Data Sheet

McAfee Security Management Center

Unified management for next-generation devices

Key advantages:
Single pane of glass across
the management lifecycle for
McAfee next generation devices.
Scalability for large and
distributed installations.
Workflow automations for
accurate and fast deployment
and maintenance.
Situational awareness and
visibility for the entire network.

Unified Network Security Management

The McAfee Security Management Center forms
the core of our security solution, providing unified
network security management for the McAfee
Next Generation Firewall, McAfee Firewall/VPN,
and McAfee Next Generation Firewall in IPS mode.
In addition to managing McAfee next-generation
devices, the McAfee Security Management
Center also provides event management, status
monitoring, and reporting capabilities for thirdparty devices. By collecting all of this information
in one centralized system, administrators can get
a complete overview of what is occurring in their
environment.
The McAfee Security Management Center
includes at least one management server and one
log server that can be installed either on the same
or separate servers. The management client is
the graphical user interface used for configuring,
managing, and monitoring the entire system.
Optionally, the McAfee Security Management
Center solution can be extended by adding
additional management and log servers and
web portal servers.
The McAfee Security Management Center is
designed to manage large, geographically
distributed installations. It is flexible and allows
you to scale up current components and add new
components to the system without sacrificing
ease-of-use. The larger the environment, the
greater the benefits you gain through the efficient
policy management, centralized monitoring,

and reporting capabilities the McAfee Security

Management Center provides. The administration
workflows are optimized to make daily security
management as efficient as possible.
McAfee Security Management Center High
Availability enables you to build an extremely
resilient management infrastructure, ensuring
continuous access to the management and
log resources. When using the high availability
option, administrators have full control of the
security devices even if the primary management
server is unavailable. Log server high availability
ensures that logs and alerts are received even if
the primary log server is unavailable. With McAfee
Security Management Center High Availability
licenses, you ensure that maintenance of the
management or log server does not cause any
interruptions in business traffic.
The McAfee Security Management client provides
all relevant security management tools and
functions in the same unified graphical user
interface. Configuration, monitoring, logging,
status information, alerts, reports, updates, and
upgrades can be managed centrally for all devices,
regardless of their physical location. All these tools
have been designed to work seamlessly together
from day one. The McAfee Security Management
client provides administrators with shortcuts and
drill-down actions for effective management of
the whole security environment.

McAfee Security Management Center specifications

Management Server
Number of Managed Devices

License is limited: 2 to 2,000

nodes with one management
server.

Number of Administrators

Unlimited

Number of Elements

Unlimited

Number of Policies

Unlimited

Number of Log Servers

Unlimited

Number of Web Portal Servers

Unlimited

Administrator Authentication

Local database, RADIUS

Device Connections

SSL-encrypted

Log Server
Number of Supported Devices

Unlimited

Log Records per Second

The high-performance logging

system is able to process more
than 100,000 records/s

Device Connections

SSL-encrypted

Log Storage Size

Unlimited

Number of Log Forwardings per

Log Server

Unlimited

Figure 1. Unified management for different installation,

types, and roles.

Features
General

Administration

Management Client

Java-based client program with

Webstart support

SMC API

Simultaneous Administrators

Alert Escalations

Documented API enabling

easy third-party product and
service integration. Uses REST
architecture where data can be
XML or JSON coded.

Allows administrator to forward

alerts from the system using
email, SMS, SNMP trap, and
custom scripts

Alert Thresholds

Automatic alert thresholds for

overview statistics

Audit Logs

Several administrators can

perform changes at the same
time. Critical elements like
policies are locked for editing.

Extensive audit information

about all changes in the system

System Reports

Inventory and audit reports

about administrators activities

Plug and Play Installation

Automatic installation: cloud

(or USB stick)-based installation
with initial policy push

Automated tasks

Refresh policies; archive, export,

and delete logs; make backups
with automated tasks

Domains

Allows you to divide

environment to isolated
configuration domains

Import/Export

XML and CSV export and import

with intelligent conflict handling
between McAfee Security
Management Center installations

Messenger Tool

Integrated administrator
messaging tool

Remote Upgrades

One-click fail-safe remote

upgrade

Roles-Based Access Control

Flexible and accurate

administrators permission
control

License Management

Automatic online license

updates and maintenance
contract status reports

Troubleshooting Tools

Extensive remote diagnostic

capabilities: integrated traffic
capture tool, diagnostics,
configuration snapshot
download from next-generation
firewall, session monitoring
views

High Availability

Support for up to four standby

management servers.

Automatic Updates and Upgrades

Management automatically
downloads the latest nextgeneration firewall upgrades
and dynamic updates

Backups

Integrated backup tool for

taking backups from the
whole system, including
all next-generation firewall
configurations

Navigation

Intuitive browser-like navigation

with browsing history, tabs, and
bookmarks

Search Tools

Efficient element and references

search tools

Quick Filtering

Convenient type-ahead filtering

in element lists, tables, and
policy cells

Multi-Selection support

Perform actions and commit

changes to hundreds of
elements at the same time

System Clean Up Tools

Enables administrator to easily

find which elements and rules
are not used

Customer | Helpdesk

Web Portal

Administrator

Management Client
Web Portal
Server

Management
Server

Log
Server

Security
Management
Center (SMC)

3rd Party Device

NGFW

NGFW

NGFW

NGFW

Figure 2. Key components in McAfee Security Management Center architecture.

