McAfee ePolicy Orchestrator (ePO)

McAfee ePolicy Orchestrator (ePO)

Connect. Manage. Automate.

Next Steps:


McAfee ePolicy Orchestrator (McAfee ePO) is the most advanced, extensible, and scalable centralized security management software in the industry. Unifying security management through an open platform, McAfee ePO makes risk and compliance management simpler and more successful for organizations of all sizes. As the foundation of McAfee Security Management Platform, McAfee ePO enables customers to connect industry-leading security solutions to their enterprise infrastructure to increase visibility, gain efficiencies, and strengthen protection.

Customers use McAfee ePO’s flexible automation capabilities to streamline workflows, dramatically reducing the cost and complexity of security and compliance administration.

Security providers and system integrators can extend the reach of their offerings by incorporating their expertise and best practices with the McAfee ePO platform to deliver differentiated solutions.

Only McAfee ePO offers:

End-to-end visibility —Get a unified view of your security posture. Drillable, drag-and-drop dashboards provide security intelligence across endpoints, data, mobile, and networks for immediate insight and faster response times.

Simplified security operations — Streamline workflows for proven efficiencies. Independent studies show McAfee ePO software helps organizations of every size streamline administrative tasks, ease audit fatigue, and reduce security management-related hardware costs.

Flexible management — In addition to traditional premises-based management, a cloud-based management version of ePolicy Orchestrator enables elastic scaling to meet dynamic needs while ensuring you have the latest security measures in place.

An open, extensible architecture — Leverage your existing IT infrastructure. McAfee ePO software connects management of both McAfee and third-party security solutions to your LDAP, IT operations, and configuration management tools.

Features & Benefits

Deploy quickly and easily

Ensure broad-based security and risk management solutions work together to reduce security gaps and complexity. Out-of-the-box, single agent deployment and customizable policy enforcement secure your environment quickly and keep it protected.

Gain efficiencies

Streamline security and compliance workflows with automations and a personalized workspace. The enterprise-class architecture of McAfee ePolicy Orchestrator (ePO) scales for organizations of all sizes, significantly reducing the number of servers to deploy.

Future-proof your security infrastructure

Protect your organization from today’s threats as well as tomorrow’s. Real-time threat intelligence from McAfee Labs proactively guards your infrastructure. The open platform facilitates rapid adoption of security innovations as new threat categories emerge.

System Requirements

Platform Support

  • Server O/S: 64-bit
    • Microsoft Windows Sever 2012 Release 2 (R2)
    • Microsoft Windows Server 2012
    • Windows Server 2008 with SP2 Standard, Enterprise, or Datacenter
    • Windows Server 2008 R2 Standard, Enterprise, or Datacenter
    • Windows Server 2008 for Small Business Premium
    • Microsoft Windows Storage Server 2003
    • Windows Server 2003 with SP2 Standard, Enterprise, or Datacenter
    • Microsoft Windows Server 2003
  • Browser
    • Google Chrome 17 and later
    • Firefox 10.0 and later
    • Firefox 5.x
    • Firefox 4.x
    • Firefox 3.5
    • Firefox 3.6
    • Internet Explorer 9.0 and later
    • Internet Explorer 7.0
    • Internet Explorer 8.0
  • Network Support
    • IPv4
    • IPv6
  • Virtual server
    • VMware ESX/ESXi 5.x and later
    • VMware ESX/ESXi 4.x
    • VMware ESX 3.5.x Update 4
    • Citrix XenServer 6.0
    • Citrix XenServer 5.5 Update 2
    • Windows Server 2012 Hyper-V
    • Windows Server 2008 R2 Hyper-V
    • Windows Server 2008 Hyper-V
  • Database (32-bit and 64-bit)
    • SQL Server 2012 Express
    • SQL Server 2012
    • SQL Server 2008 with SP1/SP2/R2 Standard, Enterprise, Workgroup, Express
    • SQL Server 2005 with SP3 Standard, Enterprise, Workgroup, Express

Additional Requirements

  • 1.5 GB free disk space (2 GB recommended)
  • 1 GB RAM (2-4 GB recommended)
  • Intel Premium 4 Processor or later, 1.3 GHz or faster
  • Monitor: 1024x768, 256 color, VGA
  • NIC: 100 MB or higher
  • File System: NTFS recommended
  • Dedicated server recommended if managing more than 250 systems
  • IP Address: McAfee recommends using a static IP address

Demos / Tutorials


To learn more about the McAfee product listed above, please view the demonstration.


For guidance on how to use this McAfee product, watch the Quick Tips video listed above.

For guidance on how to use ePolicy Orchestrator, watch this Quick Tips video.

