If you are using v8 I would suggest that the best route for you to follow is to download and install the McAfee Logon Collector (MLC) from their web site.
MLC is made up of two components a collector and a monitor. When installing in a small network environment, I believe the default installation will install both components onto the same machine. In larger environments you can install a single collector instance and then multiple monitors around the netowrk.
MLC monitors the user log in/log out events on the domain controllers and builds a table of users against IP addresses.
In the passive authenticator configuration on the Firewall you can then point it at the IP address of the MLC collector installation. The Firewall will now know this information, along with the user's domain group membership. You will then be able to create access control rules based on the user/group information provided by MLC and each rule can have its own application defense group assigned, each with its own assigned SmartFilter policy.