McAfee Advanced Correlation Engine monitors real-time data, allowing you to simultaneously use both correlation engines to detect risks and threats before they occur. You can deploy Advanced Correlation Engine with McAfee Enterprise Security Manager to identify and score threat events in real time using both rule- and risk-based logic.
Two dedicated correlation engines and purpose-built performance — Advanced Correlation Engine supplements McAfee Enterprise Security Manager event correlation with a risk detection engine that generates a risk score using rule-less risk score correlation, and a threat detection engine that detects threats using traditional rule-based event correlation.
Processing power to support rich event correlation across your enterprise — The standalone Advanced Correlation Engine scales to accommodate even the largest networks.
Alerts and real-time risk assessment — Identify an asset (users or groups, applications, specific servers, or subnets) and Advanced Correlation Engine alerts you if the asset is threatened. Audit trails and historical replays support forensics, compliance, and rule tuning.
Threat identification and scoring — Advanced Correlation Engine deploys alongside McAfee Enterprise Security Manager to identify and score threat events in real time using both rule- and risk-based logic.
Deploy McAfee Advanced Correlation Engine in either real-time or historical modes. In real-time mode, Advanced Correlation Engine analyzes events as they are collected for immediate threat and risk detection. You get rule-based correlation of real-time event data for detection of threats as they occur or rule-less correlation of real-time event data for detection of threats as they develop.
Provide impeccable modeling of your organizations risks by scoring attributes that matter. Develop a baseline and send notifications when normal thresholds are exceeded.
Use both correlation engines simultaneously to detect risks and threats before they occur, so you can use risk scores within traditional correlation logic.
Deploy Advanced Correlation Engine in historical mode and you can replay any historical data set through the traditional and rule-less correlation engines.
|Collection Rates||50,000 events per second1||100,000 events per second1|
|Local Storage||1.8 TB2||1.8 TB2|
Built for big security data, McAfee Global Threat Intelligence for McAfee Enterprise Security Manager (ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent security information and event management (SIEM) solution.
The security information and event management (SIEM) market is defined by the customer's need to analyze security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for regulatory compliance and forensics. The vendors that are included in Gartner’s analysis have technologies that have been designed for this purpose, and they actively market and sell these technologies to the security buying center.
McAfee integrates NitroSecurity products into its portfolio, improving its SIEM offering.
Topics : SIEM
Enterprises today are fighting an uphill battle when it comes to security. While there is a proliferation of security management and reporting tools available, the lack of integration and visibility can add more complexity and snags rather than less. Working between multiple security systems diverts attention from other tasks in addition to costing money and […]
With Google Glass, FitBit, smart cars, smart televisions, and more, it seems like the world is getting closer to the reality of the Internet of Things. In fact, according to IDC, the installed base of the Internet of Things will be approximately 212 billion “things” worldwide by 2020. Whether it’s wearable technology, household items, transportation […]
I came across an excellent book titled, Assessing Network Security. It’s written by three Microsoft security researchers who understand Domain Controllers (DCs) inside out. I found it quite insightful and I strongly recommend it if you are in charge of IT Security. They describe DC security with a single sentence – “Defending the keys to […]
Hello Everyone, For April’s edition of Patch Tuesday, we are presenting the final patches for the beloved Windows XP. Those of you still running Windows XP systems in your environment are highly recommended to speak with your McAfee sales team about Application Control. Application Control can provide your EOL systems protection against an unpatched vulnerability. […]
Wow, what an incredible week we just wrapped up. In case you missed it, April 2nd was the Intel Security Through Innovation Summit, produced by FedScoop. We could not have been more thrilled with the outcome. Nearly 1,000 attendees came, including federal government and enterprise customers, McAfee and Intel personnel, partner companies and other DC-based […]
The post Intel and McAfee Join Forces, Dazzle at Intel Security Innovation Summit appeared first on McAfee.