McAfee Database Event Monitor for SIEM

Maximum visibility into database transactions

Insights into who is accessing your data and why

McAfee Database Event Monitor for SIEM provides a complete audit trail of all database activities, including queries, results, authentication activity, and privilege escalations.

Full visibility

Consolidate database activity into a central audit repository and provide normalization, correlation, analysis, and reporting.

Automated compliance processes

Use policy-based detection rules and compliance reports for PCI DSS, HIPAA, and NERC-CIP. McAfee Database Event Monitor for SIEM also delivers compliant storage and masking of sensitive data in activity logs.

Power without the overhead

Use a passive network-based database log monitor for zero impact on database performance.

Integrated with your infrastructure

Full integration with McAfee Enterprise Security Manager enables database transactions for event correlation and other advanced SIEM activities.

Detailed security logging of databases and applications

Expand visibility into each transaction

Maintain full session details of all transactions, so you can easily see what happened before and after any given transaction—from login to logout—with a single mouse click.

Advance risk and threat detection

Analyze all monitored activity against a customizable set of policy rules and receive alerts on all suspicious activity. Anomaly-based detection indicates abnormal user activity, queries, and other out-of-place behavior.

Detect and classify databases

Discover all database instances, including unknown or rogue databases, and identify which databases are storing credit cards, social security numbers, or other sensitive data.

A Gartner Magic Quadrant Leader

McAfee is a leader in the Gartner Magic Quadrant for SIEM for the seventh year in a row.

McAfee Connect

Maximize the value of your McAfee Enterprise Security Manager with pre-built content packs to streamline security monitoring, threat management, and incident response.

Learn More

System requirements

McAfee Database Event Monitor requires McAfee Enterprise Security Manager (ESM) and can be deployed as a physical appliance. McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Model Number Maximum EPS1 Appliance Size Local Storage1 Network Interfaces (10/100/1000) System Requirements
DEM-2600 5,000 2U 1.8TB 2 + 4 monitoring ports3 Requires ESM
DEM-4600 15,000 2U 3TB 2 + 8 monitoring ports3 Requires ESM

1Based on typical network environments using average event and flow aggregation. Depending on aggregation settings, collection type mix, overall SIEM activity, and related activities, the EPS levels for any given appliance, within an environment, may be lower.
2Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
3IPMI: Please note that all McAfee SIEM appliances, except DAS-50 and DAS-100, have IPMI adapters; for ERC HA, IPMI is used for the HA configuration.

Need additional technical resources? Visit the McAfee Expert Center >

Learn more about McAfee Database Event Monitor for SIEM


Gartner Magic Quadrant for Security Information and Event Management

Gartner names McAfee as a Magic Quadrant Leader for SIEM. The Gartner Magic Quadrant for SIEM is a research tool for enterprise security buyers to review and assess which vendors best meet their needs.

Read Report >

Sustainable Security Operations

Discover how to successfully adopt sustainable security operations with optimized processes and tools to compress decision-making and quickly detect, contain, and remediate attacks.

Read White Paper >

This remains the top SIEM available.
Read Product Review > SC Magazine

McAfee Database Event Monitor for SIEM related products

McAfee Advanced Correlation Engine supplements McAfee Enterprise Security Manager (SIEM) event correlation with two dedicated correlation engines: A risk detection engine that generates a risk score and a threat detection engine.

Learn More >

McAfee Application Data Monitor decodes an entire application session to Layer 7 to detect fraud, data loss, and hidden threats, and create an audit trail for application compliance.

Learn More >

McAfee Enterprise Log Manager automates log management and analysis for all log types, including Windows event logs, database logs, application logs, and syslogs, and integrates with McAfee SIEM for analysis and incident management.

Learn More >

McAfee Enterprise Security Manager delivers intelligent, fast, and accurate SIEM and log management.

Learn More >

McAfee Event Receiver collects third-party events and logs, and correlates events collected by other distributed receivers for system-wide threat detection and fast security data retrieval and analysis.

Learn More >

Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent SIEM.

Learn More >

Have Additional Questions?

We’re here to help. Contact us to learn about implementation, pricing, technical specifications, and more.

Contact Us