McAfee ePolicy Orchestrator (ePO)

McAfee ePolicy Orchestrator (ePO)

Connect. Manage. Automate.

Next Steps:


McAfee ePolicy Orchestrator (McAfee ePO) is the most advanced, extensible, and scalable centralized security management software in the industry. Unifying security management through an open platform, McAfee ePO makes risk and compliance management simpler and more successful for organizations of all sizes. As the foundation of McAfee Security Management Platform, McAfee ePO enables customers to connect industry-leading security solutions to their enterprise infrastructure to increase visibility, gain efficiencies, and strengthen protection.

Customers use McAfee ePO’s flexible automation capabilities to streamline workflows, dramatically reducing the cost and complexity of security and compliance administration.

Security providers and system integrators can extend the reach of their offerings by incorporating their expertise and best practices with the McAfee ePO platform to deliver differentiated solutions.

Only McAfee ePO offers:

End-to-end visibility —Get a unified view of your security posture. Drillable, drag-and-drop dashboards provide security intelligence across endpoints, data, mobile, and networks for immediate insight and faster response times.

Simplified security operations — Streamline workflows for proven efficiencies. Independent studies show McAfee ePO software helps organizations of every size streamline administrative tasks, ease audit fatigue, and reduce security management-related hardware costs.

Flexible management — In addition to traditional premises-based management, a cloud-based management version of ePolicy Orchestrator enables elastic scaling to meet dynamic needs while ensuring you have the latest security measures in place.

An open, extensible architecture — Leverage your existing IT infrastructure. McAfee ePO software connects management of both McAfee and third-party security solutions to your LDAP, IT operations, and configuration management tools.

Featured case study: Leading Mexican bank

Read now

Features & Benefits

Deploy quickly and easily

Ensure broad-based security and risk management solutions work together to reduce security gaps and complexity. Out-of-the-box, single agent deployment and customizable policy enforcement secure your environment quickly and keep it protected.

Gain efficiencies

Streamline security and compliance workflows with automations and a personalized workspace. The enterprise-class architecture of McAfee ePolicy Orchestrator (ePO) scales for organizations of all sizes, significantly reducing the number of servers to deploy.

Future-proof your security infrastructure

Protect your organization from today’s threats as well as tomorrow’s. Real-time threat intelligence from McAfee Labs proactively guards your infrastructure. The open platform facilitates rapid adoption of security innovations as new threat categories emerge.

System Requirements

Platform Support

  • Server O/S: 64-bit
    • Microsoft Windows Sever 2012 Release 2 (R2)
    • Microsoft Windows Server 2012
    • Windows Server 2008 with SP2 Standard, Enterprise, or Datacenter
    • Windows Server 2008 R2 Standard, Enterprise, or Datacenter
    • Windows Server 2008 for Small Business Premium
    • Microsoft Windows Storage Server 2003
    • Windows Server 2003 with SP2 Standard, Enterprise, or Datacenter
    • Microsoft Windows Server 2003
  • Browser
    • Google Chrome 17 and later
    • Firefox 10.0 and later
    • Firefox 5.x
    • Firefox 4.x
    • Firefox 3.5
    • Firefox 3.6
    • Internet Explorer 9.0 and later
    • Internet Explorer 7.0
    • Internet Explorer 8.0
  • Network Support
    • IPv4
    • IPv6
  • Virtual server
    • VMware ESX/ESXi 5.x and later
    • VMware ESX/ESXi 4.x
    • VMware ESX 3.5.x Update 4
    • Citrix XenServer 6.0
    • Citrix XenServer 5.5 Update 2
    • Windows Server 2012 Hyper-V
    • Windows Server 2008 R2 Hyper-V
    • Windows Server 2008 Hyper-V
  • Database (32-bit and 64-bit)
    • SQL Server 2012 Express
    • SQL Server 2012
    • SQL Server 2008 with SP1/SP2/R2 Standard, Enterprise, Workgroup, Express
    • SQL Server 2005 with SP3 Standard, Enterprise, Workgroup, Express

Additional Requirements

  • 1.5 GB free disk space (2 GB recommended)
  • 1 GB RAM (2-4 GB recommended)
  • Intel Premium 4 Processor or later, 1.3 GHz or faster
  • Monitor: 1024x768, 256 color, VGA
  • NIC: 100 MB or higher
  • File System: NTFS recommended
  • Dedicated server recommended if managing more than 250 systems
  • IP Address: McAfee recommends using a static IP address

Demos / Tutorials


To learn more about the McAfee product listed above, please view the demonstration.


