Overview The McAfee Security Information Event Management (SIEM) solution provides real-time visibility to all activity on your systems, networks, database, and applications. The solution is composed of the following components: McAfee® Enterprise Security Manager (McAfee ESM) - serves as the foundation of McAfee's SIEM solution and provides: Analyst-centric dashboards, reports, views, rules, and alerts Prepackaged configurations (called content packs) for common security use cases (such as alarms, views, reports, variables, and watch lists) Predefined dashboards, audit trails, and reports for global regulations and control frameworks Customizable compliance reports, rules, and dashboards McAfee® Event Receiver - collects, parses, and normalizes large amounts of raw security data McAfee® Enterprise Log Manager (ELM) - provides long-term storage of raw logs for compliance purposes McAfee Enterprise Log Search (ELS) - provides quick access to raw logs for forensic purposes McAfee® Advanced Correlation Engine (McAfee® ACE) - correlates parsed data to identify trends and suspicious activity McAfee® Application Data Monitor (ADM)- monitors unencrypted layer seven session data to identify suspicious activity at the application and protocol level McAfee® Database Event Monitor - monitors and tracks database transactions to identify suspicious activity happening in the database communication on the network
Overview The McAfee Security Information Event Management (SIEM) solution provides real-time visibility to all activity on your systems, networks, database, and applications. The solution is composed of the following components: McAfee® Enterprise Security Manager (McAfee ESM) - serves as the foundation of McAfee's SIEM solution and provides: Analyst-centric dashboards, reports, views, rules, and alerts Prepackaged configurations (called content packs) for common security use cases (such as alarms, views, reports, variables, and watch lists) Predefined dashboards, audit trails, and reports for global regulations and control frameworks Customizable compliance reports, rules, and dashboards McAfee® Event Receiver - collects, parses, and normalizes large amounts of raw security data McAfee® Enterprise Log Manager (ELM) - provides long-term storage of raw logs for compliance purposes McAfee Enterprise Log Search (ELS) - provides quick access to raw logs for forensic purposes McAfee® Advanced Correlation Engine (McAfee® ACE) - correlates parsed data to identify trends and suspicious activity McAfee® Application Data Monitor (ADM)- monitors unencrypted layer seven session data to identify suspicious activity at the application and protocol level McAfee® Database Event Monitor - monitors and tracks database transactions to identify suspicious activity happening in the database communication on the network