McAfee ePolicy Orchestrator

Simplify. Accelerate. Orchestrate.

Data Sheet Free Trial
Introducing the redesigned McAfee ePO 5.10

A single console for all your security management

McAfee ePolicy Orchestrator (McAfee ePO) provides a centralized management console that simplifies and accelerates your security effectiveness with visibility and control from device to cloud.

Unified view

Working six separate consoles is not the same as working an integrated console. Security admins should be inspired with a truly centralized management platform to help prioritize alerts.

Simplify operations

Throwing more tools at a problem causes chaos and siloed results. Security tools should work together with orchestrated controls, shared intelligence, and automated workflows.

Open is the new security paradigm

An open platform allows you to add new capabilities and intelligence while enabling tools or native controls such as Microsoft Windows Defender to collaborate as the threat landscape evolves.

McAfee provides an open architecture that integrates with partner and third-party products. Read White Paper >

Take a product tour

Product features

Essential risk management assets at your fingertips

The Protection Workspace offers an easy-to-read summary dashboard of your security posture, allowing you to drill down and prioritize. The Security Resources page offers a single view of current threat information, security news, and advisories.

Embrace native controls

McAfee enhances and co-manages the security that’s already built into Microsoft Windows 10, while allowing you to take advantage of native Windows system capabilities.

Cloud-based security management

McAfee ePO software can be implemented from the cloud via two alternative deployment options, McAfee ePO on Amazon Web Services (AWS) or McAfee MVISION ePO, eliminating or simplifying infrastructure maintenance and giving you more time for other security tasks. Try MVISION ePO today.

Streamlined workflows

Automated security, compliance workflows, and a personalized workspace help you rapidly identify, manage, and respond to vulnerabilities, changes in security postures, and known threats from single console.

Automated responses

McAfee ePO Automatic Response can trigger an action based on an event. Built-in advanced capabilities increase the efficiency of the security operations staff when they mitigate a threat or make a change to restore compliance.

Fast enforcement

Quickly reduce security gaps and complexity with single agent deployment and customizable policy enforcement.

Future-proof your security infrastructure

The open platform facilitates rapid adoption of security innovations as new threat categories emerge. Our security management architecture scales for organizations of all sizes, significantly reducing the number of servers to deploy.

Third-party integration

Our open and comprehensive platform integrates McAfee and more than 150 third-party solutions for faster and more accurate responses.

How to deploy and manage McAfee ePO

Select either a traditional on-premises solution or a cloud-based management version of McAfee ePO. Choose the deployment that meets your needs.

McAfee ePO McAfee ePO on AWS > McAfee MVISION ePO >
Description On-premises security management On the AWS public cloud as an infrastructure-as-a-service (IaaS) model McAfee ePO software-as-a-service (SaaS) model
Deployment model Traditional deployment in days Deploy in less than an hour No deployment required
Infrastructure requirements Customer maintained Simplified with AWS services, customer maintained Maintained completely by McAfee, policies set by customer. McAfee SLA is 99.95%.
Products managed All McAfee and SIA partner products Some McAfee products, including Endpoint Security, MVISION Endpoint, Data Loss Prevention, Cloud Workload Security, advanced threat protection technologies, and SIA partner products McAfee Endpoint Security, MVISION Endpoint
Management choice Deployed and controlled by the McAfee customer Virtually deployed, controlled by McAfee customer Multitenant, globally scaled, and maintained by McAfee, all easily accessed through a web browser

Take the next step

We’re here to help. Contact us to learn about implementation, pricing, technical specifications, and more, or download a free product trial.

Getting Started

Want to learn more about McAfee ePolicy Orchestrator services, architecture, installation, and training? Here are some sample getting started resources:

Introduction to McAfee ePolicy Orchestrator

McAfee ePolicy Orchestrator (McAfee ePO) software is a scalable, extensible management platform that enables centralized policy management and enforcement of your security products and the systems where they are installed. It also provides comprehensive reporting and product deployment capabilities, all through a single point of control.

  • Deploy security products and patches to the systems in your network.
  • Manage the host and network security products deployed to your systems through the enforcement of security policies and the creation of tasks.
  • Update the detection definition (.DAT) files, antivirus engines, and other security content required by your security software to ensure that your managed systems are secure.
  • Use the built-in query system wizard to create reports that display informative user-configured charts and tables containing your network security data.
  • Use a server task to run a query on a regular schedule, create a report, and email it to a list of users.