Policy Management

Configuration

Virtual Contexts

Share same master context

across several McAfee Security
Management Center domains;
to up to 250 virtual contexts
that can each have their own
policies and routing tables

Hierarchical Policy Management

Policy templates, sub-policies,

aliases, and rule comment
sections keep the policy
organized and understandable

Authentication Server

McAfee Security Management

Center server provides
four RADIUS-based strong
authentication methods
and automatic user linking
capabilities for existing AD/
LDAP server

Routing

Drag-and-drop routing
configuration for the firewalls

Automatic Anti-spoofing

Anti-spoofing configuration is
created automatically based on
routing

VPN Management

Easy-to-use VPN editor and

VPN diagrams that reveal the
underlying topology

Application Identification

Ability to identify applications

by pay- load and restrict access
accordingly

URL Filtering

Restrict access by URL categories

Domain Names

Restrict access dynamically by

using domain names

Incident Case Management

User Identification

Create user-based rules either

with or without authentication

Integrated tools for collaborative

network incident management

Firewall Element Creation Wizard

Zones

Physical interfaces can be

tagged with zones and referred
in the policies

Create hundreds of firewall

elements through a firewall
creation wizard

Quality of Service (QoS) Policies

QoS class-based policy

configuration

Browser-Based User
Authentication

Configure and customize an easy

browser-based authentication
service for yourusers

NAT

Default NAT
Element based NAT
NAT policies

Policy Validation Tool

Helps administrator to find configuration mistakes before policy

activation

Policy Snapshots

Allows you to explore and

compare next-generation
firewalls configuration history

Policy Restoration

A previous policy version can be

re- covered and uploaded to the
next-generation firewall

Rule Usage Optimization

Tool

Enables administrator to see

how many times each rule has
matched within a specified time
period

Rule Search Tool

Integrated tool for searching

rules in policies

Rule Names

Ability to create rule names

which are visible in logs,
statistics, and reports

Fail-Safe Policy Uploads

System automatically restores

the previous policy version in
case the new version fails

Figure 3. Policy Editor.

Figure 4: Real-time monitoring with customizable Overviews.

Status, Statistics, and Reporting

Logs

System Status Monitoring

Real-time status information

about network devices and their
connections

Appliance Status Monitoring

Graphically follow the hardware

status of the appliances

Networks Diagrams

Visualize configurations,
topologies, and status
connectivity with drawings

Session Monitoring

Dedicated views to monitor

connections, VPN SAs,
authenticated users, active
alerts, and dynamic and static
routes

Overviews

Customize dashboards of
network statistics for real-time
monitoring

Geolocations

See the country information for

all IP addresses with the help of
country flags and geolocation
statistics. See where network
attacks come from.

Reporting

Web Portal

Customize and schedule

reports that provide detailed
information about network
statistics

Log Browser

Common log browsing view for

all log data

Drag-and-Drop Filtering

Efficient log filtering; drag and

drop any log data cell to the
query panel

Log Statistics

Create log statistics on the fly

and see the top trends

Log Visualizations

Find the anomalies in logged

traffic in filterable log
visualizations

Log Aggregations

Summarize large amount of

filtered log data by any columns

Archiving

Archive logs in multiple

directories by using filtering

Backups

Integrated backup mechanism

for log server configuration and
log data

Log Exports

CSV, XML, CEF, LEEF, and

McAfee ESM log exporting; logs
can be also exported to PDF and
ZIP files directly from the log
browser

Log Forwarding

Real-time log redirection in

syslog, CEF, LEEF, XML, CSV,
IPFIX, NetFlow and McAfee
ESM formats; configuration for
filtering, data type, and log field
selection available

Log Data Contexts

Shortcuts to browse different

types of logs with dedicated
column sets

High Availability

Support for backup log servers

Lightweight web access to

policies, logs and reports

Third-Party Event Management

Third-Party Device Monitoring

Allows administrator to monitor

and view status changes in thirdparty device availability

Third-Party Device Log Reception

Log parsing and reception in

syslog format for third-party
devices. Out-of-the-box
support for CEF, LEEF, CLF,
and WELF format

NetFlow/IPFIX Reception

Ability to receive and consolidate

data in NetFlow v9 and IPFIX
formats

Third-Party Device Statistics

Graphical statistics and reports

based on third-party log data
and SNMP counters

Number of Supported Third-Party

Devices

200 per log server

Licensing

Each third-party device

consumes 0.2 from
management server license
device count

Key advantages:
Efficient usage of one network
for multiple customers and
organizations.
Highly granular and flexible
admin access rights including
domains.
Safe and optimized control and
management in multi-domain
environment.

