ePO Web Portal POC - Using the ePO Web-API

Version 3

    The following is a proof of concept that I put together to allow the following actions:

     

    1. Apply an ePO tag to quarantine a system in ePO without having to login directly to the ePO console.
    2. Apply an ePO tag to tag a system in ePO for a 'Run Immediate' On-Demand Scan without having to login directly to the ePO console.
    3. Export a McAfee Drive Encryption recovery key without having to login directly to the ePO console.

     

    This example uses ASP and C#, but this could be translated to any language with the right knowledge set.  While this POC is targeted at two tags called API-Quarantine and API-ODS and uses an embedded credential, you could certainly change to using an inputted credential (add form fields, etc.) and have the user provide a tag manually or via drop-down. Other use cases could be 1. tag systems to have an alternate policy where VirusScan doesn't have a password for a field tech and 2. tag systems for deployment. 

     

    I have provided three files in this example:

    - tag.aspx (front-end)

    - tag.aspx.cs (code behind page)

    - IS_Blue_50.png (background image)

     

    To use or test this:

    1. Drop the three files into an IIS directory of choice that allows ASP.
    2. Edit tag.aspx.cs and customize the below lines accordingly.
    3. Browse to tag.aspx with your favorite browser.

     

    Code to change in tag.aspx.cs:

                     servernm.Text = "ePOServer";       

                     serverprt.Text = "8443";

                     string credl = "admin";

                     string credp = "MyP@55w04D540cK";

     

            string url = "https://" + servernm.Text + ":" + serverprt.Text + "/remote/system.applyTag?names=";

            url += TextBox1.Text + "&tagName=Quarantine";

    Screen Shot 2015-09-16 at 9.04.11 PM.png

     

    For more information on how to leverage the Web API in ePO, please reference McAfee KnowledgeBase - ePolicy Orchestrator 5.1 Web API Scripting Guide.