For guidance on how to use this McAfee product, watch the Quick Tips video listed above.

Customer Stories

Arab National Bank

Arab National Bank, one of the largest banks in the Middle East, relies on McAfee data protection and endpoint security solutions to protect sensitive data across multiple locations and comply with financial regulations.

  • Reduces manpower required to manage endpoint security from six people to two
  • Accelerates deployment of data loss protection—70 percent faster than competitive solutions
  • Cuts administrative reporting from several days to minutes
  • Saves $152,000 in reduced manual intervention, thanks to integration with third-party security solutions

Bank Central Asia

Bank Central Asia, a regional public bank in Indonesia, centralizes security management with McAfee ePolicy Orchestrator.

  • Eased compliance with internal and industry regulations.
  • Resulted in time savings with centralized management.
  • Provided integrated solutions to keep computers, the network, and data protected.

Blackburn with Darwen Council

Blackburn with Darwen Council, a borough in the county of Lancashire, England, uses McAfee endpoint security, email management, and SIEM solutions to build an integrated, centrally managed security architecture.

Brelje & Race Consulting Engineers

This small business centralizes antivirus security management with McAfee ePolicy Orchestrator, saving time for the company's security administrator.

  • IT manager’s time spent configuring and updating individual workstations cut by 90%
  • Centralized management ensures that all workstations are up to date with latest protection
  • Protection running in the background without intruding on employees’ work
  • Comprehensive and centrallymanaged solution for same price as many standalone antivirus products

California Department of Corrections and Rehabilitation (CDCR)

Leveraging the Security Connected strategy, the California Department of Corrections and Rehabilitation implemented SIEM, network IPS, data protection, and endpoint security solutions to secure its distributed IT environment over 37 locations.

  • Compliance with policy standards.
  • Dashboards enable centralized security management and provide easy access for executive reporting.


CEMEX adopts a Security Connected approach to safeguard endpoint and network security and improve visibility.

  • Safeguards against zero-day advanced persistent threats without signature updates.
  • Greatly diminishes administrative time, from defining policies to repairing workstations.
  • Protects more than 26,000 endpoints from email, web, and application-generated attacks.
  • Provides streamlined and integrated management of large, global security platform.


Cognizant centralizes its security environment with a single-vendor solution from McAfee that unifies endpoint security and provides better security visibility across the organization.

  • Easily demonstrated compliance with complex government regulations and client requirements
  • Centralized view into entire security environment eases deployment, reporting and management
  • Maximum confidence and trust from key stakeholders

Deutsche Edelstahlwerke

Deutsche Edelstahlwerke, the leading German producer of specialty stainless steel products, secures thousands of desktops while keeping production systems available with McAfee endpoint solutions.

Eagle Rock Energy

Eagle Rock strengthens its security infrastructure with the addition of new security management and network security solutions.

  • Integrated security architecture paves the way for business expansion.
  • Comprehensive threat detection ensures that security events from every source are noted and logged.
  • The combination of McAfee Web Gateway and McAfee Advanced Threat Defense thwarts inbound threats from the Internet.
  • Intrusion prevention monitors both external and internal activity.


This Mexican government agency protects endpoints and secures critical data with a range of McAfee solutions.

Kleberg Bank

Kleberg Bank relies on Intel Security for comprehensive protection, time savings, and to support compliance.

Leading Mexican Bank

The Mexican branch of a leading worldwide bank is at the forefront of security with McAfee Network Security Platform and McAfee Professional Services.

Macquarie Telecom

This leading Australian hosted IT provider drives a growing managed services business with Security Connected.

  • Fully integrated security platform easily managed from a central dashboard.
  • Visibility and control for clients over their hosted security environments.
  • Competitive advantage through partnership with a trusted technology provider.

Major U.S. State Government

State Government Places its Trust in Intel Security for IT Consolidation Within this US state government, the Office of Technology is the central IT organization, serving almost 400 executive, judicial, and legislative agencies, which, in turn, administer programs for 4.4 million citizens. The Office of Technology oversees a network linking 1,500 locations and 35,000 users across the state.

San Francisco Police Credit Union

McAfee security management solutions keep this San Francisco-based financial company compliant.

  • Faster, easier compliance with GLBA and NCUA Part 748.
  • Automated and on-demand reporting.
  • Fast troubleshooting and remediation.
  • Comprehensive security management without increasing headcount.

