Skip to main content
TrustRadius
Trellix Enterprise Security Manager

Trellix Enterprise Security Manager
Formerly McAfee Enterprise Security Manager

Overview

What is Trellix Enterprise Security Manager?

Trellix Enterprise Security Manager (formerly McAfee Enterprise Security Manager) is security information and event management (SIEM) software.

Read more
Recent Reviews

TrustRadius Insights

McAfee Enterprise Security Manager has proven to be a valuable tool in improving information security processes and minimizing threats to …
Continue reading
TrustRadius Insights
TrustRadius Insights

Best SIEM

10 out of 10
May 23, 2019
Incentivized
McAfee Enterprise Security Manager is easy to use and to maintain, with great results. We use this SIEM because it offers threat …
Continue reading
Read all reviews

Popular Features

View all 13 features
  • Centralized event and log data collection (9)
    8.6
    86%
  • Deployment flexibility (9)
    8.3
    83%
  • Event and log normalization/management (9)
    8.0
    80%
  • Correlation (9)
    7.0
    70%
Return to navigation

Pricing

View all pricing
Trellix Enterprise Security Manager

Trellix Enterprise Security Manager

N/A
Unavailable

What is Trellix Enterprise Security Manager?

Trellix Enterprise Security Manager (formerly McAfee Enterprise Security Manager) is security information and event management (SIEM) software.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

27 people also want pricing

Alternatives Pricing

Trellix Helix

Trellix Helix

Free
What is Trellix Helix?

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Sumo Logic

Sumo Logic

$3
Per GB Logs
What is Sumo Logic?

Sumo Logic is a log management offering from the San Francisco based company of the same name.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.4
Avg 7.8
Return to navigation

Product Details

What is Trellix Enterprise Security Manager?

Trellix Enterprise Security Manager Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Trellix Enterprise Security Manager (formerly McAfee Enterprise Security Manager) is security information and event management (SIEM) software.

Reviewers rate Integration with Identity and Access Management Tools and Custom dashboards and workspaces highest, with a score of 9.3.

The most common users of Trellix Enterprise Security Manager are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(40)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

McAfee Enterprise Security Manager has proven to be a valuable tool in improving information security processes and minimizing threats to cloud services and systems. Users have reported that the product effectively monitors, investigates, and mitigates problems and threats encountered in their environments. With its ability to monitor the performance of various components such as systems, applications, databases, and critical network processes, McAfee Enterprise Security Manager enables users to analyze data for threat detection purposes. This capability has been highly praised by customers who appreciate the product's contribution to their overall security strategy.

Another key use case of the product is its role in deploying full disk encryption, managing HIPS, and ensuring endpoint security across large enterprises. McAfee Enterprise Security Manager is widely utilized by organizations of all sizes, be it small companies or large enterprises in both the private and public sectors. The product's robust features are leveraged by entire office staffs to prevent and identify security threats, resulting in a safer work environment. Furthermore, the SIEM solution serves as an enterprise SIEM across multiple sites and domains, collecting system logs and events for correlation and alerting purposes.

Users have commended McAfee Enterprise Security Manager for its ease of use in day-to-day operations and maintenance. The product is highly regarded for providing excellent results while being relatively straightforward to set up and configure. It offers a range of functionalities such as threat intelligence correlation, analytics, profiling, security alerts, data presentation, and compliance capabilities. The integration with other McAfee tools and log sources has been well-received by users as it simplifies the monitoring of security events while facilitating the identification of incidents and cyber attacks. Overall, McAfee Enterprise Security Manager has established itself as a reliable SIEM solution capable of addressing various security challenges faced by organizations today.

Valuable Threat Intelligence: Users have found Advanced Threat intelligence to be a valuable feature, allowing them to prioritize alerts quickly and efficiently. Several reviewers have stated that it helps in identifying potential threats before they happen.

Highly Praised SIEM Log Collection: The SIEM log collection feature is highly praised by users for its ability to integrate other Intel products into a centralized point, enhancing overall security capabilities. Many users appreciate the convenience and effectiveness of this integration.

Key Advantage of VDI Availability: The availability of ESM as a VDI is considered a key advantage by many organizations. It provides flexibility and easy access for users who have moved away from physical appliances. This feature has been highlighted as beneficial for efficient system accessibility.

Cumbersome Integration Process: Several users have found the integration process into other vendor products to be cumbersome and more difficult compared to other vendor products. They feel that it is not as intuitive and requires additional effort.

Lack of Training for Key Features: Some users have noted a lack of training provided for technology teams to fully understand and utilize the key features of the tools. This can lead to challenges in effectively leveraging the software's capabilities.

Difficulties with Reports Customization: Users have expressed frustration with analyzing and customizing reports. They find it challenging to tailor reports according to their specific needs, indicating a need for improvement in this area.

