- Chat with McAfee Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
- Find a Reseller
- Contact Me
- Get Security Notifications Now
- Call: 852-2892-9500
Overview
The McAfee Application Data Monitor appliance decodes an entire application session to Layer 7, providing a full analysis of everything from the underlying protocols and session integrity all the way up to the contents of the application (such as the text of an email or its attachments). This level of detail allows accurate analysis of real application use, while also enabling you to enforce application use policies and detect malicious, covert traffic.
Identify data loss and compliance violations — The Application Data Monitor appliance detects when sensitive information is being transmitted inside email attachments, instant messages, file transfers, HTTP posts, or any other application, notifying you immediately and mitigating any loss. You can detect these sensitive data types, alert appropriate personnel, and log the transgression to maintain an audit trail for compliance audit requirements.
Detect application-layer threats — New, sophisticated threats exploit the vulnerabilities in common business applications to penetrate your network and export sensitive data. While these application-layer threats are difficult to detect using traditional firewalls and intrusion detection and intrusion prevention systems, the Application Data Monitor appliance is able to look into the entire contents of an application — including the underlying protocols — to detect hidden payloads, malware, and even covert communication channels.
Features & Benefits
Capture full session detail of all violations
Go beyond application flow monitoring to decode the entire application session, all the way to Layer 7.
Leverage pre-built detection rules for regulated and sensitive data
Monitor access to and use of sensitive information such as credit card numbers, social security numbers, and bank routing numbers out of the box, or customize the McAfee Application Data Monitor appliance’s detection capabilities by defining your own dictionaries of sensitive and confidential information.
Document a complete audit trail of application events for compliance
Preserve all details of application sessions that violate policies for use in incident response, forensics, and compliance audits.
Avoid interference with application performance and latency
Deploy Application Data Monitor as a passive SPAN port for passive monitoring, with no risk to an application's operation, performance, or reliability.
Add application insight into McAfee Enterprise Security Manager
Use McAfee Enterprise Security Manager as a central resource and interface for all monitoring and compliance activities and use application contents in event correlation and other advanced SIEM functions.
System Requirements
| Hardware Specifications | APM-3450 | APM-1250 |
|---|---|---|
| Throughput | 1 Gbps | 500 Mbps |
| Interfaces | 4 x 10/100/1000 Mbps Ethernet copper interfaces | 4 x 10/100/1000 Mbps Ethernet copper interfaces |
Demos / Tutorials
McAfee GTI and McAfee SIEM demo
Built for big security data, McAfee Global Threat Intelligence for McAfee Enterprise Security Manager (ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent security information and event management (SIEM) solution.
Awards / Reviews
McAfee Positioned as a Leader by Gartner in MQ for SIEM Based on Completeness of Vision and Ability to Execute
The security information and event management (SIEM) market is defined by the customer's need to analyze security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for regulatory compliance and forensics. The vendors that are included in Gartner’s analysis have technologies that have been designed for this purpose, and they actively market and sell these technologies to the security buying center.
Customer Stories
McAfee
McAfee integrates NitroSecurity products into its portfolio, improving its SIEM offering.
Highlights
- Significantly shortens time to analyze security events from four to six days to less than 10 minutes
- Decreases time to produce PCI compliance reports from eight to 12 hours to 10 minutes
- Saves administrative time and manual maintenance while eliminating unnecessary activities
- Facilitates disaster recovery and allows for proper use of virtual machines
- Improves the organization’s overall security posture in the industry
News / Events
News
- McAfee, Inc. to Acquire NitroSecurity – Advances Security Risk Management
October 4, 2011Topics : SIEM
Events
No results foundOn Demand
- McAfee ESM: Fulfilling the Promise of SIEM
On Demand Webcast
Resources
Focus on 5: Threat Intelligence SIEM Requirements
McAfee spoke with customers about integrating SIEM with Threat Intelligence and how it helped their effort to mitigate bad actors.
Focus on 5: SIEM Requirements
Learn about the top five issues with SIEM: Big Security Data, Content and User Awareness, Dynamic Context, Solution Customization, and Business Value.
Data Sheets
Reports
Technology Blueprints
White Papers
Community
Forums
No results foundBlogs
- Join @McAfeeBusiness #SecChat on 5/30 to discuss InfoSec Burnout
McAfee Enterprise - May 24, 2013
For an organization, a skilled security team is often the first line of defense against cyber attacks. Yet veterans of the industry report that burnout is common, citing everything from an isolated day-to-day work environment to long hours and too few objective measures of success. Depending on the individual, burnout might appear as depression, rage, Read more... - April #SecChat Recap: The Future of Cyber Education
McAfee Enterprise - May 22, 2013
View the story “April #SecChat Recap: The Future of Cyber Education” on Storify - Microsoft Patch Tuesday Report: Endpoint Perspective
Scott Taschler - May 21, 2013
This month, Microsoft’s Patch Tuesday bundle includes two separate updates for Internet Explorer; the first (MS13-037) is a cumulative update for Internet Explorer. The second is a fix (MS13-038) specifically for a critical bug in IE 8 that hackers and malware have been using to break into Windows computers. This vulnerability first surfaced on May Read more... - Getting Assurance in a Time Constrained World
Kim Singletary - May 20, 2013
Nothing is as frustrating as when something goes wrong, especially when you have time constraints. NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems Read more... - CRN Analysis: McAfee Tops Symantec for Endpoint Protection
Dan Wolff - May 14, 2013
This week, CRN pitted McAfee and Symantec head-to-head, evaluating both leading enterprise protection vendors for malware and spyware protection, intrusion prevention, channel profitability and more. The result? While Symantec continues to have a strong portfolio, McAfee came out on top for its central policy management through ePolicy Orchestrator, innovation with hardware-based security technologies, and its Read more...