McAfee Enterprise Security Manager
Quickly identify, investigate, and resolve threats
As the foundation of our security information and event management (SIEM) solution, McAfee Enterprise Security Manager delivers actionable intelligence and integrations required for security organizations to prioritize, investigate, and respond to threats, while the embedded compliance framework and built-in security use case content packs simplify analyst and compliance operations.
Improve your effectiveness through continuous visibility into threats and risk, actionable analysis to guide triage and speed investigations, and orchestration of security remediation. An extensible and distributed design integrates with more than three dozen partners, hundreds of standardized data sources, and industry threat intelligence. McAfee Enterprise Security Manager makes it practical to support your organization’s current and future security and compliance goals.Download Data Sheet Free Trial
Prioritized alerts surface potential threats before they occur while analyzing data for patterns that may indicate a larger threat. Leverage contextual information, such as vendor threat feeds and indicators of compromise (IOCs), for a better understanding of how security events can impact real business processes.
Highly tuned appliances collect, process, and correlate log events from multiple years with other data streams, including STIX-based threat intelligence feeds, at the speed you require. Store billions of events and flows, keeping information available for immediate ad hoc queries, forensics, rules validation, and compliance. Access long-term event data storage to investigate attacks, search for signs of advanced persistent threats (APTs) or IOCs, and remediate failed compliance audits.
An analyst-centric user experience offers increased flexibility, customization, and faster response to investigations. With fast and smart access to threat information, analysts with any level of experience, from beginner to expert, will find it easier to prioritize, investigate, and respond to evolving threats.
Leading independent analysts have evaluated the features and performance of McAfee SIEM solutions.
McAfee Enterprise Security Manager (ESM) can be deployed with physical and virtual appliances. It can also be part of an all-in-one SIEM deployment that includes McAfee Enterprise Log Manager (ELM) and McAfee Event Receiver (ERC). McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.
|Model Number||Appliance Size||Local Storage1||Network Interfaces (10/100/1000)||System Requirements|
|All-in-One SIEM: Enterprise Security Manager, Enterprise Log Manager & Event Receiver|
|ESM-ELM-ERC-VM-8||VM||Recommended 250GB||VM (AWS, ESX, KVM)||8 processor cores, 4GB of memory|
|ESM-ELM-ERC-VM-12||VM||Recommended 500GB+480GB SSD2||VM (AWS, ESX, KVM)||12 processor cores, 64GB of memory|
|ESM-ELM-ERC-4600||2U||3TB + 480GB SSD||23||N/A|
|ESM-ELM-ERC-5600||2U||8TB + 480GB SSD||23||N/A|
|ESM-ELM-ERC-6000||2U||14TB + 480GB SSD||23||N/A|
|Enterprise Security Manager|
|ESM-VM-8||VM||Recommended 250GB||VM (AWS, ESX, KVM)||8 processor cores, 4GB of memory|
|ESM-VM-12||VM||Recommended 500GB+480GB SSD2||VM (AWS, ESX, KVM)||12 processor cores, 64GB of memory|
|ESM-VM-32||VM||Recommended 2TB+800GB SSD2||VM (AWS, ESX, KVM)||32 processor cores, 96GB of memory|
|ESM-5600||2U||8TB + 480GB SSD||23||N/A|
|ESM-6000||2U||14TB + 480GB SSD||23||N/A|
|ESM-X4||2U||14TB + 800GB SSD||23||N/A|
|ESM-X6||2U||14TB +3.2TB SSD||23||N/A|
1Usable event and flow data storage capacity will vary by customer event types, event rates, software version, and other factors.
2Minimum 50K IOPS for SSD; additional storage should be a minimum of 100 IOPS.
3 IPMI: Please note that all McAfee SIEM appliances, except DAS-50 and DAS-100, have IPMI adapters; for ERC HA, IPMI is used for the HA configuration.
Need additional technical resources? Visit the McAfee Expert Center
Many organizations deploy security products from multiple vendors that do not interact with each other. In today’s fast evolving threat landscape, this not only increases operational costs, it increases risk. Evolving security challenges require open, collaborative approaches to detect threats, reduce risk, and ensure compliance. Below is a selection of Security Innovation Alliance partners with McAfee SIEM integrated solutions that allow you to resolve more threats faster with fewer resources.See All SIEM-Integrated Partners