TrustRadius
McAfee Enterprise Security Manager is security information and event management (SIEM) software, from McAfee / Intel Security.https://dudodiprj2sv7.cloudfront.net/product-logos/S8/xI/CJEBPRPLFXA2.jpegMcAfeeMcAfee ESM, a cautionary tale2018-12-07T18:09:15.100ZMcAfee Enterprise Security Manager (previously called Nitro) is used as an enterprise SIEM across multiple sites and domains. It collects system logs and system events for correlation and alerting. It's a hub for security operations.,McAfee Enterprise Security Manager has a large library of pre-made correlations that reduces the amount of work needed to make it functional.
This is a core McAfee product that is still getting support.
It has a substantial amount of compatibility and integration with other products.,The migration off of Flash has been painful. The new interface is very difficult to work with. Even support tends to fall back to the Flash version.
The GUI is not intuitive under any version. Finding settings takes a significant amount of learning.
While the product is supported, the transitions from various directions have left the future of the product in question. It used to be the interface for IDS, but the new IDS is stand alone.
The way McAfee has dropped products with no warning in the past makes us skeptical of trusting any stated roadmap.,5,For a tool that advertises how many correlations come out of the box, the selling point of easy administration is lost in the difficulty of administration.
The value of the tool being a significant part of the McAfee portfolio is questionable when integrated products are dropped without warning.
I would not put McAfee Enterprise Security Manager in a top three SIEM class, its more like a member of the top 10.,Verified UserSIEM causing Anger then use Enterprise Security Manager2017-04-20T18:54:04.952ZMcAfee Enterprise Security Manager is used not only for its log collection capabilities but also for its advanced threat intelligence. We are using the product as part of moving into Intel's complete suite of products, where appliance integration will bring a commonality to our incident capabilities and help with faster response times and visibility.,Advanced Threat intelligence gives us the ability to prioritise alerts quickly and efficiently.
SIEM log collection allows us to integrate our other Intel products to a centralised point.
Physical appliances is one of the areas we have moved away from, so the ability for ESM to be available as a VDI was key.,If there is a requirement to integrate into other vendor products i.e. (log sharing) then this was very cumbersome.
Integration of vulnerability scanning that is available in other vendor products would be a good addition.
When integrating all of Intel's products a third party consultancy is usually required, where other vendor products can be configured without this additional cost.,8,Centralisation of events form NIDS/IPS/IDS, Firewall(s), Web Proxy and Endpoint
Ability to have third party management
Actively upgraded product with good vendor support,,AlienVault USM, McAfee Endpoint Protection Suite, Microsoft Office 365, IBM Cognos, Zscaler Web Security,No,Product Features
Product Usability
Existing Relationship with the Vendor,If we had to evaluate again, we would look more closely at what are we trying to achieve and does it make sense to keep some of the other products we already have. A key element is to have a completely integrated suite of products all working in unison, and though this can be achieved by having a multi-vendor environment it is never as clean as a single vendor solution. Also we would look at the outsourcing of certain IT security functions, in the case of SIEM solutions it can make more sense to have this activity outsourced where the third party has a larger scope and more realtime experience of event s that are happening to other clients and can then apply the incident response to all of their customers.Philip ClarkeESM is great, McAfee AV, not so much2017-04-12T21:21:23.423ZMcAfee Enterprise Security Manager was used to deploy full disk encryption to sensitive end points, manage the HIPS, and end point security across the enterprise of 5000 + endpoints.,It is a great central management tool with great reports and dashboards.
It can easily show devices out of compliance.
ESM is easy to manage and maintain.,Some tools it manages lack features.
ESM can have some issues with upgrading.
MFA support is needed.,7,McAfee Antivirus is not a leader in the field and I don't recommend this product.
HIPS and Encryption are easy to manage.
Great tool for enterprise deployments.,,Palo Alto Networks WildFire, HP ArcsightAlex Waitkus, CISSP-ISSAP, OSCP
Unspecified
McAfee Enterprise Security Manager
22 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