Seagate Technology

McAfee Application Control protects Seagate's intellectual property and complex IT environment.

  • Custom end-user protection to boost employee productivity
  • Increased performance of single-use machines in the factory
  • Malware-free factory environment


Sicredi, one of Brazil’s largest credit union systems, consolidated their comprehensive security environment with Intel Security.

State of Alaska

The state of Alaska utilizes McAfee's product portfolio to protect data centers and networks across 16 state agencies, saving $3.8 million.

  • Saved a projected $3.8 million and improved operational and team efficiency
  • Dramatically improved security posture without increasing headcount
  • Allowed for greater budget predictability with the flexibility to adapt and grow security as needs change

State of Colorado

McAfee SIEM solutions help the state of Colorado meet compliance requirements and remain cost effective.

  • Aggressively achieved first five controls per set goal
  • Ability to administer virus scans and obtain software inventory with McAfee ePO software
  • Vulnerability ranking within McAfee Enterprise Security Manager allows for more immediate and effective remediation

Sutherland Global Services

The McAfee Security Connected framework drives compliance and protects 24,000 endpoints for this consulting company.

  • Virus attacks are virtually nonexistent throughout the globally distributed enterprise.
  • Central McAfee ePO console enables global management of entire IT infrastructure by only a two-person IT staff.
  • Industry-leading reporting tools facilitate compliance.
  • Automatic updates improve operational efficiency and ease burden on IT staff.
  • McAfee updates and notifications enable proactive response to threats.


Data Sheets

McAfee ePolicy Orchestrator

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Rogue System Detection

This data sheet explains how McAfee Rogue System Detection fully integrates with McAfee ePolicy Orchestrator to provide real-time discovery of rogue systems connected to the network to offer greater network visibility and protection.

McAfee ePO Cloud

For a technical summary on the McAfee product integration listed above, please view the product data sheet.

McAfee Collector Plug-in

For a technical summary on the McAfee product listed above, please view the product data sheet.


SANS Analytics and Intelligence Survey

This paper explores the use of analytics and intelligence today and exposes the impediments to successful implementation. Organizations that are deploying analytics and intelligence properly are experiencing faster response and detection times, as well as greater visibility. However, many are confused about how to integrate and automate their intelligence collection processes.

Solution Briefs

Create a Least Risk Microsoft Windows Desktop

Avecto Privilege Guard and McAfee ePolicy Orchestrator (ePO) software enable organizations worldwide to deploy secure and compliant desktops—without compromising a user's ability to perform their day to day tasks.

Improve Visibility and Control of Endpoints—Including Managed and BYOD

ForeScout CounterACT integrates with McAfee ePO and ESM to provide this information in realtime for both managed and unmanaged hosts.

McAfee Security Innovation Alliance Accelerator Program from Accuvant

By leveraging the McAfee Security Innovation Alliance Accelerator Program from Accuvant, you can make your technology more compelling to McAfee customers.

Combat and Mitigate Cyberattacks

Stream the latest threat data and alerts on compromised networks directly to the McAfee ePO console to block future malicious communications.

Identify Sensitive Data and Prevent Data Leaks

The interoperability between TITUS Document Classification software and McAfee Data Loss Prevention (DLP) further reduces your risk of data loss by capturing end users’ inherent knowledge about the sensitivity of documents and making that information available to McAfee host and network-based DLP as visual classification labels and corresponding metadata.

Privileged Identity Management

Cyber-Ark Software solutions help reduce data breach risks, meet strict IT compliance and audit requirements, and improve security posture and operational efficiencies on corporate networks, whether on premises or in the cloud. Cyber-Ark delivers privileged password vaulting and user-access control, session recording and auditing, continuous monitoring, and forensics. Cyber-Ark solutions are integrated with McAfee® ePolicy Orchestrator® (McAfee ePO™) software, McAfee® Enterprise Security Manager, and McAfee® Vulnerability Manager.

Identify Threats to Business Performance

The McAfee/Rev2 integration enables you to quickly score, classify, and combine hundreds of thousands of vulnerabilities and highlight the critical few risks.

Extend McAfee Data Protection with Tiversa P2P Breach Protection

This solution enables detection notifications and forensic analysis data to be reported within the McAfee ePolicy Orchestrator (ePO) console.

