McAfee ePolicy Orchestrator (ePO)

McAfee ePolicy Orchestrator (ePO)

Connect. Manage. Automate.

Next Steps:


McAfee ePolicy Orchestrator (McAfee ePO) is the most advanced, extensible, and scalable centralized security management software in the industry. Unifying security management through an open platform, McAfee ePO makes risk and compliance management simpler and more successful for organizations of all sizes. As the foundation of McAfee Security Management Platform, McAfee ePO enables customers to connect industry-leading security solutions to their enterprise infrastructure to increase visibility, gain efficiencies, and strengthen protection.

Customers use McAfee ePO’s flexible automation capabilities to streamline workflows, dramatically reducing the cost and complexity of security and compliance administration.

Security providers and system integrators can extend the reach of their offerings by incorporating their expertise and best practices with the McAfee ePO platform to deliver differentiated solutions.

Only McAfee ePO offers:

End-to-end visibility —Get a unified view of your security posture. Drillable, drag-and-drop dashboards provide security intelligence across endpoints, data, mobile, and networks for immediate insight and faster response times.

Simplified security operations — Streamline workflows for proven efficiencies. Independent studies show McAfee ePO software helps organizations of every size streamline administrative tasks, ease audit fatigue, and reduce security management-related hardware costs.

Flexible management — In addition to traditional premises-based management, a cloud-based management version of ePolicy Orchestrator enables elastic scaling to meet dynamic needs while ensuring you have the latest security measures in place.

An open, extensible architecture — Leverage your existing IT infrastructure. McAfee ePO software connects management of both McAfee and third-party security solutions to your LDAP, IT operations, and configuration management tools.

Features & Benefits

Deploy quickly and easily

Ensure broad-based security and risk management solutions work together to reduce security gaps and complexity. Out-of-the-box, single agent deployment and customizable policy enforcement secure your environment quickly and keep it protected.

Gain efficiencies

Streamline security and compliance workflows with automations and a personalized workspace. The enterprise-class architecture of McAfee ePolicy Orchestrator (ePO) scales for organizations of all sizes, significantly reducing the number of servers to deploy.

Future-proof your security infrastructure

Protect your organization from today’s threats as well as tomorrow’s. Real-time threat intelligence from McAfee Labs proactively guards your infrastructure. The open platform facilitates rapid adoption of security innovations as new threat categories emerge.

System Requirements

Platform Support

  • Server O/S: 64-bit
    • Microsoft Windows Sever 2012 Release 2 (R2)
    • Microsoft Windows Server 2012
    • Windows Server 2008 with SP2 Standard, Enterprise, or Datacenter
    • Windows Server 2008 R2 Standard, Enterprise, or Datacenter
    • Windows Server 2008 for Small Business Premium
    • Microsoft Windows Storage Server 2003
    • Windows Server 2003 with SP2 Standard, Enterprise, or Datacenter
    • Microsoft Windows Server 2003
  • Browser
    • Google Chrome 17 and later
    • Firefox 10.0 and later
    • Firefox 5.x
    • Firefox 4.x
    • Firefox 3.5
    • Firefox 3.6
    • Internet Explorer 9.0 and later
    • Internet Explorer 7.0
    • Internet Explorer 8.0
  • Network Support
    • IPv4
    • IPv6
  • Virtual server
    • VMware ESX/ESXi 5.x and later
    • VMware ESX/ESXi 4.x
    • VMware ESX 3.5.x Update 4
    • Citrix XenServer 6.0
    • Citrix XenServer 5.5 Update 2
    • Windows Server 2012 Hyper-V
    • Windows Server 2008 R2 Hyper-V
    • Windows Server 2008 Hyper-V
  • Database (32-bit and 64-bit)
    • SQL Server 2012 Express
    • SQL Server 2012
    • SQL Server 2008 with SP1/SP2/R2 Standard, Enterprise, Workgroup, Express
    • SQL Server 2005 with SP3 Standard, Enterprise, Workgroup, Express

Additional Requirements

  • 1.5 GB free disk space (2 GB recommended)
  • 1 GB RAM (2-4 GB recommended)
  • Intel Premium 4 Processor or later, 1.3 GHz or faster
  • Monitor: 1024x768, 256 color, VGA
  • NIC: 100 MB or higher
  • File System: NTFS recommended
  • Dedicated server recommended if managing more than 250 systems
  • IP Address: McAfee recommends using a static IP address

Demos / Tutorials


To learn more about the McAfee product listed above, please view the demonstration.


