The McAfee Application Data Monitor appliance decodes an entire application session to Layer 7, providing a full analysis of everything from the underlying protocols and session integrity all the way up to the contents of the application (such as the text of an email or its attachments). This level of detail allows accurate analysis of real application use, while also enabling you to enforce application use policies and detect malicious, covert traffic.
Identify data loss and compliance violations — The Application Data Monitor appliance detects when sensitive information is being transmitted inside email attachments, instant messages, file transfers, HTTP posts, or any other application, notifying you immediately and mitigating any loss. You can detect these sensitive data types, alert appropriate personnel, and log the transgression to maintain an audit trail for compliance audit requirements.
Detect application-layer threats — New, sophisticated threats exploit the vulnerabilities in common business applications to penetrate your network and export sensitive data. While these application-layer threats are difficult to detect using traditional firewalls and intrusion detection and intrusion prevention systems, the Application Data Monitor appliance is able to look into the entire contents of an application — including the underlying protocols — to detect hidden payloads, malware, and even covert communication channels.
Go beyond application flow monitoring to decode the entire application session, all the way to Layer 7.
Monitor access to and use of sensitive information such as credit card numbers, social security numbers, and bank routing numbers out of the box, or customize the McAfee Application Data Monitor appliance’s detection capabilities by defining your own dictionaries of sensitive and confidential information.
Preserve all details of application sessions that violate policies for use in incident response, forensics, and compliance audits.
Deploy Application Data Monitor as a passive SPAN port for passive monitoring, with no risk to an application's operation, performance, or reliability.
Use McAfee Enterprise Security Manager as a central resource and interface for all monitoring and compliance activities and use application contents in event correlation and other advanced SIEM functions.
|Throughput||1 Gbps||500 Mbps|
|Interfaces||4 x 10/100/1000 Mbps Ethernet copper interfaces||4 x 10/100/1000 Mbps Ethernet copper interfaces|
Built for big security data, McAfee Global Threat Intelligence for McAfee Enterprise Security Manager (ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent security information and event management (SIEM) solution.
The security information and event management (SIEM) market is defined by the customer's need to analyze security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for regulatory compliance and forensics. The vendors that are included in Gartner’s analysis have technologies that have been designed for this purpose, and they actively market and sell these technologies to the security buying center.
McAfee integrates NitroSecurity products into its portfolio, improving its SIEM offering.
Topics : SIEM
McAfee spoke with customers about integrating SIEM with Threat Intelligence and how it helped their effort to mitigate bad actors.
For a technical summary on the McAfee product listed above, please view the product data sheet.
For a technical summary on the McAfee product listed above, please view the product data sheet.
Broad adoption of SIEM technology is being driven by the need to detect threats and breaches, as well as by compliance needs. Early breach discovery requires effective user activity, data access and application activity monitoring. Vendors are improving threat intelligence and security analytics. Leading analyst firm Gartner has placed McAfee as a Leader in the Magic Quadrant for Security Information and Event Management.
[Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.]
This report takes a candid look at triggers for considering a new security management platform, walking through each aspect of the decision, and presenting a process to migrate.
This solution guide addresses the importance of implementing a strategic security and risk management program focused on prevention and protection, reducing incidents and risks across the enterprise, across every device, and across the entire IT infrastructure.
McAfee Enterprise Security Manager offers the advanced scalability, flexibility, and control you need to protect your customers’ business, and grow yours.
The McAfee SIEM solution, Enterprise Security Manager, addresses today’s complex compliance challenges by combining an established unified compliance framework with superior abilities to collect, retrieve, and protect the data required to assess and demonstrate compliance in real time. It’s tightly integrated log collection, management, analysis, and reporting improves an organization’s ability to meet compliance requirements through frameworks, streamlined workflow, and automation.
McAfee spoke with SIEM users and asked them to tell us about their primary issues with SIEM. This brief lists the top five issues along with corresponding customer case studies and use cases.
Learn how McAfee IT uses the McAfee SIEM with other McAfee products to provide the highest level of visibility and situational awareness to protect critical information and infrastructure, achieve PCI compliance, and leverage virtual machines in the McAfee security infrastructure.