Integrated Security Management for Unified Communications Applications

The Sipera UC-Sec appliance ensures that the VoIP/UC infrastructure and endpoints (mobile or fixed) are protected and visible to the security manager for the first time with McAfee ePO software.

AccessData: Incident Response and Forensics

Learn about the joint solution that extends AccessData’s forensic analysis technology to McAfee ePolicy Orchestrator software.

Security Event and Log Management

ArcSight’s market-leading log and event management solutions are now integrated with the McAfee ePolicy Orchestrator (ePO) software.

Comprehensive Security Through Visibility

BDNA Discover acts as a comprehensive source of information for the detection of invisible devices on enterprise networks.

Manage Security and Risk based on the Actual State of your Network

Through comprehensive real-time network, device, and user intelligence, Insightix BSA Visibility provides total network visibility to McAfee ePolicy Orchestrator (McAfee ePO) software, enabling effective security and risk management for all devices across your entire network.

McAfee Security Management Platform

The McAfee Security Management Platform combines and refines key aspects of security so IT staff can manage the expanding scale of enterprise security more easily than ever before.

Securing the Virtual Desktop: Removing the Last Barrier to Widespread Adoption

Learn how the McAfee and Citrix partnership enables Citrix XenDesktop customers to extend management of desktop security to virtual environments using the McAfee ePolicy Orchestrator software.

Application Security and Control

Arxan Technologies, a leader in application security and control, has integrated their software security product, GuardIT, with McAfee ePolicy Orchestrator (McAfee ePO) software to provide security check and tampering alert information into the McAfee ePO software management console.

McAfee Compatible Solution: AirPatrol WPM 1.0 and McAfee ePO 4.0

AirPatrol’s Wireless Policy Manager (WPM) is now integrated with McAfee ePolicy Orchestrator (McAfee ePO) software. WPM secures wireless interfaces on enterprise endpoints and empowers IT administrators to easily enforce commonsense rules on governing how employees use their wireless connectivity.

SIEM and Log Management for Converging Network and Security Environments

QRadar intelligently distills large amounts of information from a wide range of sources to augment incident response and compliance validation in McAfee ePolicy Orchestrator (ePO) software, McAfee’s centralized security and compliance management platform.

Virtual Infrastructure Security

Catbird, a pioneer and leader in security and compliance solutions for virtual networks, has integrated its flagship product, V-Security, with network and endpoint systems technologies from McAfee to extend comprehensive security and compliance to the virtual infrastructure.

Automated Security Configuration and Compliance Management

Triumfant detects and analyzes changes and unexpected conditions on endpoints to determine if those changes are problematic to the security, configuration, or performance of assets managed by McAfee ePolicy Orchestrator (ePO).

Optimizing Security Management with McAfee ePolicy Orchestrator (Dutch)

Examine how the McAfee ePolicy Orchestrator platform boosts security, saves time, and lowers costs with a centrally managed solution that enables immediate threat response.

Technology Blueprints

Investigate Data Breaches

McAfee enables enterprises to collect, analyze, and preserve security forensic information. With a solution that includes content- and context-aware SIEM, McAfee provides alerts to security events, as well analysis on how the attacked occurred, affected users, and compromised data — so you can better understand the severity of a security breach.

Achieve Situational Awareness

The McAfee solution has two primary components: McAfee ePolicy Orchestrator (McAfee ePO) software and McAfee Enterprise Security Manager, with additional integrations to extend visibility and control across the entire security and compliance management environment.

Look Inside Network Traffic

The McAfee solution has two primary components: McAfee Firewall Enterprise and McAfee Network Security Platform. The McAfee Firewall and the IPS appliance both have add-on features that can optimize your visibility into the network. McAfee SIEM and other optional products help extend visibility and analytics to more aspects of network traffic.

Living with Social Media

To enable the secure and controlled use of social media in the workplace, McAfee recommends a layered approach, including firewall and data loss prevention (DLP) built around a solid web proxy solution. With McAfee security solutions, enterprises can address bandwidth concerns around the use of social media, encourage the productive use of time among employees, scan for malware, filter HTTPS content, and stop data leakage.

White Papers

Protect Critical Assets with Virtual Patching

This white paper discusses virtual patching and how using predictive threat coverage, automated vulnerability scanning, and risk visualization is a scalable and cost-effective approach to protecting critical assets.

Security Management 2.5 – Replacing Your SIEM Yet?

