The non-intrusive design of McAfee Database Event Monitor for SIEM supports your expanding compliance auditing and reporting requirements and enhances security operations. While it monitors all database transactions, Database Event Monitor for SIEM provides a complete audit trail of all database activities, including queries, results, authentication activity, and privilege escalations.
Database Event Monitor for SIEM is the only product that both consolidates database activity into a central audit repository and provides normalization, correlation, analysis, and reporting of that activity. It normalizes activity for analysis with other pertinent security information for expanded visibility into user and data interactions, user information, application contents, OS activity, vulnerabilities, and even network location.
Database Event Monitor for SIEM allows you to:
Comply with regulations such as PCI DSS, HIPAA, NERC-CIP, FISMA, GLBA, SOX, and others, while strengthening your overall security posture with pre-defined rules and reports and privacy-friendly logging features.
Get full integration with McAfee Enterprise Security Manager and McAfee Enterprise Log Manager for unprecedented event analysis and correlation, in addition to compliant storage and encryption of data activity logs.
Discover all database instances including unauthorized or rogue databases.
Detect when a database contains sensitive information — such as personal identity information — so that you can monitor all access to that information in accordance with PCI DSS, HIPAA, NERC-CIP, and other compliance requirements.
Retain details of all database transactions, from login to logoff, to support compliance auditing requirements; masking can protect sensitive personal information in logs.
Speed investigations of database events by viewing the entire session from login to logoff with a single mouse click.
Avoid overhead, monitor your database over the network, and ensure the audit data you need is retained.
Leverage integration with McAfee Enterprise Security Manager as a central resource and interface for all database monitoring and compliance needs, and enable database transactions to be used by event correlation and other advanced SIEM features.
|Collection Rates||15,000 events per second||10,000 events per second||5,000 events per second|
|Interfaces||8 x 10/100/1000 Mbps Ethernet copper interfaces||4 x 10/100/1000 Mbps Ethernet copper interfaces||4 x 10/100/1000 Mbps Ethernet copper interfaces|
The security information and event management (SIEM) market is defined by the customer's need to analyze security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for regulatory compliance and forensics. The vendors that are included in Gartner’s analysis have technologies that have been designed for this purpose, and they actively market and sell these technologies to the security buying center.
McAfee integrates NitroSecurity products into its portfolio, improving its SIEM offering.
Topics : SIEM
McAfee spoke with customers about integrating SIEM with Threat Intelligence and how it helped their effort to mitigate bad actors.
Learn about the top five issues with SIEM: Big Security Data, Content and User Awareness, Dynamic Context, Solution Customization, and Business Value.