For guidance on how to use this McAfee product, watch the Quick Tips video listed above.

For guidance on how to use ePolicy Orchestrator, watch this Quick Tips video.

Customer Stories

Arab National Bank

Arab National Bank, one of the largest banks in the Middle East, relies on McAfee data protection and endpoint security solutions to protect sensitive data across multiple locations and comply with financial regulations.

  • Reduces manpower required to manage endpoint security from six people to two
  • Accelerates deployment of data loss protection—70 percent faster than competitive solutions
  • Cuts administrative reporting from several days to minutes
  • Saves $152,000 in reduced manual intervention, thanks to integration with third-party security solutions

Bank Central Asia

Bank Central Asia, a regional public bank in Indonesia, centralizes security management with McAfee ePolicy Orchestrator.

  • Eased compliance with internal and industry regulations.
  • Resulted in time savings with centralized management.
  • Provided integrated solutions to keep computers, the network, and data protected.

Berkshire Health Systems

Berkshire Health Systems secures PCs, laptops, servers, and patient data with endpoint security, email security, and data protection solutions from McAfee.

  • Removed email management burden and frees up several hours each week
  • Simplified security administration and system management of 3,700 machines
  • Provided comprehensive control of sensitive information to eliminate data loss
  • Allowed a small IT staff complete visibility into all endpoints and data
  • Afforded significant time savings due to centralized management and automated tasks

Brelje & Race Consulting Engineers

This small business centralizes antivirus security management with McAfee ePolicy Orchestrator, saving time for the company's security administrator.

  • IT manager’s time spent configuring and updating individual workstations cut by 90%
  • Centralized management ensures that all workstations are up to date with latest protection
  • Protection running in the background without intruding on employees’ work
  • Comprehensive and centrallymanaged solution for same price as many standalone antivirus products

California Department of Corrections and Rehabilitation (CDCR)

Leveraging the Security Connected strategy, the California Department of Corrections and Rehabilitation implemented SIEM, network IPS, data protection, and endpoint security solutions to secure its distributed IT environment over 37 locations.

  • Compliance with policy standards.
  • Dashboards enable centralized security management and provide easy access for executive reporting.


CEMEX adopts a Security Connected approach to safeguard endpoint and network security and improve visibility.

  • Safeguards against zero-day advanced persistent threats without signature updates.
  • Greatly diminishes administrative time, from defining policies to repairing workstations.
  • Protects more than 26,000 endpoints from email, web, and application-generated attacks.
  • Provides streamlined and integrated management of large, global security platform.


Cognizant centralizes its security environment with a single-vendor solution from McAfee that unifies endpoint security and provides better security visibility across the organization.

  • Easily demonstrated compliance with complex government regulations and client requirements
  • Centralized view into entire security environment eases deployment, reporting and management
  • Maximum confidence and trust from key stakeholders

CSS Corp

CSS Corp., a long-time endpoint security customer, added network IPS and centralized management to further reduce security threats and improve network performance.

  • Provided centralized management, control, and reporting on overall functioning of security environment
  • Ensured compliance with ISO277001 and PCI DSS
  • Contributed to network availability to meet SLAs
  • Maintained comprehensive protection from external and internal security threats


This Dominican Republic-based reseller of IT services relies on a portfolio of on-premises and cloud-based McAfee endpoint and data protection solutions to serve its base of SMB customers.

  • Supports year-over-year scalability and business continuity
  • Helps build trust as an IT security advisor to customers
  • Provides expert service to customers, from sales and installation through ongoing support
  • Allows expansion into new markets, such as cloud security services

Deutsche Edelstahlwerke

Deutsche Edelstahlwerke, the leading German producer of specialty stainless steel products, secures thousands of desktops while keeping production systems available with McAfee endpoint solutions.

Eagle Rock Energy

Eagle Rock strengthens its security infrastructure with the addition of new security management and network security solutions.

