170

McAfee Enterprise Security, Enterprise Log Manager and Event Receiver 4600

Mfg. Part: ETM-4600-ELMG | CDW Part: 2922321 | UNSPSC: 43222634
$47,994.00SAVE $6,428.18
$41,565.82Advertised Price
Lease Option ($1,124.36 /month) Lease Availability
Close

Have leasing questions? Let us know how can we help.

Note: Leasing is available to organizations only. Leasing is not available to individuals.
800.808.4239
Mon-Fri 7am-7:30pm CT
Availability:In Stock
Ships same day if ordered before 4 PM CT
  • Network monitoring device
  • 2U
  • federal government
  • Associate
  • rack-mountable
View More

Recommended Warranty

Product Overview
Main Features
  • Network monitoring device
  • 2U
  • federal government
  • Associate
  • rack-mountable
McAfee Enterprise Security Manager provides the speed and rich context required to identify critical threats, respond quickly, and easily address compliance requirements. Continuous global threat and enterprise risk feeds deliver adaptive and autonomous risk management, allowing remediation of threats and compliance reporting in minutes instead of hours.

McAfee Enterprise Log Manager automates log management and analysis for all log types, including Windows Event logs, Database logs, Application logs, and Syslogs. Logs are signed and validated, ensuring authenticity and integrity - a necessity for regulatory compliance. Out-of-the-box compliance rule sets and reports make it simple to prove your organization is in compliance and policies are being enforced. Using this tightly integrated log collection, management, and analysis environment will both strengthen your security profile and dramatically improve your ability to comply with over 240 standards, such as PCI DSS, HIPAA/HITECH, NERC-CIP, FISMA, GLBA, and SOX.

McAfee Event Receiver collects third-party events and logs - and performs native network flow collection - faster and more reliably than any other solution.

Technical Specifications
Specifications are provided by the manufacturer. Refer to the manufacturer for an explanation of the print speed and other ratings.
Cabinet
Chassis Built-in Devices: Status LCD

Header
Brand: McAfee
Compatibility: PC
Manufacturer: McAfee Federal Licensing
Model: 4600
Packaged Quantity: 1
Product Line: McAfee Enterprise Security, Enterprise Log Manager and Event Receiver

Miscellaneous
Height (Rack Units): 2
Manufacturer Selling Program: McAfee SecurityAlliance Reseller Partner Program - Associate
Pricing Type: Federal government

Networking
Connectivity Technology: Wired
Features: Event log
Form Factor: Rack-mountable
Type: Network monitoring device

