McAfee SIEM Resources

Data Sheets

Reports

This report takes a candid look at triggers for considering a new security management platform, walking through each aspect of the decision, and presenting a process to migrate.

The McAfee Enterprise Security Manager (formerly NitroView) line of appliances combines SIM and SEM functions with in-line network monitors, which implement DPI to obtain data and application context and content for security events.

Technology Blueprints

The McAfee solution has two primary components: McAfee Firewall Enterprise and McAfee Network Security Platform. The McAfee Firewall and the IPS appliance both have add-on features that can optimize your visibility into the network. McAfee SIEM and other optional products help extend visibility and analytics to more aspects of network traffic.

McAfee enables enterprises to collect, analyze, and preserve security forensic information. With a solution that includes content- and context-aware SIEM, McAfee provides alerts to security events, as well analysis on how the attacked occurred, affected users, and compromised data — so you can better understand the severity of a security breach.

The McAfee solution has two primary components: McAfee ePolicy Orchestrator (McAfee ePO) software and McAfee Enterprise Security Manager, with additional integrations to extend visibility and control across the entire security and compliance management environment.

White Papers

This white paper examines cyber security issues for industrial control systems with a specific focus on security event monitoring as it applies to industrial control networks such as SCADA.