Attribute Ratings

Reviews

(1-4 of 4)
Companies can't remove reviews or game the system. Here's why
July 28, 2021

McAfee Enterprise Security Manager Secures Your Enterprise!

Verified User
Analyst in Other
Construction Company, 201-500 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
McAfee Enterprise Security Manager is used by our entire office staff. With the help of McAfee Enterprise Security Manager, we have been able to prevent - as well as identify - security threats to our organization. Every computer in our office has McAfee Enterprise Security Manager installed and I believe our office is truly safer as a result.
Pros and Cons
  • Runs on Startup
  • User-Friendly
  • Identifies Threats
  • Customer Outreach
  • IT Support
  • Overall Aesthetic
Likelihood to Recommend
I believe that McAfee Enterprise Security Manager is best-suited for anyone in an office setting with a computer containing sensitive information. McAfee Enterprise Security Manager is constantly working to make sure that your device is free from an threats. Our field workers, however, probably wouldn't have a need for McAfee Enterprise Security Manager. They do not use computers for work and have no sensitive information stored in a work-related cloud.
Trellix Enterprise Security Manager Feature Ratings
Security Information and Event Management (SIEM) (14)
80%
8.0
Centralized event and log data collection
80%
8.0
Correlation
70%
7.0
Event and log normalization/management
80%
8.0
Deployment flexibility
80%
8.0
Integration with Identity and Access Management Tools
90%
9.0
Custom dashboards and workspaces
90%
9.0
Host and network-based intrusion detection
80%
8.0
Log retention
80%
8.0
Data integration/API management
90%
9.0
Behavioral analytics and baselining
80%
8.0
Rules-based and algorithmic detection thresholds
80%
8.0
Response orchestration and automation
70%
7.0
Reporting and compliance management
80%
8.0
Incident indexing/searching
70%
7.0
Return on Investment
  • Fewer Attacks
  • More Peace of Mind when Working
  • Improved Efficiency within the Office Staff
Alternatives Considered
McAfee Enterprise Security Manager is a better option than other security software because it's both inexpensive and extremely effective. Norton and other security software boast a high price tag but don't always back it up when it comes to performance. With McAfee Enterprise Security Manager, I know I'm getting a quality product for a fair price.
December 16, 2019

A robust SIEM solution for medium/large companies

Verified User
Consultant in Professional Services
Computer & Network Security Company, 51-200 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We deploy and sell the McAfee ESM (the SIEM solution) to our clients. We had it deployed in several kinds of companies, from small companies to large organizations. From private sector to public sector. McAfee is used to monitor the events (logs) of the clients and correlate them to generate alerts regarding security threats.
Pros and Cons
  • Good parsing capability
  • Enables integrations
  • The user interface is not the best, it is still based on Flash player (but they have plans to migrate to HTML5).
  • While the "user" interface is pretty straight forward, the management interface is fairly complicated.
Likelihood to Recommend
McAfee is a good solution if you're in a medium/large company and if you're looking for a solution that can be customized and expanded. I also recommend if you have the most common log sources on your environment, since McAfee supports the major log sources (but lack a lot of small vendors).
In my opinion, I wouldn't recommend McAfee for small companies, since it's not that easy to manage and maintain.
Trellix Enterprise Security Manager Feature Ratings
Security Information and Event Management (SIEM) (6)
51.66666666666667%
5.2
Centralized event and log data collection
70%
7.0
Correlation
50%
5.0
Event and log normalization/management
80%
8.0
Deployment flexibility
60%
6.0
Integration with Identity and Access Management Tools
N/A
N/A
Custom dashboards and workspaces
50%
5.0
Return on Investment
  • ESM enables our clients to have visibility of their security incidents
  • ESM (and the ELM) provides support for compliance requirements (such as PCI)
Alternatives Considered
McAfee is not the easiest tool to use. The user interface (specially the admin part) is fairly confusing.
At first, McAfee is very overwhelming and not so easy to understand. However, once you get used to the tool, you get used to the interface and you're able to do pretty much everything that any other SIEM does.
Support Rating
6
Dealing with the McAfee support is a lottery. Sometimes you reach them and it's a really experienced engineer, but sometimes it's a person with no clue on the tool. We had few cases where our internal engineers knew more about the tool than the McAfee support. However, sometimes we get hold of some really good engineers that know the tool from inside out.
Other Software Used
May 29, 2019