Customer Stories

Arab National Bank

Arab National Bank uses McAfee ePolicy Orchestrator (ePO) software to manage endpoint protection across 5,500 endpoints.

  • Reduces manpower required to manage endpoint security from six people to two
  • Accelerates deployment of data loss protection—70 percent faster than competitive solutions faster than competitive solutions
  • Cuts administrative reporting from several days to minutes
  • Saves $152,000 in reduced manual intervention, thanks to integration with third-party security solutions

Bank Central Asia

Bank Central Asia implemented McAfee solutions to protect its network, data, and 20,000 endpoints.

  • Eased compliance with internal and industry regulations.
  • Resulted in time savings with centralized management.
  • Provided integrated solutions to keep computers, the network, and data protected.

Brelje & Race Consulting Engineers

Brelje & Race Makes a Wise Investment

  • IT manager’s time spent configuring and updating individual workstations cut by 90%
  • Centralized management ensures that all workstations are up to date with latest protection
  • Protection running in the background without intruding on employees’ work
  • Comprehensive and centrallymanaged solution for same price as many standalone antivirus products


CEMEX is a global building materials company that produces, distributes, and sells cement, concrete, aggregates, and related building materials and services to customers and communities throughout the Americas, Europe, Africa, Asia, and the Middle East. Based in Monterrey, Mexico, CEMEX employs more than 43,000, with operations in 50 countries spanning four continents. The company is also the world’s leading supplier of ready-mix concrete.

  • Safeguards against zero-day advanced persistent threats without signature updates.
  • Greatly diminishes administrative time, from defining policies to repairing workstations.
  • Protects more than 26,000 endpoints from email, web, and application-generated attacks.
  • Provides streamlined and integrated management of large, global security platform.

City of Chicago

The City of Chicago’s recently formed Information Security Office (ISO) is charged with overseeing cybersecurity across all areas of the city, including critical infrastructure within the water, aviation, and public safety departments.

  • Maximized staff resources.
  • Malware incidents reduced by 2,000%.
  • Centralized management and analysis.
  • Integrated security event logging that captures events throughout the environment.


CSTISA uses McAfee ePolicy Orchestrator (ePO) software as a primary sales tool to sell McAfee Endpoint Protection solutions.

  • Supports year-over-year scalability and business continuity
  • Helps build trust as an IT security advisor to customers
  • Provides expert service to customers, from sales and installation through ongoing support
  • Allows expansion into new markets, such as cloud security services

Deutsche Edelstahlwerke

    Deutsche Edelstahlwerke, the leading German producer of specialty stainless steel products secures thousands of desktops while keeping production systems available with McAfee endpoint solutions.

Eagle Rock Energy

Eagle Rock Energy Partners is an energy company focused on upstream activities, including oil and gas drilling, production, and development. Eagle Rock has working oil and gas properties and development opportunities in the midcontinent area, Permian, and southeast regions of Texas, as well as Oklahoma, Arkansas, Southern Alabama, Mississippi, and Louisiana.

  • Integrated security architecture paves the way for business expansion.
  • Comprehensive threat detection ensures that security events from every source are noted and logged.
  • The combination of McAfee Web Gateway and McAfee Advanced Threat Defense thwarts inbound threats from the Internet.
  • Intrusion prevention monitors both external and internal activity.


Informa used McAfee to centralize and standardize its security infrastructure to better protect against viruses, spyware, spam, pop-ups, and more.

  • Gained fast ROI through solid protection, reasonable pricing, and reduced internal costs
  • Created an environment of easy deployment and administration
  • Protected against malware with augmented malware detection abilities
  • Assured that the entire network is protected
  • Increased control over the security infrastructure

Large Retail Chain

    Large membership warehouse retailer secures virtual business infrastructure from sophisticated threats with McAfee MOVE AntiVirus and McAfee Endpoint Protection Suite.

Macquarie Telecom

McAfee solutions offer integrated protection from distributed denial-of service (DDoS) threats at the Macquarie Telecom perimeter.

  • Fully integrated security platform easily managed from a central dashboard.
  • Visibility and control for clients over their hosted security environments.
  • Competitive advantage through partnership with a trusted technology provider.

MidWestOne Financial Group

McAfee Firewall Enterprise, McAfee Web Gateway, and McAfee Email Gateway provide the foundation for MidWestOne’s Internet security strategy.

  • Comprehensive inbound threat protection and outbound data loss prevention for 250 email users
  • Strong antivirus protection for 550 desktops and laptops
  • Centrally managed security infrastructure through “single pane of glass” with McAfee ePO software
  • Significantly reduces helpdesk calls for spyware infections by half
  • Creates an improved standing with auditors and regulators

Seagate Technology

Seagate uses McAfee Application Control for intellectual property protection.

