Intel Security


McAfee is a leader in the Gartner Magic Quadrant for SIEM

Read Report

Know who is accessing your data and why

McAfee Database Event Monitor for SIEM provides a complete audit trail of all database activities, including queries, results, authentication activity, and privilege escalations.

  • Consolidate database activity into a central audit repository and provide normalization, correlation, analysis, and reporting.
  • Support your expanding compliance auditing and reporting requirements and enhance security operations.
  • Use a passive network-based database log monitor for zero impact on database performance.
  • Full integration with McAfee Enterprise Security Manager enables database transactions for event correlation and other advanced SIEM activities.
Download Data Sheet

Detailed security logging of databases and applications

Expand visibility into each transaction

Maintain full session details of all transactions, so you can easily see what happened before and after any given transaction—from login to logout.

Advance risk and threat detection

Analyze all monitored activity against a customizable set of policy rules and receive alerts on all suspicious activity. Anomaly-based detection indicates abnormal user activity, queries, and other out-of-place behavior.

Detect and classify databases

Discover all database instances, including unknown or rogue databases, and identify which databases are storing credit cards, social security numbers, or other sensitive data.

Reconstruct sessions with one click

Speed database event investigations by viewing an entire session—from login to logout—with a single mouse click.

Automate compliance processes

Use policy-based detection rules and compliance reports for PCI DSS, HIPAA, and NERC-CIP. McAfee Database Event Monitor for SIEM delivers compliant storage and masking of sensitive data in activity logs.

McAfee rated in Gartner Critical Capabilities for SIEM

Read Report
ESG SC Magazine Gartner

Product Reviews

Leading independent analysts have evaluated the features and performance of McAfee SIEM solutions.

Understanding Cyberthreat Motivations to Improve Defense

Understanding Cyberthreat Motivations to Improve Defense

Learn the different motivations of an attacker so you can successfully defend from threats and implement controls tailored to each type of attack for greatest efficiency.

Download Infographic Read White Paper


System Requirements

McAfee Database Event Monitor requires McAfee Enterprise Security Manager (ESM) and can be deployed as a physical appliance. McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Model Number Maximum EPS1 Appliance Size Local Storage2 Network Interfaces (10/100/1000) System Requirements
DEM-2600 5,000 2U 1.8TB 2 + 4 monitoring ports3 Requires ESM
DEM-4600 15,000 2U 3TB 2 + 8 monitoring ports3 Requires ESM

1Based on typical network environments using average event and flow aggregation. Depending on aggregation settings, collection type mix, overall SIEM activity, and related activities, the EPS levels for any given appliance, within an environment, may be lower.
2Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
3IPMI: Please note that all McAfee SIEM appliances, except DAS-50 and DAS-100, have IPMI adapters; for ERC HA, IPMI is used for the HA configuration.

Need additional technical resources? Visit the McAfee Expert Center

McAfee SIEM-Integrated Partners

Many organizations deploy security products from multiple vendors that do not interact with each other. In today’s fast evolving threat landscape, this not only increases operational costs, it increases risk. Evolving security challenges require open, collaborative approaches to detect threats, reduce risk, and ensure compliance. Below is a selection of Security Innovation Alliance partners with McAfee SIEM integrated solutions that allow you to resolve more threats faster with fewer resources.

Automation & Orchestration

User & Entity Behavior Analytics

Authentication & Encryption

Application & Database Security

Incident Response & Forensics

See All SIEM-Integrated Partners