Manage you events

NJ
Neil Johnson
CIO (Chief Information Officer)
UK Flooring Direct Ltd. (Consumer Goods, 501-1000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
McAfee Enterprise Security Manager is a powerful SIEM that offers us the comfort of being in compliance with international standards in the domain of information security and helps us to assure security. Correlation of different events from different platforms is very useful and necessary. The integration with another software from McAfee is also very good (EPO, DLP).
Pros and Cons
  • Integration with other software
  • Log sources integration
  • Very user friendly interface
  • Real-time monitoring
  • Pre-defined reports
  • The system requirements are quite demanding
  • No other tool issue or operational issue was identified
Likelihood to Recommend
Collect valuable data from hundreds of types of devices. Events correlation and offenses work very well. Notification in case of an incident also works perfectly. The configuration is easy to customize. With the Content Packs (plugins) the system is flexible for new questions or new situations. Helps in improving visibility of threat actors and helps in further prevention.
Trellix Enterprise Security Manager Feature Ratings
Security Information and Event Management (SIEM) (7)
100%
10.0
Centralized event and log data collection
100%
10.0
Correlation
100%
10.0
Event and log normalization/management
100%
10.0
Deployment flexibility
100%
10.0
Integration with Identity and Access Management Tools
100%
10.0
Custom dashboards and workspaces
100%
10.0
Host and network-based intrusion detection
100%
10.0
Return on Investment
  • Improve security
  • Prevent incidents and attacks
  • Reduce the security and continuity risks
  • Correct and independent management information
Alternatives Considered
We selected McAfee Enterprise Security Manager because the pricing is competitive in the industry. It is very reliable. The vendor offers good support in real time. Offers the results that we have been looking for. The ability to get the logs may be of last 2 years in a matter of seconds. The ability to retain logs for a very long time.
Other Software Used
April 20, 2017

SIEM causing Anger then use Enterprise Security Manager

PC
Philip Clarke
IT Systems/Security Manager
R&Q (Insurance, 201-500 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
McAfee Enterprise Security Manager is used not only for its log collection capabilities but also for its advanced threat intelligence. We are using the product as part of moving into Intel's complete suite of products, where appliance integration will bring a commonality to our incident capabilities and help with faster response times and visibility.
Pros and Cons
  • Advanced Threat intelligence gives us the ability to prioritise alerts quickly and efficiently.
  • SIEM log collection allows us to integrate our other Intel products to a centralised point.
  • Physical appliances is one of the areas we have moved away from, so the ability for ESM to be available as a VDI was key.
  • If there is a requirement to integrate into other vendor products i.e. (log sharing) then this was very cumbersome.
  • Integration of vulnerability scanning that is available in other vendor products would be a good addition.
  • When integrating all of Intel's products a third party consultancy is usually required, where other vendor products can be configured without this additional cost.
Likelihood to Recommend

McAfee Enterprise Security Manager is well placed when the environment has other Intel products. We operate McAfee Move and the two products work extremely well together. The anti-virus product can be very cumbersome if used with another SIEM solution when log collecting.

We have other areas where intel solutions are not in use and in these circumstances we used another well-known SIEM solution that had an easier implementation phase than Intel's and where remote access was challenging.

Trellix Enterprise Security Manager Feature Ratings
Security Information and Event Management (SIEM) (6)
71.66666666666667%
7.2
Centralized event and log data collection
80%
8.0
Correlation
80%
8.0
Event and log normalization/management
80%
8.0
Deployment flexibility
60%
6.0
Integration with Identity and Access Management Tools
70%
7.0
Custom dashboards and workspaces
60%
6.0
Return on Investment
  • Centralisation of events form NIDS/IPS/IDS, Firewall(s), Web Proxy and Endpoint
  • Ability to have third party management
  • Actively upgraded product with good vendor support
Alternatives Considered

We looked at a few products, these were AlienVault, ESM, LogRhythm and Alert Logic.

ESM at the time had more functionality and a friendlier and cleaner user interface than LogRhythm

ESM had an ability to integrate easily into Intel's endpoint solution versus AlienVault where a parser would have to be written, though AlienVault's inclusion of vulnerability management and IDS made it stand out from some of the others.

ESM had a better correlation engine and log drill through than Alert Logic, and in our scenario we were not looking for a hosted solution at the time.

ESM has a good network of partners and in the event a managed service is required the transition to this is made very easily.

Other Software Used
Products Replaced
No
Key Differentiators
  • Product Features
  • Product Usability
  • Existing Relationship with the Vendor
The feature set was important along with usability, but the integration with our other Intel products was a key purchasing decision
Evaluation Lessons Learned
If we had to evaluate again, we would look more closely at what are we trying to achieve and does it make sense to keep some of the other products we already have. A key element is to have a completely integrated suite of products all working in unison, and though this can be achieved by having a multi-vendor environment it is never as clean as a single vendor solution. Also we would look at the outsourcing of certain IT security functions, in the case of SIEM solutions it can make more sense to have this activity outsourced where the third party has a larger scope and more realtime experience of event s that are happening to other clients and can then apply the incident response to all of their customers.
Return to navigation