McAfee Domains for Centralized Management of Customer Environments

to only the domains they control. MSSPs can also
Domains allow managed security service providers
provide their customers additional services by
(MSSPs) to easily manage different customer
giving them reliable and lightweight web portal
environments with a single management server.
access to reports, policy configurations, and logs.
Traditionally, MSSPs are challenged by the
administration and costs of managing multiple
Domains also simplify the management environ
servers for each domain. Now configurations can
ment significantly. Customer environments remain
be shared across domains, and administrators
clean and easy to manage, decreasing the risk of
can quickly make configuration changes and
human error. There is no need to see thousands
reuse configurations. The unique architecture
of network elements if they are irrelevant to the
of the McAfee Domain solution simplifies MSSP
context currently being managed. For this reason,
environments, making them easier to maintain.
McAfee Domains are not only useful for MSSP,
but also for large enterprises. Administrators can
With the McAfee Domain solution, administrators
can make sure customers network elements never split distributed environments into domains and
keep the environment well organized and easier to
get mixed up. Administrators responsibilities can
manage.
be accurately defined, and access can be limited

McAfee
Security Management
Center

Customer 1
Shared
Domain

Customer 2
Customer 3

Administrators
Define Administrator
responsibilities

Customer 1

Web Portal
Read-only Web Portal
access for customers
or local administrators

Figure 5: Logical layouts of the domains added.

McAfee Domains specifications

Domains
Specifications
Maximum Number of Domains

200

Number of Administrators

Unlimited

Number of Managed Devices

per Domain

Unlimited

Number of Elements per

Domain

Unlimited

Features
Configuration Separation

Isolate customer environments to different domains and make sure that customers network elements never get
mixed up

Configuration Sharing

Share elements such as policy templates for all domains

Access Control

Configure the administrators visibility and responsibilities with the help of domains

Monitoring

Monitor the status of all granted domains with the help of the domain overview

Customization

Customize the PDF style templates

Migration Tools

Move elements between domains with the integrated move-to tool

Import/Export

Import and export elements between different McAfee Security Management Center installations and domains

Virtual Contexts

Share the same master context across domain boundaries of up to 250 virtual contexts, which can each have
their own policies and routing tables

Key advantages:
Transparent network status
available for defined users.
Safe and scalable read-only
access to network security.
Up-to-date network information
and reports using standard web
browser.

McAfee Web Portal Server for Centralized Management of Customer Environments

almost any mobile device. Because of its excellent
MSSPs and large enterprises often need to give
accessibility, McAfee Web Portal is a convenient
their customers or remote offices access to the
tool for the administrators outside of office hours.
logs of their next-generation firewall without
Administrators may start troubleshooting network
actually granting them access to the management
issues with their mobile phone before returning to
server. The customers may also require the ability
the office to work with the management client.
to review the current configuration of their
next-generation devices to ensure that their
McAfee Web Portal can be easily customized
change requests have been implemented. Often
for different languages. English, Spanish, and
companies also need to provide daily, weekly, or
French language versions are provided by default.
monthly reports to certain stakeholders to keep
Administrators can also easily add new languages.
them updated about the status of their network.
McAfee Web Portal provides customers, remote
and local administrators, or management with
lightweight web-based access to view the logs,
scheduled reports, current policies, and the
policy change history of their environment.
Administrators can accurately define what
information is shown for McAfee Web Portal
users. Giving the local administrators or help
desk personnel read-only access to logs, current
configurations, and recent policy changes
significantly reduces the volume of support cases
and improves the quality of their change requests.
McAfee Web Portal does not require users to
install any software. Because McAfee Web Portal
is implemented in HTML, it can be used with

Figure 6. Web Portal clientless read-only access for e.g. end

customer or internal helpdesks.

McAfee Web Portal Server specifications

Specifications
Maximum Number of
Concurrent Users

250 per license

Number of Administrators

Unlimited

Number of McAfee Web

Portal Users

License limited

User Authentication

Management server database, RADIUS

Device Connections

SSL-encrypted

Features

2821 Mission College Boulevard

Santa Clara, CA 95054
888 847 8766
www.mcafee.com

Security Policies

View next-generation firewalls latest configurations in HTML format

Reports

View reports that are scheduled to be published in McAfee Web Portal in HTML format

Log Browsing

Browse and filter the logs in HTML format

Log Details

View log event visualizations and other log details in a separate HTML page

PDF Export

Print reports and logs to PDF documents

Announcements

Administrators can specify announcements to be shown in McAfee Web Portal

Policy Comparison

Compare the different next-generation firewall configuration versions to see if your change request has been
implemented

Localization

McAfee Web Portal can be easily translated to any language

Customization

Customize the look and feel of the McAfee Web Portal

McAfee and the McAfee logo are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other
countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are
provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied.
Copyright 2014 McAfee, Inc.
61041ds_smc_0414_fnl_ETMG