Every admin loves his or her firewall, even if they no longer do the job, according to McAfee, which has overhauled its rather dry-sounding Enterprise Firewall with an important new feature.

This time it is different. The key to its wonderfulness, McAfee says, is a new feature that allows admins to spot and control any one of thousands of common applications.

Traditional firewalls carry out packet and protocol-based analysis, and many such products remain on the market. These can be supplemented by one or more types of web and application firewalls which monitor software ports at what is called in networking jargon, layer 7, mainly watching for attacks at that level.

McAfee’s Firewall Enterprise 8’s Profiler feature tries to relate the packets to real applications and, if necessary, real users generating the traffic inside the network. It also performs DNS monitoring.

The company claims it contains 1,000 application signatures within its database, and has the ability to spot certain types of app behaviour such as instant messaging and file transfer.

This apparently includes Skype, probably the most elusive application in existence, although McAfee was unable to explain precisely how this might be done. Once packets reach the firewall from Skype they will be so much encrypted mush, coming from any one a possible range of internal peers. Detecting these will be hard enough and content inspection impossible.

Apps that are spotted can be sent to ‘app prison’.

“The release of our next generation firewall is intended to disrupt a stagnant firewall market that has failed to keep pace with the threat landscape.  Last generation firewalls don’t effectively enforce relevant business policies and are simply too hard and expensive to manage,” said McAfee’s network security business VP, Dan Ryan.

McAfee Firewall Enterprise 8 can be installed as an appliance or virtually using VMware. The basic appliance costs $1,500 (approx £1,000), with add-on modules priced individually. Firewall Profiler costs $9,750 while Firewall Enterprise Control Center starts at $2,400.