McAfee Event Receiver

Robust collection and powerful correlation

Free Trial

Collect up to tens of thousands of events per second

McAfee Event Receiver collects and retains large amounts of security data, and gives you immediate access to that data.

Scalable log collection

Collect event and flow information from hundreds of third-party devices, including intrusion prevention systems (IPS), switches, routers, servers, workstations, identity and authentication systems, vulnerability assessment scanners, and more.

Instant access to data

Preserve and store all details of parsed and correlated events in a highly indexed database for fast retrieval and analysis.

System-wide threat detection

Correlate events collected by other distributed receivers to detect larger incidents.

Flexible deployment options

Make highly distributed deployment easier and more cost effective with virtual appliances.

Easy, highly
distributed event
collection

Protect all collected events

Collect tens of thousands of events per second with a single McAfee Event Receiver and cache all data locally to preserve it in the event of a network communication error or outage.

Leverage diverse collection methods

Use various event collections, including passive log collection, authenticated log collection, CEF, OPSEC, SDEE, XML, ODBC, and encrypted collection validated to FIPS 140-2 Level 2.

Ensure a flexible architecture

Select fully centralized all-in-one event collection and management or fully distributed event collection, available in both physical and virtual appliances and rated for several thousand to tens of thousands of events per second.

A Gartner Magic Quadrant Leader

McAfee is a leader in the Gartner Magic Quadrant for SIEM for the seventh year in a row.

McAfee Connect

Maximize the value of your McAfee Enterprise Security Manager with pre-built content packs to streamline security monitoring, threat management, and incident response.

Learn More

System requirements

McAfee Event Receiver (ERC) deployment options include physical and virtual appliances. Specific McAfee Event Receiver models require McAfee Enterprise Security Manager (ESM). McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Cloud
Model Number Deployment Local Storage1 CPU Cores System Requirements
ERC-VM AWS, Azure, HyperV, ESX, KVM, XEN Recommended 250 GB 8 8 Processor Cores, 8 GB RAM
ERC-VM-4-CORE-ADDON AWS, Azure, HyperV, ESX, KVM, XEN See footnote 2 See footnote 3 Per 4 Core Add-on, 16 GB RAM


Appliances
Model Number Appliance Size Local Storage1 CPU Cores System Requirements
ERC-1270 1U 4 TB 4 Requires ESM
ERC-2650 2U 12 TB 18 Requires ESM
ERC-3500 2U 12 TB + 400 GB SSD 22 Requires ESM
ERC-4700 2U 5.6 TB SSD 28 Requires ESM

1Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
2ERC, ACE, and ADM do not support upgrades to the original storage allocation, so it is recommended that 1 TB of storage be allocated for the base VM and 1 TB for each 4-CORE-ADDON. It is recommended that VMs have dedicated SSD storage to reach higher ingestion and query performance.
3Option to expand ERC-VM in 4-core increments up to 32-core maximum.

Need additional technical resources? Visit the McAfee Expert Center >

Learn more about McAfee Event Receiver

REPORT

Gartner Magic Quadrant for Security Information and Event Management

Gartner names McAfee as a Magic Quadrant Leader for SIEM. The Gartner Magic Quadrant for SIEM is a research tool for enterprise security buyers to review and assess which vendors best meet their needs.

Read Report >
DATA SHEET

SIEM Solutions from McAfee

SIEM solutions from McAfee help you continuously monitor, identify, investigate, and resolve threats.

Read Data Sheet >
WHITE PAPER

Sustainable Security Operations

Discover how to successfully adopt sustainable security operations with optimized processes and tools to compress decision-making and quickly detect, contain, and remediate attacks.

Read White Paper >

This remains the top SIEM available.
Read Product Review >

McAfee Event Receiver related products

McAfee Advanced Correlation Engine supplements McAfee Enterprise Security Manager (SIEM) event correlation with two dedicated correlation engines: A risk detection engine that generates a risk score and a threat detection engine.

Learn More >

McAfee Application Data Monitor decodes an entire application session to Layer 7 to detect fraud, data loss, and hidden threats, and create an audit trail for application compliance.

Learn More >

McAfee Enterprise Log Manager automates log management and analysis for all log types, including Windows event logs, database logs, application logs, and syslogs, and integrates with McAfee SIEM for analysis and incident management.

Learn More >

McAfee Enterprise Security Manager delivers intelligent, fast, and accurate SIEM and log management.

Learn More >

Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent SIEM.

Learn More >

Have Additional Questions?

We’re here to help. Contact us to learn about implementation, pricing, technical specifications, and more

Contact Us

Register for a Free Trial

Get started now. Test drive McAfee Event Receiver in your environment.

Free Trial