Services

The McAfee ePO server uses the following services:

  • Application Server (Tomcat) service:
    • Provides a Java-based webpage to remotely manage the McAfee ePO server through the McAfee ePO console.
    • Manages extensions, notifications, policies, repositories, the System Tree, and dashboards.
    • Enables SQUID (Structured Query User Interface) to provide the reporting user interface.
    • Runs the automatic response system.
    • Provides user permissions and settings for the McAfee ePO server and components.
  • Event Parser service:
    • Passes events to the Tomcat service.
    • Stores events in the McAfee ePO database.
    • Normalizes events using Common Event Format (CEF).
  • Apache service:
    • Handles communications from McAfee Agent to the McAfee ePO server.
    • Caches policies to reduce database reads and speed up agent-server communication intervals (ASCI).
    • Manages events, groups, tags, and agent sorting.
    • Passes events to the Event Parser service.

Components

The architecture of McAfee ePO software and its components are designed to help you successfully manage and protect your environment. The McAfee ePO server provides these major functions:

  • Manages and deploys products.
  • Enforces policies on your endpoints.
  • Collects events, product properties, and system properties from the managed endpoints and sends them back to McAfee ePO.
  • Distributes McAfee software, including new products, upgrades, and patches.
  • Reports on your endpoint security.

This figure shows the major McAfee ePO components:

  1. McAfee ePO server: Connects to the McAfee ePO update server to download the latest security content.
  2. Microsoft SQL database: Stores all data about your network managed systems, McAfee ePO, Agent Handlers, and repositories.
  3. McAfee Agent installed on clients: Provides policy enforcement, product deployments and updates, and connections to send events, product, and system properties to the McAfee ePO server.
  4. Agent-server secure communication (ASSC) connections: Provides communications that occur at regular intervals between your systems and the server.
  5. Web console: Allows users to log on to the McAfee ePO console to perform security management tasks, such as running queries to report on security status or working with your managed software security policies.
  6. McAfee web server: Hosts the latest security content so that your McAfee ePO server can pull the content at scheduled intervals.
  7. Distributed repositories: Installed throughout your network to host your security content locally so that agents can receive updates more quickly.
  8. Agent Handlers: Reduces the workload of the server by offloading event processing and McAfee Agent connectivity duties.
  9. LDAP or ticketing system: Connects your McAfee ePO server to your LDAP server or SNMP ticketing server.
  10. Automatic responses: Provides notifications to administrators and task automation when an event occurs.
  11. Web console connections: Provides HTTPS connection between the McAfee ePO server and the web browser using default port 8443.
  12. Distributed repository connections: Repository connections depend on the type of repository. For example, HTTP, FTP, or UDP connections.
  13. Remote Agent Handlers in the DMZ: Agent Handlers installed in the DMZ require specific port connections.

Useful resources

McAfee ePO FAQ

This Knowledge Base article answers common questions about McAfee ePO.

Learn More >

Supported Platforms, Environments, and Operating Systems for ePolicy Orchestrator

This is a consolidated list of McAfee-supported operating systems or service packs. Most of the following information is available in the product installation guides and release notes but this list also consolidates product management statements published in the Knowledge Base.

Learn More >

Sample Installation Guide: McAfee ePolicy Orchestrator 5.9

This guide contains installation requirements and recommendations, instructions on how to restore, upgrade, or uninstall McAfee ePO, guidance on managing Agent Handlers, troubleshooting tips, and more.

Learn More >

McAfee ePO Training Courses

We offer a variety of online and instructor-led courses that cover the installation, configuration, and maintenance of McAfee ePO.

Learn More >

Ready to start using McAfee ePO?

Access product guides, Knowledge Base articles, troubleshooting tips, and other resources to help you install, configure, upgrade, and migrate to McAfee ePO.

Access Support Resources

McAfee ePolicy Orchestrator Help

Product how-to videos

    Technical Support Resources

    Access product guides, Knowledge Base articles, troubleshooting tips, and other resources to help you install, configure, upgrade, and migrate McAfee ePolicy Orchestrator.

    Access Support Resources >

    Service Requests

    Need additional assistance? Log in to the McAfee ServicePortal to set up a new service request.

    Submit Service Request >

    Community

    Access our community-based and social media resources for additional product tips and how-to guides.

    Forums

    Connect with other McAfee users, see how they are optimizing their McAfee implementation, and find answers to common user questions.

    Learn More >

    SNS Alerts

    Subscribe to the SNS to receive vital communications about product releases, content updates, critical incidents, security bulletins, and end-of-life dates.

    Learn More >

    MPOWER Cybersecurity Summit

    October 16-18, 2018 | MGM Grand Hotel & Casino, Las Vegas

    At MPOWER, cybersecurity executives, developers, and other security professionals gather to fight cybercrime—together. Get insights about our rapidly and ever-shifting industry, and see firsthand the latest innovations that protect data, applications, workloads, and infrastructure, from device to cloud.

    Latest blog posts

    Visit the McAfee blog site for the latest McAfee news, product announcements, and threat analysis.