McAfee Event Receiver

McAfee Event Receiver appliances are responsible for the collection of log and event information from hundreds of third-party devices including firewalls, IDS/IPS devices, UTMs, switches, routers, applications, servers and workstations, identity and authentication systems, vulnerability assessment scanners, and more. McAfee Event Receiver uses a variety of collection methods including passive log collection, authenticated log collection, CEF, OPSEC, SDEE, XML, ODBC, as well as an encrypted collection validated to FIPS 140-2 Level 2.

Robust collection, powerful correlation — When a McAfee Event Receiver collects an event, it parses all relevant details into a fully normalized event taxonomy, and then provides full correlation against all events to detect larger incidents. McAfee Event Receiver correlates events collected by other distributed receivers for system-wide threat detection.

Flexible collection architecture — McAfee Enterprise Security Manager supports fully centralized “all-in-one” event collection and management, or fully distributed event collection using dedicated Event Receiver appliances, rated for several thousand to tens of thousands of events per second.

High reliability — Deploy McAfee Event Receiver redundantly for maximum reliability without any risk of data loss.

McAfee ERC-4600

McAfee Event Receiver collects third-party logs, events, and data for correlation and analysis by McAfee Enterprise Security Manager

  • Collection Rates: 20,000 events per second
  • Analytical Performance: N/A
  • Local Storage: 3 TB

McAfee ERC-3450

McAfee Event Receiver collects third-party logs, events, and data for correlation and analysis by McAfee Enterprise Security Manager

  • Collection Rates: 15,000 events per second
  • Analytical Performance: N/A
  • Local Storage: 1.8 TB

McAfee ERC-2600

McAfee Event Receiver collects third-party logs, events, and data for correlation and analysis by McAfee Enterprise Security Manager

  • Collection Rates: 10,000 events per second
  • Analytical Performance: N/A
  • Local Storage: 1.8 TB

McAfee ERC-1250

McAfee Event Receiver collects third-party logs, events, and data for correlation and analysis by McAfee Enterprise Security Manager

  • Collection Rates: 5,000 events per second
  • Analytical Performance: N/A
  • Local Storage: 1 TB

 McAfee Event Receiver Features

Get immediate access to data

Preserve and store all details of parsed and correlated events in a highly indexed database for fast retrieval and analysis.

Leverage flexible deployment options

Make highly distributed deployment easier and more cost effective with virtual appliances.

Retain and collect large amounts of security data

Collect over 20,000 events per second with a single McAfee Event Receiver. Every Event Receiver caches all collected data locally to preserve data in the event of a network communication error or outage.