  • Custom end-user protection to boost employee productivity
  • Increased performance of single-use machines in the factory
  • Malware-free factory environment

State of Alaska

The State of Alaska saved money by consolidating with McAfee products.

  • Saved a projected $3.8 million and improved operational and team efficiency
  • Dramatically improved security posture without increasing headcount
  • Allowed for greater budget predictability with the flexibility to adapt and grow security as needs change

Texas Tech University Health Sciences Center

Texas Tech University Health Sciences Center (TTUHSC) offers programs in medicine, nursing, pharmacy, biomedicine and health sciences.

  • Extensible compliance reporting.
  • Block thousands of attacks.
  • Security audits in minutes.
  • Improve visibility and productivity.

News / Events


Data Sheets

McAfee Rogue System Detection

This data sheet explains how McAfee Rogue System Detection fully integrates with McAfee ePolicy Orchestrator to provide real-time discovery of rogue systems connected to the network to offer greater network visibility and protection.

McAfee ePO Cloud

For a technical summary on the McAfee product integration listed above, please view the product data sheet.

McAfee ePolicy Orchestrator

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Collector Plug-in

For a technical summary on the McAfee product listed above, please view the product data sheet.


SANS Analytics and Intelligence Survey

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

Solution Briefs

Improve Visibility and Control of Endpoints—Including Managed and BYOD

ForeScout CounterACT integrates with McAfee ePO and ESM to provide this information in realtime for both managed and unmanaged hosts.

Create a Least Risk Microsoft Windows Desktop

Avecto Privilege Guard and McAfee ePolicy Orchestrator (ePO) software enable organizations worldwide to deploy secure and compliant desktops—without compromising a user's ability to perform their day to day tasks.

McAfee Security Innovation Alliance Accelerator Program from Accuvant

By leveraging the McAfee Security Innovation Alliance Accelerator Program from Accuvant, you can make your technology more compelling to McAfee customers.

Identify Sensitive Data and Prevent Data Leaks

The interoperability between TITUS Document Classification software and McAfee Data Loss Prevention (DLP) further reduces your risk of data loss by capturing end users’ inherent knowledge about the sensitivity of documents and making that information available to McAfee host and network-based DLP as visual classification labels and corresponding metadata.

Privileged Identity Management

Cyber-Ark Software solutions help reduce data breach risks, meet strict IT compliance and audit requirements, and improve security posture and operational efficiencies on corporate networks, whether on premises or in the cloud. Cyber-Ark delivers privileged password vaulting and user-access control, session recording and auditing, continuous monitoring, and forensics. Cyber-Ark solutions are integrated with McAfee® ePolicy Orchestrator® (McAfee ePO™) software, McAfee® Enterprise Security Manager, and McAfee® Vulnerability Manager.

Identify Threats to Business Performance

The McAfee/Rev2 integration enables you to quickly score, classify, and combine hundreds of thousands of vulnerabilities and highlight the critical few risks.

Extend McAfee Data Protection with Tiversa P2P Breach Protection

This solution enables detection notifications and forensic analysis data to be reported within the McAfee ePolicy Orchestrator (ePO) console.

Integrated Security Management for Unified Communications Applications

The Sipera UC-Sec appliance ensures that the VoIP/UC infrastructure and endpoints (mobile or fixed) are protected and visible to the security manager for the first time with McAfee ePO software.

AccessData: Incident Response and Forensics

Learn about the joint solution that extends AccessData’s forensic analysis technology to McAfee ePolicy Orchestrator software.

Security Event and Log Management

ArcSight’s market-leading log and event management solutions are now integrated with the McAfee ePolicy Orchestrator (ePO) software.

Comprehensive Security Through Visibility

BDNA Discover acts as a comprehensive source of information for the detection of invisible devices on enterprise networks.

Manage Security and Risk based on the Actual State of your Network

Through comprehensive real-time network, device, and user intelligence, Insightix BSA Visibility provides total network visibility to McAfee ePolicy Orchestrator (McAfee ePO) software, enabling effective security and risk management for all devices across your entire network.

McAfee Security Management Platform

The McAfee Security Management Platform combines and refines key aspects of security so IT staff can manage the expanding scale of enterprise security more easily than ever before.

Securing the Virtual Desktop: Removing the Last Barrier to Widespread Adoption

Learn how the McAfee and Citrix partnership enables Citrix XenDesktop customers to extend management of desktop security to virtual environments using the McAfee ePolicy Orchestrator software.

Application Security and Control

Arxan Technologies, a leader in application security and control, has integrated their software security product, GuardIT, with McAfee ePolicy Orchestrator (McAfee ePO) software to provide security check and tampering alert information into the McAfee ePO software management console.

