McAfee ESM: Enterprise grade security monitoring

McAfee has a long history in seeking to provide enterprise-grade security tools. Security professionals are well versed in the pros and cons of solutions like McAfee. Their Enterprise Security Manager is a leader according to Gartner.

From the McAfee website:

Effective security starts with real-time visibility into all activity on all systems, networks, databases, and applications. McAfee Enterprise Security Manager enables your business with true, real-time situational awareness and the speed and scale required to identify critical threats, respond intelligently, and ensure continuous compliance monitoring. Security teams now have access to real-time, risk relevant information to obtain a stronger security posture while shortening response time.

Advanced risk and threat detection — Enterprise Security Manager connects evolving threat data with a real-time understanding of the risk, asset importance, and security posture throughout the enterprise. This dynamic context, combined with our highly intelligent correlation engine, provides risk scoring and threat prioritization that continually adapts to the enterprise environment. In addition, available integration with McAfee Global Threat Intelligence (GTI) and McAfee ePolicy Orchestrator (McAfee ePO) software help you detect, correlate, and remediate threats in minutes across your entire IT infrastructure.

Policy-aware compliance management — As compliance requirements evolve, so must your SIEM. Enterprise Security Manager makes compliance management easy with hundreds of pre-built dashboards, complete audit trails, and reports for PCI DSS, HIPAA, NERC-CIP, FISMA, GLBA, SOX, and others. Our support for the Unified Control Framework also allows you to report your policies against more than 240 global regulations and control frameworks.

Critical facts in minutes, not hours — Our highly tuned appliance can collect, process, and correlate billions of events from multiple years and keep all information available locally for immediate ad hoc queries, forensics, rules validation, and compliance.

Global Threat Intelligence — An optional live feed of McAfee GTI IP Reputation data provides valuable, real-time information on external threats gathered from hundreds of millions of sensors around the globe, allowing you to pinpoint malicious activity on your network. Enterprise Security Manager can use the GTI IP Reputation data to quickly identify conditions where an internal host has communicated with a known bad actor.

For more see: http://www.mcafee.com/us/products/enterprise-security-manager.aspx

Leave a Reply