In an effort to help customers identify and isolate potential blended threats to their network infrastructure before damage can be caused, McAfee has unveiled McAfee Desktop Firewall 8 featuring a new quarantine capability.
The Desktop Firewall's quarantine mode could trap potential hidden hazards that took advantage of clients running out-of-date policies through hidden spyware or Trojans, said Tim Smitson, Solution Marketing Manager for McAfee, a division of Network Associates.
The desktop security product also included a new application monitoring feature that enabled administrators to enforce which application could run on a system without removing the local administrator rights. As an added benefit, the bolstered monitoring stopped malicious programs from "spoofing" or "hijacking" themselves onto legitimate applications by recognizing the original file's makeup.
Buoyed by enhanced integration with McAfee's control and enforcement tool ePolicy Orchestrator 3.0, quarantine policies affecting applications or local and remote network access could be set at an administrator's discretion. For instance, a remote user could be prevented from connecting to a network unless a secure backup mode is in place. In addition, certain parts of an application could be blocked from entering the network if code has been altered or tampered with, noted Smitson.
"It's preventing me from being able to do anything to the network, so effectively it's quarantining my system," said Smitson. "This is great for administrators trying [to avoid] problems with mobile users and the network environment connecting off the Internet. You have control of what that user does and doesn't do."
Smitson said the McAfee Desktop Firewall contained additional "minor tweaks" including the ability to update IDS signatures on a monthly basis which were previously hard coded, as well as the ability to set rules by domain name and enhanced rules learning.
McAfee Desktop Firewall is available now with cost depending on mode range.