Event Data and Information Management for Security and Compliance

HP Compliance Log Warehouse (CLW) 2.0 works seamlessly across products in the McAfee portfolio to simplify the complexity of IT operations and reporting for governance, risk, and compliance management.

McAfee Compatible Solution: AirPatrol WPM 1.0 and McAfee ePO 4.0

AirPatrol’s Wireless Policy Manager (WPM) is now integrated with McAfee ePolicy Orchestrator (McAfee ePO) software. WPM secures wireless interfaces on enterprise endpoints and empowers IT administrators to easily enforce commonsense rules on governing how employees use their wireless connectivity.

SIEM and Log Management for Converging Network and Security Environments

QRadar intelligently distills large amounts of information from a wide range of sources to augment incident response and compliance validation in McAfee ePolicy Orchestrator (ePO) software, McAfee’s centralized security and compliance management platform.

Virtual Infrastructure Security

Catbird, a pioneer and leader in security and compliance solutions for virtual networks, has integrated its flagship product, V-Security, with network and endpoint systems technologies from McAfee to extend comprehensive security and compliance to the virtual infrastructure.

Automated Security Configuration and Compliance Management

Triumfant detects and analyzes changes and unexpected conditions on endpoints to determine if those changes are problematic to the security, configuration, or performance of assets managed by McAfee ePolicy Orchestrator (ePO).

Optimizing Security Management with McAfee ePolicy Orchestrator

Examine how the McAfee ePolicy Orchestrator platform boosts security, saves time, and lowers costs with a centrally managed solution that enables immediate threat response.

Technology Blueprints

Investigate Data Breaches

McAfee enables enterprises to collect, analyze, and preserve security forensic information. With a solution that includes content- and context-aware SIEM, McAfee provides alerts to security events, as well analysis on how the attacked occurred, affected users, and compromised data — so you can better understand the severity of a security breach.

Achieve Situational Awareness

The McAfee solution has two primary components: McAfee ePolicy Orchestrator (McAfee ePO) software and McAfee Enterprise Security Manager, with additional integrations to extend visibility and control across the entire security and compliance management environment.

Look Inside Network Traffic

The McAfee solution has two primary components: McAfee Firewall Enterprise and McAfee Network Security Platform. The McAfee Firewall and the IPS appliance both have add-on features that can optimize your visibility into the network. McAfee SIEM and other optional products help extend visibility and analytics to more aspects of network traffic.

Living with Social Media

To enable the secure and controlled use of social media in the workplace, McAfee recommends a layered approach, including firewall and data loss prevention (DLP) built around a solid web proxy solution. With McAfee security solutions, enterprises can address bandwidth concerns around the use of social media, encourage the productive use of time among employees, scan for malware, filter HTTPS content, and stop data leakage.

White Papers

Security Management 2.5 – Replacing Your SIEM Yet?

This paper will walk you through the entire process — from soup to nuts — of evaluating, selecting, and deploying a SIEM. It offers pragmatic advice on how to get it done based on years working through this process as both consumers and vendors of SIEM technology. The process is not always painless, but we are certain it will help you avoid foundering on bad technology and inter-office politics. You owe it to yourself and your organization to ask the right questions and to get answers. It is time to slay the sacred cow of your substantial SIEM investment, and to figure out your best path forward.

The Good, the Bad, and the Unknown

Reduce risk from unauthorized applications, gain stronger endpoint control, and live to tell the tale.

SANS Institute: Correlating Event Data for Vulnerability Detection & Remediation

Learn how network attacks can be avoided by utilizing a SIEM platform that combines historical data with real-time data from network sources and security policies to provide context around application usage, user behaviors, and other operations — for better, more accurate reporting.

Log Management—The Foundation for Federal Security and Compliance

In this paper, we will explore the fundamental requirements for a sound log management solution and review some examples of less than optimum product deployments. Finally, we will examine what a US federal agency should be looking for in an extensible log management strategy, and propose a workable solution for tighter integration into and support of an organization’s applicable and prospective security and compliance programs and initiatives.

Need for Speed: Streamlining Response and Reaction to Attacks

Today’s faster, newer and greatly improved malicious user requires a faster, newer and greatly improved response. Smarter attackers require more intelligent countermeasures, including faster and more reliable analysis, to react to security issues.

McAfee ePolicy Orchestrator: Creating an Apache HTTP Repository

This document describes how to configure Apache and Samba running on a Linux operating systems (OS) platform for the purpose of creating an Apache HTTP Repository for McAfee ePolicy Orchestrator. The Apache repository will allow customers to meet the requirement to have a Linux repository.

McAfee Security Management Platform

McAfee Security Management Platform brings a new level of intelligence and automation to the enterprise, effectively interlocking the various components of IT security into a single, overarching, risk-minimizing shield.