Email Content Pack

Overview

Email messages should only be transferred between legitimate mail servers. Content and attachments sent to or received from a malicious or suspicious host could be compromised. Abnormal volumes of outgoing email could indicate a system is compromised and is being used to generate spam or exfiltrate privileged information. This content pack helps you quickly view and analyze data collected from email devices in order to effectively monitor email traffic coming in and out of your organization's network, preventing data loss and data leakage.

Content Pack Components

Views

Designed to give quick insight into email events.

  • Email Overview
  • GEO Overview
  • Inbound Overview
  • Outbound Overview
Reports

Provides a quick look into a week’s email events.

  • Email - Weekly Email Overview
Correlation Rules

Helps monitor for different email traffic patterns.

  • Email - Email Device Communicating with GTI Address
  • Email - Abnormal Email Traffic from GTI IP Address
  • Email - Abnormal Outbound Email Traffic

Required Products

  • McAfee Enterprise Security Manager (ESM) 11.x, 10.x
  • McAfee Advanced Correlation Engine (ACE) 11.x, 10.x
  • Some rules require McAfee Global Threat Intelligence (GTI) in order to function properly.
prevent-ransomware

Content Pack Demo

Content packs are available directly inside the McAfee Enterprise Security Manager user interface. Watch the video to discover how to access the content pack and get started.

Watch Video

Download Content Pack

Registered ServicePortal users can log in to access the Knowledge Center for further documentation or to download the content pack file manually.

Read Article

Explore

Find other content packs and partner integrations.

See All

Free Trial

Interested in McAfee Enterprise Security Manager?

Register for Free Trial