A Leader, 2018 Gartner Magic Quadrant for Security Information and Event Management
Read ReportReal-time visibility into all activity on systems, networks, databases, and applications
McAfee Enterprise Security Manager is a security information and event management (SIEM) solution that delivers actionable intelligence and integrations to prioritize, investigate, and respond to threats.
Your SIEM foundation
McAfee Enterprise Security Manager provides continuous visibility into threats and risk, actionable analysis to guide triage and speed investigations, and orchestration of security remediation.
Advanced threat intelligence
Prioritized alerts surface potential threats before they occur while analyzing data for patterns that may indicate a larger threat.
Embedded compliance framework
Built-in security use case content packs simplify analyst and compliance operations.
Dozens of partner integrations
An extensible and distributed design integrates with more than three dozen partners, hundreds of standardized data sources, and industry threat intelligence.
Enabling fast, risk-based decisions
Context and content awareness
Leverage contextual information, such as vendor threat feeds and indicators of compromise (IOCs), for a better understanding of how security events can impact real business processes.
Critical facts in minutes, not hours
Highly tuned appliances collect, process, and correlate log events from multiple years with other data streams, including STIX-based threat intelligence feeds. Store billions of events and flows, and quickly access long-term event data storage to investigate attacks.
Optimized security operations
An analyst-centric user experience offers increased flexibility, customization, and faster response to investigations. Analysts with any level of experience, from beginner to expert, will find it easier to prioritize, investigate, and respond to evolving threats.
ESG Lab Validation: McAfee Enterprise Security Manager
ESG finds McAfee ESM delivers context-aware visibility, reducing time to protection.
McAfee Connect
Maximize the value of your McAfee Enterprise Security Manager with pre-built content packs to streamline security monitoring, threat management, and incident response.
System requirements
McAfee Enterprise Security Manager (ESM) can be deployed with physical and virtual appliances. It can also be part of an all-in-one SIEM deployment that includes McAfee Enterprise Log Manager (ELM) and McAfee Event Receiver (ERC). McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.
| Cloud | ||||
|---|---|---|---|---|
| Model Number | Deployment | Local Storage1 | CPU Cores | System Requirements |
| ESM-ELM-ERC-VM2 | AWS, Azure, HyperV, ESX, KVM, XEN | Minimum 250 GB | 8 | 8 Processor Cores, 16 GB RAM |
| ESM-VM | AWS, Azure, HyperV, ESX, KVM, XEN | Minimum 250 GB | 8 | 8 Processor Cores, 16 GB RAM |
| ESM-VM-4-CORE-ADDON | AWS, Azure, HyperV, ESX, KVM, XEN | See footnote 3 | See footnote 4 | Per 4 Core Add-on, 16 GB RAM |
| Appliances | ||||
|---|---|---|---|---|
| Model Number | Appliance Size | Local Storage1 | CPU Cores | |
| ESM-ELM-ERC-57002 | 2U | 32 TB + 800 GB SSD | 20 | |
| ESM-ELM-ERC-60502 | 2U | 40 TB + 800 GB SSD | 28 | |
| ESM-5700 | 2U | 32 TB + 800 GB SSD | 20 | |
| ESM-6050 | 2U | 40 TB + 800 GB SSD | 28 | |
| ESM-X7 | 2U | 16 TB SSD + 2 TB SSD (PCle) | 20 | |
| ESM-X9 | 2U | 19 TB SSD + 8 TB SSD (PCle) | 28 | |
| ESM-X11 | 2U | 19 TB SSD + 8 TB SSD (PCle) | 36 | |
1Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors. “Local Storage” specified is the total raw, unformatted storage available for a given appliance. Please note that usable storage capacity may be significantly lower, as some storage is configured for redundancy to reduce the risk of data loss. This will vary based on the model, RAID configuration, operating environment, data cardinality, software version, and a number of additional factors based on deployment customizations.
2All-in-one SIEM offering that includes Enterprise Security Manager, Enterprise Log Manager, and Event Receiver.
3Space should be calculated based on the customer retention requirements. It is recommended that VMs have dedicated SSD storage to reach higher ingestion and query performance.
4Option to expand ESM-VM in 4-core increments up to 32-core maximum.
Need additional technical resources? Visit the McAfee Expert Center >
SIEM-Integrated Partners
Automation & Orchestration
User & Entity Behavior Analytics
Application & Database Security
Risk & Compliance
Incident Response & Forensics
Learn more about McAfee Enterprise Security Manager
ESG Lab Validation: McAfee Enterprise Security Manager
ESG finds McAfee ESM delivers context-aware visibility, reducing time to protection.
McAfee Enterprise Security Manager
The McAfee Enterprise Security Manager SIEM solution delivers real-time understanding of threat data and reputation feeds and a view of systems, data, risks, and activities inside your enterprise.
Introduction to Artificial Intelligence and Machine Learning
This guide breaks down how AI functions, the strengths and limitations of various types of machine learning, and its evolution. It also explores how AI-enabled security analytics can help protect enterprises from today’s complex cybersecurity threats.
Have Additional Questions?
We’re here to help. Contact us to learn about implementation, pricing, technical specifications, and more.
Register for a Free Trial
Get started now. Test drive McAfee Enterprise Security Manager in your environment.
Free Trial