In an effort to help customers identify and isolate potential blended threats to their network infrastructure before damage can be caused, McAfee on Monday unveiled McAfee Desktop Firewall 8 featuring a new quarantine capability.
The Desktop Firewall's quarantine mode can trap potential hidden hazards that take advantage of clients running out-of-date policies through hidden spyware or Trojans, said Tim Smitson, Solution Marketing Manager for McAfee, a division of Network Associates.
The desktop security product also includes a new application monitoring feature that enables administrators to enforce which application can run on a system without removing the local administrator rights. As an added benefit, the bolstered monitoring allows malicious programs from "spoofing" or "hijacking" themselves onto legitimate applications by recognizing the original file's makeup.
Buoyed by enhanced integration with McAfee's control and enforcement tool ePolicy Orchestrator 3.0, quarantine policies affecting applications or local and remote network access can be set at an administrator's discretion. For instance, a remote user could be prevented from connecting to a network unless a secure backup mode is in place. In addition, certain parts of an application can be blocked from entering the network if code has been altered or tampered with, noted Smitson.
"It's preventing me from being able to do anything to the network, so effectively it's quarantining my system," said Smitson. "This is great for administrators trying [to avoid] problems with mobile users and the network environment connecting off the Internet. You have control of what that user does and doesn't do."
Smitson said the McAfee Desktop Firewall contains additional "minor tweaks" including the ability to update IDS signatures on a monthly basis which were previously hard coded, as well as the ability to set rules by domain name and enhanced rules learning.
McAfee Desktop Firewall is available now with cost depending on mode range.