- Chat with McAfee Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
- Find a Reseller
- Contact Me
- Get Security Notifications Now
- Call: 1-888-847-8766
Overview
McAfee Firewall Enterprise defends critical assets, such as regulated data repositories (customer, financial, and healthcare data), email and web servers, extranets, and data centers. This high-assurance firewall also offers strong next-generation firewall capabilities, including application visibility and deep application controls for defense. It delivers strong policy-based controls, blocks the latest threats, and eliminates unwanted traffic. Pushing the boundary of next-generation features, this firewall is able to identify users and see the host applications actually used to initiate network connections. A first for the network security industry, this unique host and firewall integration works to identify potential anomalies and threats throughout the inside of an organization’s network.
Advanced firewall security capabilities, such as application identification, reputation-based global intelligence, automated threat feeds, encrypted traffic inspection (SSH/SSL), intrusion prevention, antivirus, and content/URL filtering, block attacks before they occur. Unlike other solutions, McAfee includes these additional security services at no additional charge.
Firewall Enterprise also includes enhanced firewall security powered by McAfee Global Threat Intelligence (GTI). McAfee GTI is a comprehensive cloud-based threat intelligence service. Already integrated into McAfee security products, it works in real time, 24 hours a day, to protect customers against cyberthreats across all vectors — file, web, message, and network. McAfee GTI offers the broadest threat data, most robust data correlation, and most complete product integration in the industry. McAfee’s GTI network allows enabled products to evaluate threats on multiple vectors in real time, leading to faster identification of threats and higher capture rates. Firewall Enterprise uses the McAfee GTI network connection reputation service to identify domains, IP addresses, and ports that may be hosting malware attacks, and block those attacks. Firewall Enterprise also uses web reputation to identify URLs that may be infected or hosting malware attacks, as well as sites hosting undesirable content.
McAfee also offers proven centralized management, right-click integration with ePolicy Orchestrator (McAfee ePO) software for endpoint data and mature migration tools to move from legacy firewalls to ours. Firewall Enterprise fully supports McAfee’s SIEM solutions too, including McAfee Enterprise Security Manager and McAfee Event Reporter, providing customizable views and reports for all firewalls across a customer’s global network. This high-assurance firewall solution offers very flexible deployment options — from virtualized software to custom-built hardware to availability on the Crossbeam high-performance platform and running on CloudShield’s trusted cyber platform. Firewall Enterprise is a best fit for organizations that need high-assurance security to protect critical assets inside the network as part of a layered defense strategy.
McAfee Firewall Enterprise Control Center (sold separately) — Offers centralized, enterprise-class network firewall policy management for global-scale deployments.
Features & Benefits
Consolidate security, leverage high-assurance features
Put the network firewall in charge of security again with integrated comprehensive network gateway protection technology, including:
- Scalable policy enforcement (includes granular user and application controls)
- IP reputation
- Geo-location
- Encrypted traffic inspection (SSH/SSL)
- Antimalware
- URL/web filtering
- Antivirus
- Network intrusion prevention
Restore policy compliance in the network
Establish control over network applications and ensure alignment with compliance requirements. Allow administrators to quickly and efficiently apply application and user-based policies written in business terms (e.g., a marketing manager can access Facebook apps, but a financial controller cannot). Also, gain visibility into rules that might impact existing rules, avoiding conflicts and duplication.
Use AppPrism for application controls
Discover, control, visualize, and protect thousands of network applications. With AppPrism, you can gain individual application function control within the application. You can use AppPrism at the group level, or at a very granular per user per application level.
Integrate with existing identity infrastructure
Align your firewall security rules directly with organizational policy statements. Integration with existing network identity infrastructure enables simple deployment while aligning network security with the organization system of record. With McAfee’s Network Integrity Agent, the firewall not only shows you who initiates a session (even within VDI environments), but identifies the host application they actually used to initiate the session. This provides increased visibility into potential anomalies and threats within your network.
Leverage millions of sensors worldwide
Harness the power of 100 million sensors worldwide, providing real-time threat feeds to deliver predictive and pro-active security protection. Greatly reduce your time to protection with automated threat feeds that are delivered without taking the network firewall offline.
Identify firewall rule optimizations
Simplify the firewall’s policy in real time. Eliminate the hours spent looking for overlapping, conflicting, or inactive rules. The intuitive interface immediately identifies firewall rule optimizations, as you modify or construct rules. This high-assurance solution also delivers mature rule migration tools to help migrate from existing and legacy firewalls to McAfee Firewall Enterprise.
