McAfee ESM Overview

McAfee ESM is the #11 ranked solution in our list of top Security Information and Event Management (SIEM) tools. It is most often compared to IBM QRadar: McAfee ESM vs IBM QRadar

What is McAfee ESM?

McAfee Enterprise Security Manager - the foundation of the security information and event management (SIEM) solution family from McAfee delivers the performance, actionable intelligence, and real-time situational awareness at the speed and scale required for security organizations to identify, understand, and respond to stealthy threats, while the embedded compliance framework simplifies compliance.

McAfee ESM is also known as NitroSecurity, McAfee Enterprise Security Manager.

McAfee ESM Buyer's Guide

Download the McAfee ESM Buyer's Guide including reviews and more. Updated: May 2021

McAfee ESM Customers

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

McAfee ESM Video

Pricing Advice

What users are saying about McAfee ESM pricing:
  • "The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."
  • "The cost is dependent on the customer's environment and requirements."
  • "McAfee is the right choice for a low-budget solution."
  • "The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."
  • "We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."
  • "The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
  • "We renew our license annually."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Tech Lead at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
A security information and event management solution with a useful search and reporting feature, but cloud integration could be better

What is our primary use case?

We use McAfee ESM for log storage and audit purposes. Security is the base reason, and we do build content for them.

Pros and Cons

  • "The most valuable feature in ESM is its search and reporting feature. It's really nice."
  • "Cloud integration has room for improvement because they're not full-fledged to integrate with the cloud solutions that come. They use different integration platforms to bring in data, and that needs to be improved."

What other advice do I have?

I would tell potential customers that ESM has a feature called all in one box. If a customer is full-fledged on an in-house data center model and has extensive products running on Windows, Linux, and Cisco and it's all sitting on-premises, this is a great option to work with all of them. They have a good set of use cases, reports, and dashboards prebuilt. Right now, people are migrating to different solutions, and security generation is growing very vast, and it's going a step ahead. Everything is coming to the cloud. Everything is fast, and everything is a hybrid network. Because of COVID…
WA
Cyber Security Consultant at a tech services company with 51-200 employees
Consultant
Helpful dashboards for log monitoring, and integrates well with other technologies

What is our primary use case?

We use this solution to provide managed security services. We use loggers at the client site to generate logs for monitoring their devices. We handle the monitoring, administration, and troubleshooting of their endpoints. For some customers, we manage everything, while for other customers we only monitor their critical devices. We are using an on-premises deployment model.

Pros and Cons

  • "This solution integrates easily and very well with other technologies."
  • "We cannot add new data sources to the most recent version."

What other advice do I have?

From my perspective, for anyone with a small or medium-sized business, this is the best solution. It is easy to deploy and it is less, from a cost point of view, than others. I would rate this solution a nine out of ten.
Learn what your peers think about McAfee ESM. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
509,570 professionals have used our research since 2012.
MV
Senior Security Specialist at a manufacturing company with 10,001+ employees
Real User
Top 10
Easy to implement and user-friendly with an easy notification system, but needs better performance, better threat intelligence, and advanced features

What is our primary use case?

We use it for malware detection and authentication or login failures.

Pros and Cons

  • "It is user-friendly. The notification part of McAfee ESM is very easy."
  • "It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee."

What other advice do I have?

It is suitable for a medium-sized company but not for a big company. A medium-sized company that has less than a thousand data sources and doesn't need to correlate different use cases with different scenarios can go for McAfee because it is user-friendly and doesn't require many skills. McAfee will also be the right choice for a low-budget solution. We are almost done with using this solution, and we are not going to use McAfee going forward. McAfee ESM is not able to cope with the advanced features. An army cannot do anything without good weapons in hand, and that's the issue with McAfee…
MA
Information Security Officer at a tech services company with 51-200 employees
MSP
Top 10
It is easy to use and deploy, but it lacks proper support

What is our primary use case?

We use McAfee ESM for IT operations and a few security-related things.

Pros and Cons

  • "It is easy to use and deploy. It comes with user-friendly manuals."
  • "McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."

What other advice do I have?

We are quite happy with the product and its stability, but the problem is the lack of support, which is one of the major issues that we are facing. I really look forward to them providing proper technical support. I would rate McAfee ESM a seven out of ten.
IT Consultant and Project Manager at a government with 1-10 employees
Consultant
Out-of-the-box rules are helpful in monitoring our hybrid-cloud environment

What is our primary use case?

We use this solution to monitor everything in our hybrid-cloud environment. This includes IoT devices and a couple of data centers.

Pros and Cons

  • "We are now able to completely monitor our environment so we can review what is there, which is a big win for us."
  • "I would like to see improvements to the user interface."

What other advice do I have?

I recommend trying this product. This is a quality solution at a fair price. I would rate this solution an eight out of ten.
KS
Information Security Engineer at a financial services firm with 51-200 employees
Real User
Top 10
Good reporting, correlation capability, and user interface

What is our primary use case?

We are a service provider and we implement it for our customers, as well as use it internally. This is a SIEM product that makes up part of our overall security solution.

Pros and Cons

  • "Compared to other solutions, the user interface is good."
  • "The only drawback is that they don't have any packet capturing or network behavior analysis."

What other advice do I have?

The suitability of McAfee ESM is based on the requirements. If a customer is specifically looking for log and event analysis, with the correlations, then this solution is a good choice. If instead, they are looking for network behavior analytics then they should consider IBM QRader or something else. I would rate this solution an eight out of ten.
Operations Manager at a aerospace/defense firm with 5,001-10,000 employees
Real User
Excellent security features with 100% stability and good scalability capabilities

Pros and Cons

  • "The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."
  • "The user interface could be more user-friendly."

What other advice do I have?

I'd rate the solution eight out of ten. If it was more user-friendly, I'd mark it higher. Right now, technical people working on the solution don't understand what it is are trying to communicate in its tabs. As a company, you need to have a certified or experienced McAfee engineer there or on staff to guide you. I'd recommend the product, however. It's a nice, robust product.
Information Security Officer at a healthcare company with 1,001-5,000 employees
Real User
Top 5
Good threat protection and fast support, but it's complex to use

What is our primary use case?

We implement it in our hospital applications.

Pros and Cons

  • "It enables us to detect malicious threats, issues, or vulnerabilities in our network."
  • "We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."

What other advice do I have?

We have just acquired IBM QRadar. It is still in the implementation process. We have not used it. Last January, our Adobe has come to its end of life, and we can not use it anymore. I can recommend this solution. I would rate McAfee ESM a seven out of ten.
See 2 more McAfee ESM Reviews
Buyer's Guide
Download our free McAfee ESM Report and get advice and tips from experienced pros sharing their opinions.