McAfee Enterprise Security Manager (McAfee ESM) Review

If you provide it with the Advanced Correlation Engine and Global Threat Intelligence, you can raise your infrastructure to be a complete advanced SOC.


Valuable Features

Doing Incident analysis in my opinion with ESM is easier than other solutions. There are a lot of ways to build queries and a great filter engine; if you provide ESM with the Advanced Correlation Engine and Global Threat Intelligence you can raise your infrastructure to be a complete advanced SOC.

Improvements to My Organization

I work for a System Integrator.

Room for Improvement

I have almost no complaints with this solution because it's almost a complete solution, but I do hope to have more stability in the next upgrade and to have the interface re-engineered to be HTML5-based rather than Flash-based.

I'd also like some Splunk-like ELM (Log Manager) enterprise functions.

Use of Solution

I've used it for three years, from versions 9.1 to 9.5

Deployment Issues

Yes, sometimes it seems that versions with major upgrades come with some bugs and regressions that affected deployment.

Stability Issues

Yes, sometimes it seems that versions with major upgrades come with some bugs and regressions that affected stability.

Scalability Issues

It has scaled to our needs.

Customer Service and Technical Support

Customer Service:

Customer service is very good and very professional.

Technical Support:

Technical support is very good and very professional.

Previous Solutions

I also work with with RSA and McAfee SIEM solutions.

Initial Setup

If you buy the all-in-one solution (Virtual or Hardware), the setup takes a couple of hours.

Pricing, Setup Cost and Licensing

SIEM is not a Log Manager; ESM is meant for people who need advanced SOC functionality and not only to satisfy compliance rules.

Disclosure: My company has a business relationship with this vendor other than being a customer: We're a partner.
Add a Comment
Guest
Sign Up with Email