  • Integrated security architecture paves the way for business expansion.
  • Comprehensive threat detection ensures that security events from every source are noted and logged.
  • The combination of McAfee Web Gateway and McAfee Advanced Threat Defense thwarts inbound threats from the Internet.
  • Intrusion prevention monitors both external and internal activity.


Informa standardized its security with a single vendor, reducing costs and increasing protection against various types of malware.

  • Gained fast ROI through solid protection, reasonable pricing, and reduced internal costs
  • Created an environment of easy deployment and administration
  • Protected against malware with augmented malware detection abilities
  • Assured that the entire network is protected
  • Increased control over the security infrastructure


This Mexican government agency protects endpoints and secures critical data with a range of McAfee solutions.

Large Oil Company

McAfee protects critical infrastructure in multiple locations for this large oil company in the Middle East.

  • Secures both critical and business infrastructures and securely transfers data between them
  • Saves millions of dollars by preventing production disruptions
  • Provides the benefits of digital/smart oil drilling with confidence

Macquarie Telecom

This leading Australian hosted IT provider drives a growing managed services business with Security Connected.

  • Fully integrated security platform easily managed from a central dashboard.
  • Visibility and control for clients over their hosted security environments.
  • Competitive advantage through partnership with a trusted technology provider.

MidWestOne Financial Group

This community bank has built a strong security foundation and continues to protect customer data from emerging threats with McAfee solutions.

  • Comprehensive inbound threat protection and outbound data loss prevention for 250 email users
  • Strong antivirus protection for 550 desktops and laptops
  • Centrally managed security infrastructure through “single pane of glass” with McAfee ePO software
  • Significantly reduces helpdesk calls for spyware infections by half
  • Creates an improved standing with auditors and regulators

San Francisco Police Credit Union

McAfee security management solutions keep this San Francisco-based financial company compliant.

  • Faster, easier compliance with GLBA and NCUA Part 748.
  • Automated and on-demand reporting.
  • Fast troubleshooting and remediation.
  • Comprehensive security management without increasing headcount.

Seagate Technology

McAfee Application Control protects Seagate's intellectual property and complex IT environment.

  • Custom end-user protection to boost employee productivity
  • Increased performance of single-use machines in the factory
  • Malware-free factory environment

State of Alaska

The state of Alaska utilizes McAfee's product portfolio to protect data centers and networks across 16 state agencies, saving $3.8 million.

  • Saved a projected $3.8 million and improved operational and team efficiency
  • Dramatically improved security posture without increasing headcount
  • Allowed for greater budget predictability with the flexibility to adapt and grow security as needs change

State of Colorado

McAfee SIEM solutions help the state of Colorado meet compliance requirements and remain cost effective.

  • Aggressively achieved first five controls per set goal
  • Ability to administer virus scans and obtain software inventory with McAfee ePO software
  • Vulnerability ranking within McAfee Enterprise Security Manager allows for more immediate and effective remediation

Sutherland Global Services

The McAfee Security Connected framework drives compliance and protects 24,000 endpoints for this consulting company.

  • Virus attacks are virtually nonexistent throughout the globally distributed enterprise.
  • Central McAfee ePO console enables global management of entire IT infrastructure by only a two-person IT staff.
  • Industry-leading reporting tools facilitate compliance.
  • Automatic updates improve operational efficiency and ease burden on IT staff.
  • McAfee updates and notifications enable proactive response to threats.

Sysec Ltd.

U.K. partner Sysec gains 30% year-over-year growth by selling the complete McAfee solution portfolio.

Walnut Valley Unified School District

McAfee's innovative prevent, detect, respond approach to threats secures customers' networks, systems, and data.

  • Prevented students from using encrypted traffic and anonymizers to circumvent the web filtering system
  • Enabled school to receive E-Rate funding
  • Made it easy to implement user-based web usage policies and to grant temporary or permanent exceptions
  • Provided granular reporting and audit capabilities, including tracing user activity and trends


Data Sheets

McAfee ePolicy Orchestrator

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Rogue System Detection

This data sheet explains how McAfee Rogue System Detection fully integrates with McAfee ePolicy Orchestrator to provide real-time discovery of rogue systems connected to the network to offer greater network visibility and protection.

McAfee ePO Cloud

For a technical summary on the McAfee product integration listed above, please view the product data sheet.