McAfee enables enterprises to collect, analyze, and preserve security forensic information. With a solution that includes content- and context-aware SIEM, McAfee provides alerts to security events, as well analysis on how the attacked occurred, affected users, and compromised data — so you can better understand the severity of a security breach.
The McAfee solution has two primary components: McAfee ePolicy Orchestrator (McAfee ePO) software and McAfee Enterprise Security Manager, with additional integrations to extend visibility and control across the entire security and compliance management environment.
SANS recently surveyed incident response (IR) teams to get a clearer picture of what they're up against today. The results are in; most organizations lack formalized IR plans, they expressed a need to collect and correlate threat intelligence and SIEM tools are their focus for improving IR capabilities.
This paper will walk you through the entire process — from soup to nuts — of evaluating, selecting, and deploying a SIEM. It offers pragmatic advice on how to get it done based on years working through this process as both consumers and vendors of SIEM technology. The process is not always painless, but we are certain it will help you avoid foundering on bad technology and inter-office politics. You owe it to yourself and your organization to ask the right questions and to get answers. It is time to slay the sacred cow of your substantial SIEM investment, and to figure out your best path forward.
This is the first part of a six-part series on compliance-driven security. This paper will illustrate how a well-structured security governance program with fully developed and implemented policies, plans, and procedures will strengthen an organization’s security posture.
This paper addresses the Big Security Data challenge and highlights the key criteria organizations need to consider for processing security information in light of today’s dynamic threat landscape.
In this paper, we explore the subject of continuous compliance versus audit-driven compliance, as well as how an ongoing approach to compliance makes compliance a positive force for securing data and systems.
McAfee EDB data management technology handles all of these SIEM/logging requirements. It is designed, implemented, maintained, and tested by our world-class in-house development team to meet the demanding requirements of SIEM/logging and leverage all of the capabilities of appropriate emerging technologies such as modern operating systems, multicore CPUs, solid state and RAM drives, and large amounts of main memory.
I recently wrote a piece in Dark Reading around the notion that Endpoint security is not dead, but instead facing a steadily mounting series of obstacles with relation to the new universe of Internet-connected devices. While there are certainly more challenges to securing corporate networks today, claiming that enforcing Endpoint security policies is basically fighting […]
The post Endpoint Security and the Reality of Ubiquitous Computing appeared first on McAfee.
En junio, Gartner, Inc. publicó su informe Magic Quadrant anual para la categoría de información de seguridad y administración de eventos (SIEM), que evalúa los proveedores que ofrecen productos SIEM en cuanto a su capacidad de ejecución y su visión global. Y este año, McAfee ocupa un lugar en el cuadrante de líderes. En un […]
The post McAfee ocupa un lugar en el cuadrante de líderes para información de seguridad y administración de eventos appeared first on McAfee.
Em junho, o Gartner, Inc. publicou seu relatório anual Quadrante Mágico para Gerenciamento de Eventos e Informações de Segurança (SIEM), o qual avalia fornecedores que oferecem produtos de SIEM, tanto em sua capacidade de execução quanto em abrangência de visão. Neste ano, a McAfee obteve uma colocação no quadrante de líderes. Uma vez que o […]
The post McAfee obteve uma colocação no quadrante de líderes para Gerenciamento de Eventos e Informações de Segurança appeared first on McAfee.
Each year between $2-3 trillion of the global economy is generated via the Internet. With cybercrime expected to extract roughly 15-20% of these funds – a total sum of roughly $500 billion – the impact of cybercrime will undoubtedly be felt in the wallets of businesses and individuals alike. Financial loss is just one component […]
The post September EMEA #SecChat – The Economic Impact of Cybercrime appeared first on McAfee.
Where certain flamboyant IPOs and mergers might lead one to think advanced malware was a solved problem, Black Hat demonstrated just the opposite. This year, we uncovered that security experts are still spending days and weeks of each month dealing with advanced malware. In response to this realization, they acknowledge they need more than a […]