Intel Security
open

Overview

McAfee is a leader in the Gartner Magic Quadrant for SIEM

Read Report

Know who is accessing your data and why

McAfee Database Event Monitor for SIEM provides a complete audit trail of all database activities, including queries, results, authentication activity, and privilege escalations.

  • Consolidate database activity into a central audit repository and provide normalization, correlation, analysis, and reporting.
  • Support your expanding compliance auditing and reporting requirements and enhance security operations.
  • Use a passive network-based database log monitor for zero impact on database performance.
  • Full integration with McAfee Enterprise Security Manager enables database transactions for event correlation and other advanced SIEM activities.
Download Data Sheet

Detailed security logging of databases and applications

Expand visibility into each transaction

Maintain full session details of all transactions, so you can easily see what happened before and after any given transaction—from login to logout.

Advance risk and threat detection

Analyze all monitored activity against a customizable set of policy rules and receive alerts on all suspicious activity. Anomaly-based detection indicates abnormal user activity, queries, and other out-of-place behavior.

Detect and classify databases

Discover all database instances, including unknown or rogue databases, and identify which databases are storing credit cards, social security numbers, or other sensitive data.

Reconstruct sessions with one click

Speed database event investigations by viewing an entire session—from login to logout—with a single mouse click.

Automate compliance processes

Use policy-based detection rules and compliance reports for PCI DSS, HIPAA, and NERC-CIP. McAfee Database Event Monitor for SIEM delivers compliant storage and masking of sensitive data in activity logs.

Staying ahead of threats with SIEM intelligence

Watch Webcast
ESG SC Magazine Gartner

Product Reviews

Leading independent analysts have evaluated the features and performance of McAfee SIEM solutions.

When Minutes Count

When Minutes Count

According to an Evalueserve survey, companies with early attack detection skills are faring best against targeted attacks. See how you can fight advanced threats with real-time SIEM and by identifying eight key indicators of attack.

Download Infographic Download Report

Resources

System Requirements

McAfee Database Event Monitor requires McAfee Enterprise Security Manager (ESM) and can be deployed as a physical appliance. McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Model Number Maximum EPS1 Appliance Size Local Storage2 Network Interfaces (10/100/1000) System Requirements
DEM-2600 5,000 2U 1.8TB 2 + 4 monitoring ports3 Requires ESM
DEM-4600 15,000 2U 3TB 2 + 8 monitoring ports3 Requires ESM

1Based on typical network environments using average event and flow aggregation. Depending on aggregation settings, collection type mix, overall SIEM activity, and related activities, the EPS levels for any given appliance, within an environment, may be lower.
2Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
3IPMI: Please note that all McAfee SIEM appliances, except DAS-50 and DAS-100, have IPMI adapters; for ERC HA, IPMI is used for the HA configuration.

Need additional technical resources? Visit the McAfee Expert Center