McAfee Collector Plug-in

For a technical summary on the McAfee product listed above, please view the product data sheet.


SANS Analytics and Intelligence Survey

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

Solution Briefs

Improve Visibility and Control of Endpoints—Including Managed and BYOD

ForeScout CounterACT integrates with McAfee ePO and ESM to provide this information in realtime for both managed and unmanaged hosts.

Create a Least Risk Microsoft Windows Desktop

Avecto Privilege Guard and McAfee ePolicy Orchestrator (ePO) software enable organizations worldwide to deploy secure and compliant desktops—without compromising a user's ability to perform their day to day tasks.

McAfee Security Innovation Alliance Accelerator Program from Accuvant

By leveraging the McAfee Security Innovation Alliance Accelerator Program from Accuvant, you can make your technology more compelling to McAfee customers.

Combat and Mitigate Cyberattacks

Stream the latest threat data and alerts on compromised networks directly to the McAfee ePO console to block future malicious communications.

Identify Sensitive Data and Prevent Data Leaks

The interoperability between TITUS Document Classification software and McAfee Data Loss Prevention (DLP) further reduces your risk of data loss by capturing end users’ inherent knowledge about the sensitivity of documents and making that information available to McAfee host and network-based DLP as visual classification labels and corresponding metadata.

Privileged Identity Management

Cyber-Ark Software solutions help reduce data breach risks, meet strict IT compliance and audit requirements, and improve security posture and operational efficiencies on corporate networks, whether on premises or in the cloud. Cyber-Ark delivers privileged password vaulting and user-access control, session recording and auditing, continuous monitoring, and forensics. Cyber-Ark solutions are integrated with McAfee® ePolicy Orchestrator® (McAfee ePO™) software, McAfee® Enterprise Security Manager, and McAfee® Vulnerability Manager.

Identify Threats to Business Performance

The McAfee/Rev2 integration enables you to quickly score, classify, and combine hundreds of thousands of vulnerabilities and highlight the critical few risks.

Extend McAfee Data Protection with Tiversa P2P Breach Protection

This solution enables detection notifications and forensic analysis data to be reported within the McAfee ePolicy Orchestrator (ePO) console.

Integrated Security Management for Unified Communications Applications

The Sipera UC-Sec appliance ensures that the VoIP/UC infrastructure and endpoints (mobile or fixed) are protected and visible to the security manager for the first time with McAfee ePO software.

AccessData: Incident Response and Forensics

Learn about the joint solution that extends AccessData’s forensic analysis technology to McAfee ePolicy Orchestrator software.

Security Event and Log Management

ArcSight’s market-leading log and event management solutions are now integrated with the McAfee ePolicy Orchestrator (ePO) software.

Comprehensive Security Through Visibility

BDNA Discover acts as a comprehensive source of information for the detection of invisible devices on enterprise networks.

Manage Security and Risk based on the Actual State of your Network

Through comprehensive real-time network, device, and user intelligence, Insightix BSA Visibility provides total network visibility to McAfee ePolicy Orchestrator (McAfee ePO) software, enabling effective security and risk management for all devices across your entire network.

McAfee Security Management Platform

The McAfee Security Management Platform combines and refines key aspects of security so IT staff can manage the expanding scale of enterprise security more easily than ever before.

Securing the Virtual Desktop: Removing the Last Barrier to Widespread Adoption

Learn how the McAfee and Citrix partnership enables Citrix XenDesktop customers to extend management of desktop security to virtual environments using the McAfee ePolicy Orchestrator software.

Application Security and Control

Arxan Technologies, a leader in application security and control, has integrated their software security product, GuardIT, with McAfee ePolicy Orchestrator (McAfee ePO) software to provide security check and tampering alert information into the McAfee ePO software management console.

Event Data and Information Management for Security and Compliance

HP Compliance Log Warehouse (CLW) 2.0 works seamlessly across products in the McAfee portfolio to simplify the complexity of IT operations and reporting for governance, risk, and compliance management.

McAfee Compatible Solution: AirPatrol WPM 1.0 and McAfee ePO 4.0

AirPatrol’s Wireless Policy Manager (WPM) is now integrated with McAfee ePolicy Orchestrator (McAfee ePO) software. WPM secures wireless interfaces on enterprise endpoints and empowers IT administrators to easily enforce commonsense rules on governing how employees use their wireless connectivity.