Optimize rules management
Centrally manage from a handful up to thousands of firewalls regardless of software version, virtual or physical firewalls, or running different platforms including Crossbeam or CloudShield. You can also generate reports, create rules, and selectively apply antivirus, IPS signatures, URL filtering, and more from a single screen. In addition, you can correlate firewall rules to users and applications to ease planning and network troubleshooting. Integration with McAfee ePolicy Orchestrator (McAfee ePO) software provides a holistic view of firewall health information and an understanding of desktop and server security posture. Integration with McAfee’s SIEM solutions provides customizable views and reports for all of the firewalls within an organization.
Provide security throughout the network
Deploy robust, flexible, and scalable security across your network, precisely where it’s needed with McAfee’s diverse set of powerful platforms. McAfee’s custom-built network appliances and availability to run on Crossbeam’s X-Series platforms address all performance and port density requirements, providing up to 58 Gbps of inspected traffic throughput. Deploy network security with confidence in untrusted environments by running McAfee Firewall Enterprise on the CloudShield CS-4000 trusted cyber platform. Multi-firewall appliances can consolidate up to 32 traditional standalone firewalls into a single, easy-to-manage, and cost-effective appliance. Our firewall virtual appliances secure intra-VM traffic among hosted machines within VMware ESX servers.
System Specifications
| Hardware Specifications1 | S1104 | S2008 | S3008 | S4016 | S5032 | S6032 | S7032-XX |
|---|---|---|---|---|---|---|---|
| Form factor | Small 1U | 1U | 1U | Enterprise 1U | Enterprise 2U | Enterprise 2U | Enterprise 2U |
| Unlimited user licenses | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Recommended users | 200 | 300 | 600 | Med–Large3 | Med–Large3 | Large3 | Large3 |
| RAID | N/A | N/A | N/A | Yes | Yes | Yes | Yes |
| Maximum network modules | N/A | N/A | N/A | 1 | 3 | 3 | 24 |
| 1 Gb copper interfaces (base/max) |
4 | 8 | 8 | 8/16 | 8/32 | 8/32 | 8/164 |
| 1 Gb fiber interface option (max) | N/A | N/A | N/A | 8 | 24 | 24 | 84 |
| 10 Gb fiber interface option (max) | N/A | N/A | N/A | 6 | 18 | 18 | 44 |
| Encrypted filtering acceleration | N/A | N/A | Integrated | Integrated | Integrated | Integrated | N/A |
| Out of band management (status, temp, voltage, on/off, etc) |
Serial Console Only | Serial Console Only | Yes | Yes | Yes | Yes | Yes |
| Regulatory compliance | BSMI (Taiwan), MIC/KCC (Korea), C-Tick (Australia/NZ), VCCI (Japan), FCC (U.S.), UL (U.S.), CSA (Canada), ICES (Canada), CE (EU), GOST R (Russia), CCC (China), SABS (South Africa), IRAM (Argentina), NOM (Mexico) | ||||||
| Performance1 | |||||||
| Firewall performance (max)2 | 750 Mbps | 2.0 Gbps | 4.0 Gbps | 9.0 Gbps | 12.0 Gbps | 15.0 Gbps | 12.0 Gbps |
| Threat prevention2 | 250 Mbps | 1.0 Gbps | 2.0 Gbps | 3.0 Gbps | 5.0 Gbps | 6.0 Gbps | 5.0 Gbps |
| McAfee AppPrism2 | 250 Mbps | 1.0 Gbps | 2.0 Gbps | 7.5 Gbps | 10.0 Gbps | 12.0 Gbps | 10.0 Gbps |
| Concurrent sessions2 | 200,000 | 500,000 | 750,000 | 1,500,000 | 3,000,000 | 4,000,000 | 3,000,000 |
| New sessions per second2 | 5,000 | 15,000 | 20,000 | 35,000 | 50,000 | 70,000 | 50,000 |
| IPSec VPN throughput (AES)2 | 60 Mbps | 250 Mbps | 350 Mbps | 400 Mbps | 450 Mbps | 500 Mbps | 450 Mbps |
| IPSec VPN max # of tunnels2 | 250 | 1,000 | 2,000 | 4,000 | 8,000 | 10,000 | 8,000 |
