Sophisticated, dedicated threat detection based on risk and real-time data
Deploy McAfee Advanced Correlation Engine with McAfee Enterprise Security Manager to identify and score threat events in real time, using both rule- and risk-based logic.
Real-time tracking and alerting
Receive notifications if specific users, groups, applications, servers, or subnets are threatened.
Performance where you need it
Get the processing power required to support rich event correlation across your entire enterprise by leveraging a data engine that scales to accommodate even the largest networks.
Streamline event correlation and startup. McAfee Advanced Correlation Engine does not require rule updates or signature tuning.
Historical threat analysis
Use audit trails and historical replays to support forensics, compliance, and rule tuning. Keep a complete audit trail of risk scores to analyze threat conditions over time.
1Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
2Minimum 50K IOPS for SSD; additional storage should be a minimum of 100 IOPS.
Need additional technical resources? Visit the McAfee Expert Center >
Learn more about McAfee Advanced Correlation Engine
As a companion to the Gartner Magic Quadrant for SIEM, the Gartner Critical Capabilities report for SIEM helps IT security organizations compare their requirements with the most common SIEM use cases. Discover in-depth how Gartner rates McAfee SIEM by critical capabilities.
McAfee Advanced Correlation Engine related products
Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent SIEM.Learn More >