McAfee is working on advancements to its enterprise firewall appliances to add a new level of application and policy controls.
The enhancements will be around improving visibility, recognition and policy enforcement of over Web 2.0 applications invisible to conventional firewall technology, McAfee officials said. Leveraging McAfee's user-based activity monitoring and visualization capabilities, the new solution will allow administrators to correlate user and application information.
"While firewalls can identify and analyze various (types of) network traffic, some modern applications are often indistinguishable from others as they do not use a well known port number," said John Yun, director of product marketing at McAfee. "Applications such as Instant Messenger, file sharing and others use port-hopping which makes it difficult to accurately identify the application it's associated with."
"More and more modern applications use these techniques, which require security appliances to be increasingly intelligent," Yun continued. "Also, many applications have several sub-capabilities worth identifying. For example, Instant Messenger can have texting capability, video conferencing capability and file transfer capabilities among others. Firewalls may be required to take different actions based on these specific capabilities, which brings another level of complexity in accurately identifying application traffic."
With the new technology, McAfee hopes to enable its Firewall Enterprise offering to identify and control a broad range of Web applications. It will also leverage application intelligence from McAfee Avert Labs to provide deeper understanding of the risk associated with those applications. The product is slated to be ready next spring.
"Adding these new capabilities, backed by the researchers at McAfee Avert, sets us apart from the competition," said Dan Ryan, executive vice president and general manager of McAfee's Network Security business unit, in a statement. "McAfee Firewall Enterprise already provides comprehensive application threat and malware blocking, as well as industry-leading URL filtering and TrustedSource reputation-based blocking capabilities. Now, we're raising the bar to give customers an unprecedented level of application protection."