Storage Hard Drive
Capacity: 3 TB

Performance
Type: Collection rate
Value: 1000 events per second

Product Reviews
McAfee Enterprise Security, Enterprise Log Manager and Event Receiver 4600 is rated 3.2 out of 5 by 5.
Rated 3 out of 5 by from The visualization clearly articulates the current and past state of network traffic and correlation rule hits. The API still needs to develop some maturity. Valuable Features:The Dashboard Views are the most valuable feature since it visualizes network and security-related use cases we develop. This visualization clearly articulates the current and past state of network traffic and correlation rule hits.I also value the ability to integrate with third-party threat feeds, including McAfee’s feed, in order to sift through the data to find any anomalies. Through this process, we have further hardened the network security and perimeter security of our clients.Improvements to My Organization:The best way to describe the improvement is within the following areas:* Network Operations. Without visibility of network related issues, we have discovered many routing issues and network noise that could have otherwise been left to consume capacity on our clients networks. We have complete visibility of what has changed and who made changes to network related infrastructure.* Security Operations. We have almost real-time visibility, and with the manner in which we configure alarms, including the processes that we have implemented, we can easily initiate the security incident handling procedures. The threat feeds add a load of value in terms of investigations and through that procedure, we can quite easily remedy web filtering, endpoints, and perimeter firewalls.A specific note on Botnets and Beaconing -- using watchlist for malicious IP addresses, it doesn’t take us long to block communication and clean endpoints.Room for Improvement:The API the product provides still needs to develop some maturity. There is not a lot of documentation available on it. My recommendation for improvement is that the API is developed in such a way to make it more useable for different implementations. I would also recommend looking at advanced views to quickly make visible lateral movements, data staging, and data exfiltration.Use of Solution:I've been using it for three years as a managed security services provider.Deployment Issues:We have had no issues with the deployment.Stability Issues:There have been no issues with the stability.Scalability Issues:We once processed so many logs that we almost ran out of hard drive space. However, all our clients implementations are running smoothly and their health status remain green. My view is that the technology is mature in terms of its design and the manner in which it processes logs. It is easy to configure and easy to use.Technical Support:Very good. We are a Global Intel Security Partner and we seldom have any support issues. The technical engineers from Intel Security are very helpful. There is so much technical documentation available in the community pages that when I started out, it really didn’t take me long to configure my first few dashboards.Previous Solutions:I have used other products before. Having been an endpoint engineer before, there was this feeling of familiarity when I started out using Enterprise Security Manager. The flow for me was the same as with ePO.Initial Setup:I remember the first client I on-boarded and it was pretty straightforward adding data sources. In less than a minute, I could see the events populating on the screen. We developed a custom taxonomy of attacks and related the signature IDs to our own custom taxonomy. We were logging incidents to our helpdesk within the first month to remediate.The lessons learned from other implementations is that you need to have a plan before you just add data sources. There must be an intent and purpose with each data source that you want to add to ESM. Otherwise, you are just collecting events for the purpose of collection.Implementation Team:We implemented it ourselves. The technology is really easy to install, but you need to be cognizant of the events-per-second and be really critical around the type of events that you forward to the ESM appliance, ensure they are useful. From the second implementation, we followed advise by SANS, and now use a “use case” (events of interest) driven approach.ROI:You will definitely get a return on your investment if you develop the correct security management metrics and have decent operational procedures in place to take action on events in ESM. MSSP clients normally get bang for their buck.Other Advice:There is an API available on ESM, which you can use to automate certain tasks to a point. Use the API to pump data into your data warehouse, which you can then start utilizing for data analysis purposes. You can develop your own baselines for user and asset behavior, and start looking at threat-hunting exercises. For the configuration of variables and custom rules, you need to know what you are doing because otherwise you can end up generating more events and useless events.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are a preferred global partner of Intel Security.
Date published: 2017-01-11
Rated 3 out of 5 by from I like the vendor support from McAfee and the overall architecture looks simple. The version I worked on had a bug in the alarm system. Valuable Features:This is the first SIEM product that I have used. My impressions so far are that I like the vendor support from McAfee and the overall architecture looks simple.Improvements to My Organization:I helped a client of ours implement and deploy it.Room for Improvement:The product documentation is good, but could be better. Also a bug-free version would be nice as the version I worked on had a bug in the alarm system.Use of Solution:I've used it for five months.Deployment Issues:We had bug alarm issues during deployment. The bug, I think, was part of the product.Stability Issues:We had no issues with the stability.Scalability Issues:We have had no issues scaling it for our needs.Customer Service:Customer service is very good.Technical Support:Technical support is very good.Initial Setup:The initial setup was straightforward.Implementation Team:You will have a better implementation if you get support from the vendor.Cost and Licensing Advice:Overall, it was expensive, as it has split components.Other Solutions Considered:We have now started using ArcSigh as well. I don't have much experienced with it, but the overall architecture looks similar to McAfee.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2016-11-11
