Utm Firewall Pci Appliance; Bridged Mode - McAfee SG310 Administration Manual

Introduction

UTM Firewall PCI appliance

• Online status LEDs (Online, Failover, High Availability)
• Ethernet link and activity status LEDs
The following are the environmental specifications:
• Front panel operating status LEDs: Power, H/B
• Operating temperature between 0° C and 40° C
• Storage temperature between -20° C and 70° C
• Humidity between 0 to 95% (non-condensing)
UTM Firewall PCI appliance
The UTM Firewall PCI appliance (SG640) is a hardware-based firewall and VPN server embedded in a
10/100 Ethernet PCI network interface card (NIC). It is installed into the host PC like a regular NIC,
providing a transparent firewall to shield the host PC from malicious Internet traffic, and VPN services to
allow secure remote access to the host PC.
Figure 3 UTM Firewall PCI appliance – SG640
Unlike other UTM Firewall desktop and rack mount appliances, a single UTM Firewall PCI appliance is not
intended as a means for your entire office LAN to be connected to, and shielded from the Internet.
Installing a UTM Firewall PCI appliance in each network-connected PC gives it its own independently
manageable, enterprise-grade VPN server and firewall, running in isolation from the host operating system.
This approach offers an increased measure of protection against internal threats, as well as conventional
Internet security concerns. You can update, configure and monitor the firewall and VPN connectivity of a
workstation or server from any Web browser. In the event of a breach, you have complete control over
access to the host PC independently of its operating system, even if the host PC has been subverted and is
denying normal administrator access.
All network filtering is handled entirely by the UTM Firewall appliance. This has the advantage over the
traditional approach of using a host-based personal software firewall and VPN service by not taxing the host
PC's resources.

Bridged mode

By default, the PCI appliance operates in bridged mode. This is distinctly different from the masquerading
behavior of UTM Firewall desktop and rack mount appliances.
In bridged mode, the PCI appliance uses two IP addresses. Note that these addresses are both in the same
subnet as the LAN, as no masquerading is being performed.
Note: It is possible to configure the UTM Firewall PCI appliance to run in masquerading mode. For more
information, refer to Masquerading page.
One IP address is used to manage the UTM Firewall appliance via the Management Console. The other is the
host PC's IP address, which is configurable through the host operating system, identically to a regular
Network Interface Card (NIC). This is the IP address that other PCs on the LAN see. It should be
dynamically (DHCP) or statically configured to use the same gateway and DNS settings as a regular PC on
the LAN.
McAfee UTM Firewall 4.0.4 Administration Guide 15