Intel Security


McAfee is a leader in the Gartner Magic Quadrant for SIEM

Read Report

Application-layer monitoring for maximum threat prevention

McAfee Application Data Monitor detects fraud, data loss, and advanced threats by monitoring all the way to the application layer.

  • Generate a complete audit trail of application events for compliance, passively, to avoid application interference.
  • Fully inspect application data to achieve the deepest visibility into how your network is being used.
  • Decode application sessions to Layer 7 for a full analysis of everything from the underlying protocols and session integrity to the contents of the application (such as the text of an email or its attachments).
  • Get accurate analysis of real application use to enforce application-use policies and detect malicious, covert traffic.
Download Data Sheet

Understand how your network is being used

Capture full session detail of all violations

Decode the entire application session, all the way to Layer 7, for over 500 hundred supported applications and protocols.

Uncover data loss and compliance violations

Detect when sensitive information is being transmitted inside email attachments, instant messages, file transfers, HTTP posts, or any other application, and get immediate notification so you can mitigate the loss.

Find application-layer threats

See the entire content of an application and underlying protocols—such as an executable embedded inside a PDF document—to detect hidden payloads, malware, and even covert communication channels.

Document discovery

Discover more than 500 document types as they are exchanged over the network. Even documents embedded inside other documents, archived, compressed, and encoded are discovered with actionable metrics.

Integrated with your infrastructure

McAfee Enterprise Security Manager and McAfee Application Data Monitor work with your security infrastructure to simplify security operations, improve efficiencies, and lower costs.

McAfee rated in Gartner Critical Capabilities for SIEM

Read Report
ESG SC Magazine Gartner

Product Reviews

Leading independent analysts have evaluated the features and performance of McAfee SIEM solutions.

Understanding Cyberthreat Motivations to Improve Defense

Understanding Cyberthreat Motivations to Improve Defense

Learn the different motivations of an attacker so you can successfully defend from threats and implement controls tailored to each type of attack for greatest efficiency.

Download Infographic Read White Paper


System Requirements

McAfee Application Data Monitor deployment options include physical and virtual appliances. Specific McAfee Application Data Monitor models require McAfee Enterprise Security Manager (ESM). McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Model Number Maximum EPS1 Appliance Size Local Storage2 Network Interfaces (10/100/1000) System Requirements
ADM-VM-8 250 Mbps VM Recommended 250GB VM (AWS, ESX, KVM) 8 processor cores, 4GB memory
ADM-VM-12 500 Mbps VM Recommended 500GB+240GB SSD3 VM (AWS, ESX, KVM) 12 processor cores, 64GB memory
ADM-1260 500 Mbps 1U 1TB 2 + 4 monitoring ports4 Requires ESM
ADM-3460 1 Gbps 2U 1.8TB+240GB SSD3 2 + 4 monitoring ports4 Requires ESM

1Based on typical network environments using average event and flow aggregation. Depending on aggregation settings, collection type mix, overall SIEM activity, and related activities, the EPS levels for any given appliance, within an environment, may be lower.
2Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
3Minimum 50K IOPS for SSD; additional storage should be a minimum of 100 IOPS.
4IPMI: Please note that all McAfee SIEM appliances, except DAS-50 and DAS-100, have IPMI adapters; for ERC HA, IPMI is used for the HA configuration.

Need additional technical resources? Visit the McAfee Expert Center

McAfee SIEM-Integrated Partners

Many organizations deploy security products from multiple vendors that do not interact with each other. In today’s fast evolving threat landscape, this not only increases operational costs, it increases risk. Evolving security challenges require open, collaborative approaches to detect threats, reduce risk, and ensure compliance. Below is a selection of Security Innovation Alliance partners with McAfee SIEM integrated solutions that allow you to resolve more threats faster with fewer resources.

Automation & Orchestration

User & Entity Behavior Analytics

Authentication & Encryption

Application & Database Security

Incident Response & Forensics

See All SIEM-Integrated Partners