Rated 4 out of 5 by from The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. Valuable Features:The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use.Improvements to My Organization:It's easy to create reports for compliance and for detecting different kinds of attacks and breaches through correlations. This makes the client devices to be more secure.Room for Improvement:The disk space needed for events is not clear. In all clients, we had at least more than 100GB free that we could not use.Use of Solution:I've used it for two-and-a-half years.Deployment Issues:The disk space sizing is very hard and when the version was updated to 9.4 the space needed to store events was cut by half, making it harder to explain to clients who now needed twice as much disk space, with no explanation from the vendor what happened. This was not even in the release notes.I suggest that you configure the data archive prior to deployment because once the partition is detached, it will be deleted and you can lose a weeks-worth of events. You don't know when it will be deleted because even with a lot of space disk the partition is detached.Stability Issues:There have been no issues with the stability.Scalability Issues:There have been no issues scaling.Customer Service:I give customer service a 7 out of 10.Technical Support:I give technical support a 7 out of 10.Previous Solutions:We used HP ArcSight, IBM Q1 Labs, Splunk, and we chose McAfee Enterprise Security Manager because it’s very easy to deploy.Initial Setup:The initial setup is simple and descriptive. It was very straightforward.Implementation Team:We implemented it with our in-house team.ROI:The in-house sales team said McAfee has the best ROI on the market.Cost and Licensing Advice:You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points.Other Advice:Multiple dashboards already createdMore than 200 correlation rules created and available to use on the Correlation EngineMultiple reports already created, ready to use or you can edit themDisclaimer: My company has a business relationship with this vendor other than being a customer:We're partners.
Date published: 2016-07-04
Rated 3 out of 5 by from We now have a better view of our security posture from an external and internal point of view. The reporting could use some improvement. Valuable Features:Dashboards, which can be customized to display alerts and queries, and rules, which trigger alerts, are the most valuable features for us.Improvements to My Organization:We now have a better view of our security posture from an external and internal point of view. We are able to do forensic investigations and stop attacks before they occur.Room for Improvement:The reporting could use some improvement. Also, while the dashboard can be customized to an extent, I'd like to have the ability to do even more customization.Use of Solution:We've used it for two years.Deployment Issues:We've had no deployment issues.Stability Issues:There have been no issues with the stability.Scalability Issues:Scaling it has been fine. We've had no issues with an inability to scale.Technical Support:In our experience, technical support has been good.Previous Solutions:* QRadar* RSA enVisionInitial Setup:Deployment of any of these products is easy. What becomes a daunting task is the creation of use cases and also ensuring that alerts are accurate.Implementation Team:We used an in-house team with a vendor in-office assistant.ROI:Executives don’t see ROI on this solution as the reports are not meant for C-levels.Other Advice:Make sure you know exactly why you are implementing it and what you are going to monitor. Also, ensure that you have all your use cases way before venturing into buying a solution of this nature.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2016-04-26
Rated 3 out of 5 by from I like the vendor support from McAfee and the overall architecture looks simple. The version I worked on had a bug in the alarm system. Valuable Features:This is the first SIEM product that I have used. My impressions so far are that I like the vendor support from McAfee and the overall architecture looks simple.Improvements to My Organization:I helped a client of ours implement and deploy it.Room for Improvement:The product documentation is good, but could be better. Also a bug-free version would be nice as the version I worked on had a bug in the alarm system.Use of Solution:I've used it for five months.Deployment Issues:We had bug alarm issues during deployment. The bug, I think, was part of the product.Stability Issues:We had no issues with the stability.Scalability Issues:We have had no issues scaling it for our needs.Customer Service:Customer service is very good.Technical Support:Technical support is very good.Initial Setup:The initial setup was straightforward.Implementation Team:You will have a better implementation if you get support from the vendor.Cost and Licensing Advice:Overall, it was expensive, as it has split components.Other Solutions Considered:We have now started using ArcSigh as well. I don't have much experienced with it, but the overall architecture looks similar to McAfee.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2016-04-12
  • y_2017, m_2, d_24, h_15
  • bvseo_bulk, prod_bvrr, vn_bulk_0.0
  • cp_1, bvpage1
  • co_hasreviews, tv_0, tr_5
  • loc_en_US, sid_2922321, prod, sort_[SortEntry(order=SUBMISSION_TIME, direction=DESCENDING), SortEntry(order=FEATURED, direction=DESCENDING)]
  • clientName_cdwg
 
Adding to Cart...
2/25/2017 9:50:47 PM
^ Back to Top

Maximum 300 characters
An account manager will email you within one business day to confirm your request.

Your Quote has been submitted

What Happens Next? A confirmation email is on its way. Within one business day, you will be contacted by an Account Manager to finalize your quote.

Error!

Something went wrong.

Please try again later.