SIEM and Log Management for Converging Network and Security Environments

QRadar intelligently distills large amounts of information from a wide range of sources to augment incident response and compliance validation in McAfee ePolicy Orchestrator (ePO) software, McAfee’s centralized security and compliance management platform.

Virtual Infrastructure Security

Catbird, a pioneer and leader in security and compliance solutions for virtual networks, has integrated its flagship product, V-Security, with network and endpoint systems technologies from McAfee to extend comprehensive security and compliance to the virtual infrastructure.

Automated Security Configuration and Compliance Management

Triumfant detects and analyzes changes and unexpected conditions on endpoints to determine if those changes are problematic to the security, configuration, or performance of assets managed by McAfee ePolicy Orchestrator (ePO).

Optimizing Security Management with McAfee ePolicy Orchestrator

Examine how the McAfee ePolicy Orchestrator platform boosts security, saves time, and lowers costs with a centrally managed solution that enables immediate threat response.

Technology Blueprints

Investigate Data Breaches

McAfee enables enterprises to collect, analyze, and preserve security forensic information. With a solution that includes content- and context-aware SIEM, McAfee provides alerts to security events, as well analysis on how the attacked occurred, affected users, and compromised data — so you can better understand the severity of a security breach.

Achieve Situational Awareness

The McAfee solution has two primary components: McAfee ePolicy Orchestrator (McAfee ePO) software and McAfee Enterprise Security Manager, with additional integrations to extend visibility and control across the entire security and compliance management environment.

Look Inside Network Traffic

The McAfee solution has two primary components: McAfee Firewall Enterprise and McAfee Network Security Platform. The McAfee Firewall and the IPS appliance both have add-on features that can optimize your visibility into the network. McAfee SIEM and other optional products help extend visibility and analytics to more aspects of network traffic.

Living with Social Media

To enable the secure and controlled use of social media in the workplace, McAfee recommends a layered approach, including firewall and data loss prevention (DLP) built around a solid web proxy solution. With McAfee security solutions, enterprises can address bandwidth concerns around the use of social media, encourage the productive use of time among employees, scan for malware, filter HTTPS content, and stop data leakage.

White Papers

Security Management 2.5 – Replacing Your SIEM Yet?

This paper will walk you through the entire process — from soup to nuts — of evaluating, selecting, and deploying a SIEM. It offers pragmatic advice on how to get it done based on years working through this process as both consumers and vendors of SIEM technology. The process is not always painless, but we are certain it will help you avoid foundering on bad technology and inter-office politics. You owe it to yourself and your organization to ask the right questions and to get answers. It is time to slay the sacred cow of your substantial SIEM investment, and to figure out your best path forward.

The Good, the Bad, and the Unknown

Reduce risk from unauthorized applications, gain stronger endpoint control, and live to tell the tale.

SANS Institute: Correlating Event Data for Vulnerability Detection & Remediation

Learn how network attacks can be avoided by utilizing a SIEM platform that combines historical data with real-time data from network sources and security policies to provide context around application usage, user behaviors, and other operations — for better, more accurate reporting.

Log Management—The Foundation for Federal Security and Compliance

In this paper, we will explore the fundamental requirements for a sound log management solution and review some examples of less than optimum product deployments. Finally, we will examine what a US federal agency should be looking for in an extensible log management strategy, and propose a workable solution for tighter integration into and support of an organization’s applicable and prospective security and compliance programs and initiatives.

Need for Speed: Streamlining Response and Reaction to Attacks

Today’s faster, newer and greatly improved malicious user requires a faster, newer and greatly improved response. Smarter attackers require more intelligent countermeasures, including faster and more reliable analysis, to react to security issues.

McAfee ePolicy Orchestrator: Creating an Apache HTTP Repository

This document describes how to configure Apache and Samba running on a Linux operating systems (OS) platform for the purpose of creating an Apache HTTP Repository for McAfee ePolicy Orchestrator. The Apache repository will allow customers to meet the requirement to have a Linux repository.

McAfee Security Management Platform

McAfee Security Management Platform brings a new level of intelligence and automation to the enterprise, effectively interlocking the various components of IT security into a single, overarching, risk-minimizing shield.