This paper will walk you through the entire process — from soup to nuts — of evaluating, selecting, and deploying a SIEM. It offers pragmatic advice on how to get it done based on years working through this process as both consumers and vendors of SIEM technology. The process is not always painless, but we are certain it will help you avoid foundering on bad technology and inter-office politics. You owe it to yourself and your organization to ask the right questions and to get answers. It is time to slay the sacred cow of your substantial SIEM investment, and to figure out your best path forward.

The Good, the Bad, and the Unknown

Reduce risk from unauthorized applications, gain stronger endpoint control, and live to tell the tale.

SANS Institute: Correlating Event Data for Vulnerability Detection & Remediation

Learn how network attacks can be avoided by utilizing a SIEM platform that combines historical data with real-time data from network sources and security policies to provide context around application usage, user behaviors, and other operations — for better, more accurate reporting.

Log Management—The Foundation for Federal Security and Compliance

In this paper, we will explore the fundamental requirements for a sound log management solution and review some examples of less than optimum product deployments. Finally, we will examine what a US federal agency should be looking for in an extensible log management strategy, and propose a workable solution for tighter integration into and support of an organization’s applicable and prospective security and compliance programs and initiatives.

Need for Speed: Streamlining Response and Reaction to Attacks

Today’s faster, newer and greatly improved malicious user requires a faster, newer and greatly improved response. Smarter attackers require more intelligent countermeasures, including faster and more reliable analysis, to react to security issues.

McAfee ePolicy Orchestrator: Creating an Apache HTTP Repository

This document describes how to configure Apache and Samba running on a Linux operating systems (OS) platform for the purpose of creating an Apache HTTP Repository for McAfee ePolicy Orchestrator. The Apache repository will allow customers to meet the requirement to have a Linux repository.

Top Five McAfee ePolicy Orchestrator Tips (Dutch)

This paper highlights some of the top best practices for implementing McAfee endpoint products with McAfee ePolicy Orchestrator software.

McAfee Security Management Platform

McAfee Security Management Platform brings a new level of intelligence and automation to the enterprise, effectively interlocking the various components of IT security into a single, overarching, risk-minimizing shield.



  • Root of Trust vs. Root of Evil: Part 3
    Tyson Macaulay - July 19, 2015

    This is the third of three parts about root of trust and the Internet of Things. In Part 1 and Part 2, I covered how root of trust is an important approach to managing risk in virtualized network—especially compliance risks. The first two posts in this series examined several reasons to consider root-of-trust technologies. In […]

    The post Root of Trust vs. Root of Evil: Part 3 appeared first on McAfee.

  • Root of Trust vs. Root of Evil: Part 2
    Tyson Macaulay - July 17, 2015

    This is the second of three posts about the root of trust and the Internet of Things. In my first post I wrote about the burden of technology compliance and how it may be changing as virtualization enters service provider and enterprise networks and underlies the Internet of Things (IoT). I also wrote about a […]

    The post Root of Trust vs. Root of Evil: Part 2 appeared first on McAfee.

  • Root of Trust vs. Root of Evil: Part 1
    Tyson Macaulay - July 15, 2015

    Regulatory compliance is an unloved cost of goods—an expense to be managed, like cafeteria subsidies or fleet fuel costs. Major regulatory gaps are opening around the Internet and Internet of Things (IoT), and especially in the plumbing under the IoT, which is rapidly evolving in a process known as network function virtualization (NFV). This future […]

    The post Root of Trust vs. Root of Evil: Part 1 appeared first on McAfee.

  • Insider Threats Deserve Attention, Solutions in Government: Report
    Tom Gann - June 25, 2015

    As the persistence of insider threats remain a critical issue for government agencies to face. Security leaders like Intel Security have responded by prioritizing solutions that can mitigate insider threats in their pipeline. Government agencies have begun implementing policy changes that can help reduce the risk of an insider threat that can lead to critical […]

    The post Insider Threats Deserve Attention, Solutions in Government: Report appeared first on McAfee.

  • Astros’ Chief Recruiter Commits Cardinal Sin of Security
    Scott Montgomery - June 22, 2015

    The F.B.I. and Justice Department are investigating whether or not officials associated with the St. Louis Cardinals gained unauthorized access to networks belonging to the Houston Astros, a rival baseball team. If the accusations hold true it would represent the first known case of corporate espionage through hacking between professional sports teams, according to The […]

    The post Astros’ Chief Recruiter Commits Cardinal Sin of Security appeared first on McAfee.


McAfee Communities : All Content - ePolicy Orchestrator (ePO)