Quality of Service
• VLAN
• Advanced Routing
Flexible Deployments
• Standalone Appliances
• Multi-Firewall
Appliances
• Virtual Firewall for
VMware
• Riverbed Steelhead
Management
McAfee Firewall
Enterprise Profiler
McAfee Firewall Enterprise
Control Center
Firewall VPN Application
Discovery & Control GTI: TrustedSource GTI: Geo-location
Encrypted Filtering Intrusion Prevention
System
Anti-Virus and
Anti-Spyware
Web Filtering
Anti-Spam
McAfee Product Portfolio
McAfee Confidential—Internal Use Only
Unique Features
9
1- Secure OS:
• Modified Unix OS
• Remove the concept of super user to secure our OS.
• OS that never been hacked.
• Trusted from the most secure entity world wide such as US MOD.
McAfee Confidential—Internal Use Only
Unique Features
10
2- Packet Filter Firewall:
• Control the traffic based on network layer
& data link layer protocols such as
IP , Port & Protocol .
• Legacy and not enough technology
because 80% percent of our traffic
is going throw port 80.
McAfee Confidential—Internal Use Only
Unique Features
11
3- Application Layer Firewall:
• Control the traffic based on application layer
protocols such as HTTP , SSL , DHCP , DNS
FTP ..etc. .
• Legacy and not enough technology
because 80% percent of our traffic
is going throw port 80.
McAfee Confidential—Internal Use Only
Unique Features
12
4- Next Generation Firewall:
• Control the traffic based on application
identity such as Facebook , twitter ,
YouTube , Skype ..etc.
• Not only this but also we can allow
specific functions and disable others based
on your business needs.
McAfee Confidential—Internal Use Only
Unique Features
13
5- User aware:
• Rule can be applied
Zones.
IP Address.
IP Rang.
Subnet.
User Identity.
Group in AD.
McAfee Confidential—Internal Use Only
Unique Features
14
6- GTI:
• GTI is McAfee Unique technology used to
stop the known and unknown attacks.
• McAfee proactive and predictive technology
to stop zero day attacks.
• Its consisting from:
Artemis (File Reputation).
Trusted Source (IP Reputation)
McAfee Confidential—Internal Use Only
Unique Features
15
7- SSL Inspection:
• One of the very important
Rule as I will decrypt the
traffic to be able to
inspect it.
• Without the decryption we
will only be able to apply the
Rule on the packet header
IP , Port & Protocol.
McAfee Confidential—Internal Use Only
Unique Features
16
8- IPS inspection.
• Signature based IPS.
• Can be used with Access
Control rule to inspect the
traffic
• Can take actions such as:
McAfee Confidential—Internal Use Only
Unique Features
17
9- Smart Filter :
• Add on feature without
Any additional license.
• It can be used to make
URL filtering and
apply policy on user
or AD group.
• You can create your
custom category and
apply it.
McAfee Confidential—Internal Use Only
Unique Features
18
9- DOS & DDOS Protection :
• Can be done using the IPS
Signatures .
• Also can be done by the
application defense rules
using the connection
limiting policy.
McAfee Confidential—Internal Use Only
Unique Features
19
10- AV/AS:
• Used to protect the end
user from being infected
by any malware when
he access any malicious
website.
McAfee Confidential—Internal Use Only
Unique Features
20
11- Web Application Firewall to protect your web application:
• Using the application defense rule we can comply with up to 95%
of the dedicated WAF.
• Using these predefined profile will help us to control the
commands sent and received between the users and your web
servers.
McAfee Confidential—Internal Use Only
Unique Features
21
McAfee Confidential—Internal Use Only
Unique Features
22
McAfee Confidential—Internal Use Only
Unique Features
23
McAfee Confidential—Internal Use Only
Unique Features
24
McAfee Confidential—Internal Use Only
Unique Features
25
12- QOS:
• We can build QOS and assign it to an interface, protocol & port.
McAfee Confidential—Internal Use Only
• Offered Models.
McAfee Confidential—Internal Use Only
Offered Models
27
McAfee Confidential—Internal Use Only
28
Offered Models
McAfee Confidential—Internal Use Only
• Demo & Uses Cases
McAfee Confidential—Internal Use Only
Live Demo
30
McAfee Confidential—Internal Use Only
31
