Loading...

Knowledge Center


Comparison of Endpoint Security Firewall features supported by Endpoint Security for Mac Firewall 10.5 and Endpoint Protection for Mac 2.3.0 (Desktop Firewall)
Technical Articles ID:   KB89124
Last Modified:  7/22/2018

Environment

McAfee Endpoint Protection for Mac (EPM) 2.3.0
McAfee Endpoint Security for Mac (ENSM) Firewall 10.5.x

macOS X 10.13.x, 10.12.x, 10.11.x, 10.10.x, 10.9.x, 10.8.x, and 10.7.x

Summary

The following table shows the supported Firewall features for ENSM 10.5.x and EPM 2.3.0.

NOTES:
  • EPM Firewall is the legacy version of ENSM Firewall and is managed by the Host Intrusion Prevention ePO extension. The grouping of the features in the table, for comparison, is based on the ENS extension and might not match the Host Intrusion Prevention policies.
  • Newer versions of macOS are supported only by ENSM and not EPM. Customers running EPM Firewall must consider migrating to ENSM.
 
Feature Feature options EPM ENSM
Options policy
Firewall Enable Firewall Yes Yes
Protection Options Allow traffic for unsupported protocol
Allow only outgoing traffic until Firewall services have started
Allow bridged traffic
Enable Firewall intrusion alerts
No No
Tuning Options Enable Adaptive mode (create rules on the client automatically)  Yes Yes
Disable McAfee Core Networking Rules No No
Retain existing user added rules and adaptive mode rules when this policy is enforced Yes Yes
Log all blocked traffic No No
Log all allowed traffic No No
McAfee GTI Network Reputation Treat McAfee GTI match as intrusion
Log matching traffic
Block all untrusted executables
Incoming network-reputation threshold
Outgoing network-reputation threshold
If McAfee GTI ratings server is not reachable
No No
Stateful Firewall Use FTP protocol inspection Yes Yes
Number of seconds (1–240) before TCP connections time out Yes Yes
Number of seconds (1–300) before UDP and ICMP echo virtual connections time out Yes Yes
Firewall Status Control Allow users to disable Firewall from the McAfee system tray icon No No
Require justification from users when managing Firewall from the McAfee system tray icon No No
DNS Blocking Domain Name Yes Yes
Defined Networks Add Defined Network Yes1 Yes1
Trusted Executables Add (Name, File Path, Fingerprint, Signature, actions) No No
Rules policy
Add Rule
Description Name Yes Yes
Status Yes Yes
Allow Yes Yes
Block Yes Yes
Treat match as intrusion No Yes
Log matching traffic Yes Yes3
Direction Yes Yes
Notes No No
Networks Any protocol Yes Yes
IP protocol - IPv4 Yes Yes
IP protocol - IPv6 No No
Non-IP protocol No No
Connection types Yes Yes
Specify networks - Add local and remote Yes1 Yes1
Transport All Protocols Yes Yes
ICMP Yes Yes
ICMPv6 No No
TCP Yes Yes
UDP Yes Yes
Other No No
Applications Application association No No
Schedule To associate schedule with rule No No
Add Group
Description Name Yes Yes
Status Yes Yes
Direction Yes Yes
Notes No No
Location Enable location awareness Yes Yes
Name Yes Yes
Enable connection isolation No No
Require that ePolicy Orchestrator be reachable Yes Yes
Location criteria - Items in the drop-down Yes Yes2
Registry key No No
Networks Any protocol Yes Yes
IP protocol - IPv4 Yes Yes
IP protocol - IPv6 No No
Non-IP protocol No No
Connection types Yes Yes
Specify networks - Add local and remote Yes1 Yes1
Transport All Protocols Yes Yes
ICMP Yes Yes
ICMPv6 No No
TCP Yes Yes
UDP Yes Yes
Other No No
Applications Application association No No
Schedule To associate schedule with group No No
Server Task
Firewall Property Translator Process properties received from client and convert them into rules Yes Yes

1   IPv6 options are not supported on Mac.
2   ENSM supports Domain reachability.
3   In ENSM, in addition to the log file entry, an ePO event is also generated.

Rate this document

Languages:

This article is available in the following languages:

English United States
Spanish Spain
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.