McAfee Database Event Monitor for SIEM

Know who is accessing your data and why

McAfee Database Event Monitor for SIEM provides a complete audit trail of all database activities, including queries, results, authentication activity, and privilege escalations.

  • Consolidate database activity into a central audit repository and provide normalization, correlation, analysis, and reporting.
  • Support your expanding compliance auditing and reporting requirements and enhance security operations.
  • Use a passive network-based database log monitor for zero impact on database performance.
  • Full integration with McAfee Enterprise Security Manager enables database transactions for event correlation and other advanced SIEM activities.

Detailed security logging of databases and applications

Expand visibility into each transaction

Maintain full session details of all transactions, so you can easily see what happened before and after any given transaction—from login to logout.

Advance risk and threat detection

Analyze all monitored activity against a customizable set of policy rules and receive alerts on all suspicious activity. Anomaly-based detection indicates abnormal user activity, queries, and other out-of-place behavior.

Detect and classify databases

Discover all database instances, including unknown or rogue databases, and identify which databases are storing credit cards, social security numbers, or other sensitive data.

Reconstruct sessions with one click

Speed database event investigations by viewing an entire session—from login to logout—with a single mouse click.

Automate compliance processes

Use policy-based detection rules and compliance reports for PCI DSS, HIPAA, and NERC-CIP. McAfee Database Event Monitor for SIEM delivers compliant storage and masking of sensitive data in activity logs.


Resources


System Requirements

McAfee Database Event Monitor requires McAfee Enterprise Security Manager (ESM) and can be deployed as a physical appliance. McAfee SIEM appliance specifications and descriptions are provided for information only, subject to change without notice, and provided without warranty of any kind, expressed or implied.

Model Numbers Maximum EPS Appliance Size Local Storage Network Interfaces (10/100/1000) System Requirements
DEM-2600 5,000 2U 1.8TB 2 + 4 monitoring ports Requires ESM
DEM-4600 15,000 2U 3TB 2 + 8 monitoring ports Requires ESM

Related Products

McAfee Enterprise Security Manager, the core product in our SIEM portfolio, seamlessly integrates with our other SIEM solutions, offering deeper insights in data management, advanced correlation, dedicated database and application monitoring, as well as McAfee Global Threat Intelligence.

McAfee Enterprise Security Manager

McAfee Enterprise Security Manager delivers a real-time understanding of the world outside—threat data, reputation feeds, and vulnerability status—as well as a view of the systems, data, risks, and activities inside your enterprise.

As the foundation of our security information and event management (SIEM) solution, McAfee Enterprise Security Manager delivers the performance, actionable intelligence, and real-time situational awareness required for organizations to identify, understand, and respond to stealthy threats, while the embedded compliance framework simplifies compliance.
 
McAfee Advanced Correlation Engine

McAfee Advanced Correlation Engine

Deploy McAfee Advanced Correlation Engine with McAfee Enterprise Security Manager to identify and score threat events in real time using both rule- and risk-based logic. You tell McAfee Advanced Correlation Engine what you value—users or groups, applications, specific servers, or subnets—and it will alert you if the asset is threatened.

Read more

McAfee Application Data Monitor

McAfee Application Data Monitor

Advance security and compliance beyond log management by monitoring all the way to the application layer to detect fraud, data loss, and advanced threats. This SIEM tool supports accurate analysis of real application use, while enforcing policies and detecting malicious, covert traffic.

Read more

McAfee Database Event Monitor for SIEM

McAfee Database Event Monitor for SIEM

Get a complete audit trail of all database activities, including queries, results, authentication activity, and privilege escalations, widening your visibility into who’s accessing your data and why.

Read more

McAfee Event Receiver

McAfee Event Receiver

Collect up to tens of thousands of events per second with a single receiver, and use a highly indexed database to quickly retrieve data and analysis.

Read more

McAfee Enterprise Log Manager

McAfee Enterprise Log Manager

Reduce compliance costs with automated log collection, storage, and management. Collect, compress, sign, and store all original events with a clear audit trail of activity that can’t be repudiated.

Read more

McAfee Global Threat Intelligence for Enterprise Security Manager

McAfee Global Threat Intelligence for Enterprise Security Manager

Enhance your SIEM deployment with a constantly updated threat intelligence feed that broadens situational awareness by enabling rapid discovery of events involving communications with suspicious or malicious IPs.

Read more