| Dimensions, weight, environmental | |||||||
| Width | 16.9 in 42.93 cm |
16.9 in 42.93 cm |
16.9 in 42.93 cm |
17.2 in 43.8 cm |
18.9 in 48.04 cm |
18.9 in 48.04 cm |
18.9 in 48.04 cm |
| Depth | 8.5 in 21.59 cm |
28.0 in 71.12 cm |
28.0 in 71.12 cm |
24.4 in 61.87 cm |
30.0 in 76.21 cm |
30.0 in 76.21 cm |
30.0 in 76.21 cm |
| Height | 1.7 in 4.32 cm |
1.7 in 4.32 cm |
1.7 in 4.32 cm |
1.7 in 4.32 cm |
3.4 in 8.71 cm |
3.4 in 8.71 cm |
3.4 in 8.71 cm |
| Weight | 10.93 lbs 4.96 kg |
25 lbs 11.34 kg |
25 lbs 11.34 kg |
22 lbs 9.98 kg |
40 lbs 18.14 kg | 40 lbs 18.14 kg | 40 lbs 18.14 kg |
| Power supply details | 100 W 110/220 V |
350 W 110/220 V |
350 W 110/220 V |
Dual 400 W 110/220 V |
Dual 750 W 110/220 V |
Dual 750 W 110/220 V |
Dual 750 W 110/220 V |
| Operating temperature | 10ºC–35ºC 50ºF–95ºF |
10ºC–35ºC 50ºF–95ºF |
10ºC–35ºC 50ºF–95ºF |
10ºC–35ºC 50ºF–95ºF |
10ºC–35ºC 50ºF–95ºF |
10ºC–35ºC 50ºF–95ºF |
10ºC–35ºC 50ºF–95ºF |
1. All specification and performance results are based on the S-series of appliances.
2. V8 performance data represents the maximum capabilities of the systems as measured under optimal testing conditions. Deployment and policy considerations may impact performance results.
3. Please contact your McAfee representative to determine proper sizing for your needs.
4. Maximum of 2 network modules supported (of any type), maximum of one 10 Gb network module supported
(with a maximum of 4 transceivers populated).
Demos / Tutorials
Quick Tips for Firewall Enterprise
Learn more about the features of McAfee Firewall Enterprise, including rule creation and web application protection, in this Quick Tips video series.
Customer Stories
Ameresco
Ameresco protects remote plants with McAfee UTM Firewall.
Highlights
- Remote operation saved hundreds of hours each year
- Firewall-to-firewall IPSec VPN tunneling enabled secure multilocation data exchange
- Simple GUI and excellent uptime performance made part-time security officer a reality
Baptist Health
Baptist Health protects patient data and enforces internal Internet-use policies with McAfee Firewall Enterprise and McAfee SmartFilter, keeping employees productive and compliant.
Highlights
- McAfee Firewall Enterprise secured the network, including critical business applications
- McAfee SmartFilter allowed enforcement of Internet usage policy, ensuring efficient and productive web access from users on the inside
County of Orange, California
Comprehensive McAfee web and email security solutions help County of Orange dramatically reduce spam levels and lower email administration costs.
Highlights
- Provided unified threat management and integration between all security products, enabling an end-to-end solution with enterprise-class security
- Correctly identified 97% of email as spam and dropped it at the edge of the network
Frontier Airlines
McAfee provides a secure, reliable, and scalable network to fast-growing Frontier Airlines.
Highlights
- Secured a scalable, manageable enterprise firewall solution
- Defended against all known and unknown threats, both inbound and outbound
- Implemented greater control over network and application traffic both within the core network and at remote locations
Major Urban Utility Company
For more than a decade, a major urban utility has utilized McAfee Firewall Enterprise Edition to protect critical control systems.
Highlights
- Allowed Independent Systems Operator (ISO) networks to interconnect without jeopardizing the control network
- Conducted vulnerability tests and confirmed that McAfee Firewall Enterprise Edition cannot be penetrated
- Permitted patches and upgrades to be delayed without a risk to security
- Ensured the ability to add a new rule in minutes
MidWestOne Financial Group
McAfee Firewall Enterprise, McAfee Web Gateway, and McAfee Email Gateway provide the foundation for MidWestOne’s Internet security strategy.
Highlights
- Comprehensive inbound threat protection and outbound data loss prevention for 250 email users
- Strong antivirus protection for 550 desktops and laptops
- Centrally managed security infrastructure through “single pane of glass” with McAfee ePO software
- Significantly reduces helpdesk calls for spyware infections by half
- Creates an improved standing with auditors and regulators
NYC Department of IT and Telecommunications
NYC Department of IT and Telecommunications uses McAfee for for vulnerability management, endpoint encryption, and other areas of security functionality.
Highlights
- Increased protection with a savings of $18 million
- Provided centralized control across highly distributed IT environment
PlantCML
McAfee Firewall Enterprise prepares PlantCML to defend against new threats in the next generation of 911 VoIP-based call centers.
Highlights
- Protected critical emergency service infrastructures from possible sabotage
- Secured unbreakable protection for the next generation of IP-based emergency call centers
- Established secure connections between customers and the network operations center
Public Utility District, United States
McAfee strengthens the network perimeter for this large public utility district.
