McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Business HomeProducts & SolutionsSecurity Information and Event Management (SIEM)
McAfee Database Event Monitor for SIEM

McAfee Database Event Monitor for SIEM

Maximum visibility into database transactions without impacting performance

Next Steps:

Overview

The non-intrusive design of McAfee Database Event Monitor for SIEM supports your expanding compliance auditing and reporting requirements and enhances security operations. While it monitors all database transactions, Database Event Monitor for SIEM provides a complete audit trail of all database activities, including queries, results, authentication activity, and privilege escalations.

Database Event Monitor for SIEM is the only product that both consolidates database activity into a central audit repository and provides normalization, correlation, analysis, and reporting of that activity. It normalizes activity for analysis with other pertinent security information for expanded visibility into user and data interactions, user information, application contents, OS activity, vulnerabilities, and even network location.

Database Event Monitor for SIEM allows you to:

  • Track users across applications
  • Examine full session activity, from login to logoff
  • Detect sensitive data and identify policy violations
  • Detect loss of data through authorized channels
  • Correlate database activity to security events
  • Generate detailed reports for PCI DSS, HIPAA, NERC-CIP, FISMA, GLBA, SOX, and many more compliance requirements
McAfee Positioned in Leaders Quadrant of the Magic Quadrant for SIEM

Features & Benefits

Get compliance reports pre-built and ready to run

Comply with regulations such as PCI DSS, HIPAA, NERC-CIP, FISMA, GLBA, SOX, and others, while strengthening your overall security posture with pre-defined rules and reports and privacy-friendly logging features.

Benefit from integration with other McAfee products

Get full integration with McAfee Enterprise Security Manager and McAfee Enterprise Log Manager for unprecedented event analysis and correlation, in addition to compliant storage and encryption of data activity logs.

Find the data that enables your business

Discover all database instances including unauthorized or rogue databases.

Uncover regulated and confidential data for compliance

Detect when a database contains sensitive information — such as personal identity information — so that you can monitor all access to that information in accordance with PCI DSS, HIPAA, NERC-CIP, and other compliance requirements.

Log database activity for a complete audit trail

Retain details of all database transactions, from login to logoff, to support compliance auditing requirements; masking can protect sensitive personal information in logs.

Reconstruct sessions with one click

Speed investigations of database events by viewing the entire session from login to logoff with a single mouse click.

Monitor your network without compromising database performance or capture rates

Avoid overhead, monitor your database over the network, and ensure the audit data you need is retained.

Integrate database event information into SIEM workflows

Leverage integration with McAfee Enterprise Security Manager as a central resource and interface for all database monitoring and compliance needs, and enable database transactions to be used by event correlation and other advanced SIEM features.

System Requirements

Hardware SpecificationsDSM-4600DSM-3450DSM-2600
Collection Rates 15,000 events per second 10,000 events per second 5,000 events per second
Interfaces 8 x 10/100/1000 Mbps Ethernet copper interfaces 4 x 10/100/1000 Mbps Ethernet copper interfaces 4 x 10/100/1000 Mbps Ethernet copper interfaces

Awards / Reviews

Gartner
McAfee Positioned as a Leader by Gartner in MQ for SIEM Based on Completeness of Vision and Ability to Execute

The security information and event management (SIEM) market is defined by the customer's need to analyze security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for regulatory compliance and forensics. The vendors that are included in Gartner’s analysis have technologies that have been designed for this purpose, and they actively market and sell these technologies to the security buying center.

Customer Stories

McAfee

McAfee integrates NitroSecurity products into its portfolio, improving its SIEM offering.

Highlights
  • Significantly shortens time to analyze security events from four to six days to less than 10 minutes
  • Decreases time to produce PCI compliance reports from eight to 12 hours to 10 minutes
  • Saves administrative time and manual maintenance while eliminating unnecessary activities
  • Facilitates disaster recovery and allows for proper use of virtual machines
  • Improves the organization’s overall security posture in the industry

Read Full Case Study

News / Events

Resources

Brochures

Focus on 5: Threat Intelligence SIEM Requirements

McAfee spoke with customers about integrating SIEM with Threat Intelligence and how it helped their effort to mitigate bad actors.

Focus on 5: SIEM Requirements

Learn about the top five issues with SIEM: Big Security Data, Content and User Awareness, Dynamic Context, Solution Customization, and Business Value.

Data Sheets

Reports

Technology Blueprints

White Papers

Community

Forums

No results found

Blogs

  • April #SecChat Recap: The Future of Cyber Education
    McAfee Enterprise - May 22, 2013
    View the story “April #SecChat Recap: The Future of Cyber Education” on Storify
  • Microsoft Patch Tuesday Report: Endpoint Perspective
    Scott Taschler - May 21, 2013
    This month, Microsoft’s Patch Tuesday bundle includes two separate updates for Internet Explorer; the first (MS13-037) is a cumulative update for Internet Explorer. The second is a fix (MS13-038) specifically for a critical bug in IE 8 that hackers and malware have been using to break into Windows computers. This vulnerability first surfaced on May Read more...
  • Getting Assurance in a Time Constrained World
    Kim Singletary - May 20, 2013
    Nothing is as frustrating as when something goes wrong, especially when you have time constraints.  NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems Read more...
  • CRN Analysis: McAfee Tops Symantec for Endpoint Protection
    Dan Wolff - May 14, 2013
    This week, CRN pitted McAfee and Symantec head-to-head, evaluating both leading enterprise protection vendors for malware and spyware protection, intrusion prevention, channel profitability and more. The result? While Symantec continues to have a strong portfolio, McAfee came out on top for its central policy management through ePolicy Orchestrator, innovation with hardware-based security technologies, and its Read more...
  • How to create a compensating control for EOL Windows XP Risk
    Kim Singletary - May 13, 2013
    Support for Windows XP SP3 will officially end April 8, 2014, meaning users have less than a year to choose which operating system to go with next. For many, the motivation to move off XP to a new operating system hasn’t been very compelling – while Windows 7 may be a reasonable option, Vista wasn’t Read more...
View All
Australia - English