The new personal firewall software, designed to secure enterprises and remote users, features bi-directional IDS functionality capable of logging or blocking traffic from a suspicious source, as well as pinpointing IP spoofing - a common feature of DoS (denial-of-service) attacks, Jacqueline Bury, product marketing manager for McAfee Security, said.
Bury said that once intrusions are detected, the information is sent directly to ePolicy Orchestrator, McAfee's single-console antivirus management tool. Reports generated are then capable of helping security administrators determine the severity of the attack and build appropriate firewall policies to protect the network.
According to Eric Hemmendinger, research director of information security for Aberdeen Group, solutions such as the updated McAfee Desktop Firewall will be highly sought by customers that wish to build an integrated rules-based policy engine and complement antivirus protection by stopping attacks slipping through the cracks, including Trojans, microbes, malware, and zombies.
"Every enterprise has [antivirus measures] deployed in some way shape or form, but that doesn't mean they have the virus problem licked," Hemmendinger said. "[End-users] are now worried about what happens to things you may think of as viruses and can do some similar things but can't be spotted, detected, or mitigated. Antivirus solutions cannot provide 100% coverage."
McAfee Desktop Firewall 7.5 includes Smart Rules and Learning Mode, features that allow IT managers to track activities and construct policies based on the behaviour of IP addresses, ranges, protocols, subnets, and application-specific rules for inbound and outbound traffic. Policy lockdowns and updates are transparently transmitted to users, according to Bury.
The software is available for Microsoft Windows 98 SE, ME, NT 4.0, and 2000 platforms.