Highlights
- Prevented 30,000 – 50,000 unwanted emails from entering the network each day
- Increased user productivity without jeopardizing security
- Provided strong security for both corporate IT and critical infrastructure networks
- Protected against blended Internet and insider threats
- Improved efficiency for the IT department, reducing administration, overhead, and costs
SIM University
SIM University uses McAfee Firewall Enterprise to protect its data center.
Highlights
- Provide a multilayered defense against security threats
- Amplify network bandwidth and dramatically improve throughput
- Increase availability of learning management system to more than 99.9 percent
- Free up IT administration time of security staff
News / Events
News
- Security Leaders McAfee and CloudShield Deliver High-Assurance Firewall on Trusted Platform to Bolster Perimeter Defenses
October 17, 2012
McAfee Firewall Enterprise deployed on the CloudShield CS-4000 platform delivers trusted security for your mission critical networks. - McAfee Strengthens Partnership With Crossbeam Through Resale Agreement To Secure High Assurance and High Performance Networks
February 6, 2012Topics : Network Security
- McAfee Named Finalist in 11 SC Magazine 2012 Awards Categories
November 17, 2011Topics : Mobile Security
- Crossbeam and McAfee Partner to Deliver Security Solutions to Government and Large Enterprises
October 11, 2010Topics : Network Security
- McAfee, Inc. Unveils Next-Generation Firewall Solutions; Provides Application and Identity Controls
April 29, 2010Topics : Network Security
- McAfee and Riverbed Partner to Deliver Comprehensive WAN Optimization and Multilayer Security in a Single Appliance
April 6, 2010Topics : Network Security, Endpoint Protection
- McAfee Offers Guidance and Protection as China-Linked Google Cyberattack Continues to Unfold
January 17, 2010Topics : Endpoint Protection
Events
No results foundOn Demand
- Strategic Directions for Network Security
On Demand Webcast
Resources
McAfee Firewall Enterprise on CloudShield
For a technical summary on the McAfee product listed above, please view the product data sheet.
McAfee Firewall Enterprise
For a technical summary on the McAfee product listed above, please view the product data sheet.
McAfee Firewall Management
For a technical summary on the McAfee product listed above, please view the product data sheet.
McAfee Firewall Enterprise for Crossbeam
For a technical summary of McAfee Firewall Enterprise which runs on Crossbeam platforms, please view the product data sheet.
McAfee Firewall Enterprise — Army Information Assurance Approved Products List
For a technical summary on the McAfee product listed above, please view the product data sheet.
Solution Briefs
White Papers
Community
Forums
McAfee Communities : All Content - Firewall Enterprise (Sidewinder)
- VPN-tunnels Site 2 Site Creation / troubleshooting
7 hours ago - 3 posts - multiple configuration management
15 hours ago - 1 Post - Sidewinder - Standby Unit - iptraffic
2 days ago - 2 posts - Logon Collector in Terminal-Server/Citrix environments
2 days ago - 3 posts - Email Alerts
3 days ago - 2 posts
Blogs
- With New Windows OS, the Key is Staying One Step Ahead
Pat Calhoun - October 26, 2012
I love new technology probably more than I love beer – and I love beer. When I hear rumor of new tech products coming out or even updates to existing solutions, I get really energized. I mean, we live in a world where so many problems can be solved with technology and the resulting opportunities Read more... - Can you see what I’m saying about McAfee Firewall Enterprise?
Pat Calhoun - September 25, 2012
This video blog was necessary for me to share my sincerity about McAfee’s long-term commitment to our firewall business. I wanted customers and partners to hear and see me clearly state that the rumors about the end of life announcement for McAfee Firewall Enterprise solutions are completely untrue. McAfee did not announce the end of Read more... - A Firewall is not an IPS – Even if it is Next Generation
Pat Calhoun - March 29, 2012
At my core, I’m a technologist. So, sometimes when I hear certain marketing buzz words, I cringe. But there is one term that Gartner analysts have coined that actually makes sense in a world of technology that is changing so quickly and profoundly that simple version numbers cannot capture the advancements. The term is “Next Read more... - Is Your Firewall Making You Less Secure?
Archive - October 28, 2010
Gartner estimates that 65% of all successful cyberattacks exploit misconfigured systems. With hundreds or even thousands of rules installed on most enterprise firewalls there is a serious risk that vulnerabilities are being masked behind the complexity of the firewall rule base. Obsolete, overlapping, or misconfigured rules are often exploited to give attackers access to sensitive Read more... - McAfee Firewall Enterprise V8: Virtualization Q&A + New Resources
Archive - June 30, 2010
The McAfee channel team has recently been approached with some follow up questions surrounding the McAfee Firewall Enterprise V8 announcement; specifically regarding the performance and functionality differences between Firewall Appliance and Firewall Virtual Appliance. Please see below for the captured Q&A.