Overview

As the foundation of the McAfee Security Information Event Management (SIEM) solution, McAfee® Enterprise Security Manager (McAfee ESM) gives you real-time visibility to all activity on your systems, networks, database, and applications.

Add McAfee devices to increase the power of McAfee ESM:

  • McAfee® Event Receiver — Collects, parses, and normalizes large amounts of raw security data (required).
  • McAfee Data Streaming Bus — Facilitates device interconnection and provides a streaming data platform for external integrations (required for distributed McAfee ESM and data sharing with 3rd-party applications).
  • McAfee® Enterprise Log Manager — Stores raw logs for compliance purposes (recommended).
  • McAfee Enterprise Log Search — Searches raw logs quickly for forensic purposes (optional).
  • McAfee® Advanced Correlation Engine (McAfee® ACE) — Correlates parsed data to identify trends and suspicious activity (recommended).
  • McAfee® Application Data Monitor — Monitors unencrypted Layer 7 session data to identify suspicious activity at the application and protocol level (optional).
  • McAfee® Database Event Monitor — Monitors and tracks database transactions to identify suspicious activity happening in the database communication on the network (optional).