The following is a proof of concept that I put together to allow the following actions:
- Apply an ePO tag to quarantine a system in ePO without having to login directly to the ePO console.
- Apply an ePO tag to tag a system in ePO for a 'Run Immediate' On-Demand Scan without having to login directly to the ePO console.
- Export a McAfee Drive Encryption recovery key without having to login directly to the ePO console.
This example uses ASP and C#, but this could be translated to any language with the right knowledge set. While this POC is targeted at two tags called API-Quarantine and API-ODS and uses an embedded credential, you could certainly change to using an inputted credential (add form fields, etc.) and have the user provide a tag manually or via drop-down. Other use cases could be 1. tag systems to have an alternate policy where VirusScan doesn't have a password for a field tech and 2. tag systems for deployment.
I have provided three files in this example:
- tag.aspx (front-end)
- tag.aspx.cs (code behind page)
- IS_Blue_50.png (background image)
To use or test this:
- Drop the three files into an IIS directory of choice that allows ASP.
- Edit tag.aspx.cs and customize the below lines accordingly.
- Browse to tag.aspx with your favorite browser.
Code to change in tag.aspx.cs:
servernm.Text = "ePOServer";
serverprt.Text = "8443";
string credl = "admin";
string credp = "MyP@55w04D540cK";
string url = "https://" + servernm.Text + ":" + serverprt.Text + "/remote/system.applyTag?names=";
url += TextBox1.Text + "&tagName=Quarantine";
For more information on how to leverage the Web API in ePO, please reference McAfee KnowledgeBase - ePolicy Orchestrator 5.1 Web API Scripting Guide.