Professional Documents
Culture Documents
Ds Siem Solutions From Mcafee
Ds Siem Solutions From Mcafee
hundreds of out-of-the box dashboards, audit a variety of collection methods, including passive
trails, and reports for more than 240 global log collection, authenticated log collection,
regulations. Additionally, pre-defined advanced CEF, OPSEC, SDEE, XML, ODBC, and encrypted
correlation rules can automate workflows for collection validated to FIPS 140-2 Level 2. The
achieving and maintaining compliance. McAfee Event Receiver is offered as part of an all-
in-one SIEM event collection and management
McAfee Enterprise Log Manager for log solution or as part of a fully distributed event
storage and management collection deployment using dedicated McAfee
McAfee Enterprise Log Manager efficiently Event Receiver appliances, which are rated
collects, compresses, signs, and stores all for several thousand to tens of thousands of
original events with a clear audit trail of activity events per second. Deployment models support
that cant be repudiated. Security events are redundancy for continuity of data collection.
collected and linked directly to the original
record stored on McAfee Enterprise Log
Manager, enabling one-click access for event Optional Solutions for Deeper Insights
management, forensic investigations, and McAfee Advanced Correlation Engine for
compliance monitoring. McAfee Enterprise additional, dedicated correlation
Log Manager accommodates different log McAfee Advanced Correlation Engine provides
management needs via flexible storage pools SIEM solutions from McAfee with a dedicated
spanning local or remote storage devices and engine to analyze large volumes of event
configurable retention periods. data. The purpose-built, high-performance
engine houses four correlation types, including
McAfee Event Receiver for scalable log collection rule-based, risk-based, standard deviation,
McAfee Event Receiver appliances are and historical, for a real-time look at a broad
responsible for the collection of event and spectrum of threats against high-value assets,
flow information from hundreds of third-party sensitive data, or by privileged users. Preloaded
devices, including firewalls, intrusion prevention with hundreds of correlation rules and
system (IPS) devices, unified threat management dashboards, the McAfee Advanced Correlation
(UTM) solutions, switches, routers, applications, Engine appliance allows for easy customization
servers and workstations, identity and of existing rules and provides an easy-to-use
authentication systems, vulnerability assessment drag-and-drop interface to create new rules.
scanners, and more. McAfee Event Receiver uses
McAfee Application Data Monitor for Security Connected across the IT infrastructure
application layer inspection Integration across security and compliance
As threat activity moves up the stack, the McAfee solutions delivers more than the individual
Application Data Monitor appliance takes solutions alone and enables an unprecedented
security and compliance beyond security event level of real-time visibility into your security
management by monitoring all the way to the posture. While SIEM solutions from McAfee collect
application layer. This fully integrated McAfee valuable data from hundreds of types of security
appliance decodes the application sessions vendors devices, McAfee Enterprise Security
and provides analysis from the underlying Manager also offers active integration with McAfee
protocols and sessions into the content of the products and third-party solutions via a rich set
application itself (such as the text of an email of interfaces. Examples of McAfee product family
or its attachments). This level of detail allows connections include McAfee ePolicy Orchestrator
in-depth analysis of application usage, while also (McAfee ePO) software for policy-based
enabling validation of application use policies management, McAfee Network Security Manager
and detecting malicious or covert traffic. for intrusion prevention, and McAfee Vulnerability
Manager for vulnerability scanning and
McAfee Database Event Monitor for database remediation. SIEM solutions from McAfee leverage
transaction visibility
these integrations for making policy changes at
McAfee Database Event Monitor for SIEM the endpoint, quarantining suspicious systems
delivers non-intrusive visibility into database at the network, and gathering critical intelligence
transactions via detailed logging of databases through vulnerability scanningall from the
and applications, monitoring access to McAfee Enterprise Security Manager console.
sensitive data and with an understanding of
who is accessing your data and how. McAfee The Security Connected platform from McAfee
Database Event Monitor is fully integrated with provides a unified framework for hundreds of
McAfee Enterprise Security Manager to enable products, services, and partners to work with
database transactions for event correlation each other. With Security Connected solutions,
usage and includes predefined rules, reports, such as SIEM, security teams can view context-
and privacy-friendly logging features to specific data in real time, offering immediate
make compliance regulations management visibility into your organizations infrastructure-
easy while helping you strengthen your wide security posture and enabling optimized
organizations overall security posture. response times, from discovery to remediation.
1. Winner of 2014 SC Magazine Reader Trust Award for Best SIEM Solution.
McAfee. Part of Intel Security. Intel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee, the McAfee logo, ePolicy Orchestrator,
2821 Mission College Boulevard and McAfee ePO are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries. Other marks and brands may
Santa Clara, CA 95054 be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change
888 847 8766 without notice, and are provided without warranty of any kind, express or implied. Copyright 2014 McAfee, Inc. 61244ds_siem-family_0914_fnl_ETMG
www.intelsecurity.com