Stonesoft firewalls were acquired and rebranded as McAfee Firewall Enterprise (MFE), then divested by McAfee and acquired by Forcepoint in 2016, and have reached end of life (EOL).
N/A
Trellix Endpoint Security ENS
Score 8.5 out of 10
N/A
Trellix Endpoint Security (ENS) solutions apply proactive threat intelligence and defenses across the entire attack lifecycle to keep organizations safer and more resilient.
Any scenario where a dedicated firewall administrator is on staff and a secure firewall solution that requires high availability is needed will be a good solution for the McAfee Firewall Enterprise product. The McAfee Firewall Enterprise however comes with some of its own parlance that is different from other vendors and does require some comfort on the administrators side when it comes to working in the command line. Added knowledge of protocols and how they interact is a must for any firewall admin but particularly for the McAfee Firewall Enterprise product due to its flexible nature. If the environment is to be mostly hands off where a very limited rule set is to be configured and not likely to change often, I would defer to a different product
It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.
Based on the SecureComputing Sidewinder firewalls, the McAfee Firewall Enterprise does similar backend containerization of each service which provides for added security in the unlikely event of failures or breeches.
Tie in reporting services (if used by the admin) provide very granular details on rules accessed and the firewalls response to the requests.
Configurable options are plentiful. Unbound DNS can be configured on each "burb" (SecureComputing/McAfee parlance for interface), similar options for sendmail while rulesets can be configured at the application level down to simple IP-filter making options for enhancing security as well as troubleshooting equally as useful.
Full control over shell for scripting and/or scheduling (cron) purposes.
Solid HA and patching architecture.
Support was always helpful, knowledgeable and insightful (especially the staff that migrated from SecureComputing).
For an application-layer firewall the applications supported (at the time I managed them) were too few and would need to be expanded and the application ruleset needed to be expanded as well.
The remote access VPN client configuration was overly complex for the average user and would need to be supplemented with a configuration file that had already been generated. Other solutions from CheckPoint or Cisco ASA are not as complex for end user remote access.
Enhancing the GUI with a builtin "packet capture" feature would be useful for administrators not familiar with tcpdump.
The amount of false detections especially the negative ones needed to be reduced.
It requires more optimization. It tends to make the PCs slower.
It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable.
It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes.
The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.
Compared to other firewalls I've managed (Palo Alto, Cisco ASA & CheckPoint) I would say that McAfee Firewall Enterprise was probably at the time not the leader in its field however it is a product that proved its reliability and flexibility over the other vendors. The addition of many new features usually comes as a detriment to some other area (restricted CLI, decreased logging etc.). In my experience this product gave the flexibility and options that the organization needed.
Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage
In its highly available configuration the impact on any business objective has been positive given the fact that any downtime of the firewall would negatively impact all business objectives.
From an auditing standpoint, we can show that our workstations/servers are protected.
Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise.
Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection.
