Getting Started with McAfee ePolicy Orchestrator (ePO)

Version 3

    Overview

     

    If you're new to McAfee ePolicy Orchestrator (McAfee ePO), this is the place to start. This document demonstrates how to install and configure the McAfee ePO server, connect it to Active Directory, manage systems, add other McAfee products to it, and setup Role-based Access Control.

     

    Video

     

    You can also watch the steps described in this document by viewing the video below.

     

     

     

    Procedure

     

    I – Installation of McAfee ePO

     

      1. Download the current ePO installation (currently ePO 5.3.2)  *To download the current version of ePolicy Orchestrator, go to McAfee Downloads.
        • The installers are cumulative and all encompassing; server side patches will have the patch in it with a fresh install.
      2. There are 2 major options for install, express and custom. Express installs Microsoft SQL Server 2008, giving your database a size of 8 GB. As long as you’re a smaller company under 3000 nodes this is fine, otherwise we highly suggest your own Microsoft SQL server. There are many different options for custom installation; in this case we will be installing express.
        Getting Started with ePO 1.jpg
      3. There are some minor requirements before you can install such as Microsoft Visual C++, etc. These are included in the package and will install before you install ePO.
      4. Once SQL express is fully installed it will prompt you for database information which is pre-loaded.
      5. It will prompt you for the name of the machine and the administrator password. You will notice that SQL authentication is greyed out and is not an option, this is because we are installing the express version. (SQL authentication is much more hassle free however).
        Getting Started with ePO 2.jpg
      6. Hit next and enter user and password information for the administrator log in. The default username here is admin. In addition you can add in multiple admins if you so choose. There is also an Encryption passphrase for situations in which there is a disaster and you need to discover the keys for ePO.
        Getting Started with ePO 3.jpg
      7. Hit next. If you are an existing McAfee customer, enter the ePO license key from the grant page. If you are just testing the product out choose evaluation.
        Getting Started with ePO 4.jpg
      8. Accept or decline the user agreement.
      9. Decide whether or not to allow McAfee to collect telemetry data. We collect this data to make our ePO product even better so it does help us in the long run.
      10. Finally, hit install to install McAfee ePO. In 10-15 minutes the installation should be complete.

     

    II – Checking pages and reports on ePO

     

      1. Enter your IP address followed by “:8443” in your url bar and you will be prompted to enter your username and password before you can access ePO.
      2. The first thing you will see is a dashboard that says “Getting started with ePO”. This is a great tool to get you started and helps users get familiar very easily.
      3. Starting with our System Tree, you will be able to create new groups and subgroups under my organization (many of these may be mimicked or imported from your active directory).
      4. You can sync your active directory by registering it. First go to the menu in the upper left, go to configuration and choose registered servers.
      5. Click the dropdown to choose your new server and give it any name you like, hit next.
      6. Choose active directory and enter in the IP address of the server. Enter your user name and password credentials and then test connection to make sure it is successful. Save the server. You can also add other registered servers if necessary.
        Getting Started with ePO 5.jpg
      7. Go back to the System Tree and choose Group Details, then Synchronization type and hit edit.
      8. Under Synchronization type choose Active Directory, under Synchronize choose Systems and container structure. Under active directory domain choose the registered LDAP server that you just created. Under containers hit browse, which will let you see any groups that exist in the new synchronized server. You can also choose to push to agents as they are discovered along with many other options.
        Getting Started with ePO 6.jpg
      9. Save to finish. You can synchronize on a regular and automated basis or do it manually at any time.
      10. This process mirrored active directory so we have access to all groups involved.
      11. Agents can be deployed through the systems section on the systems tree.
      12. Highlight all wanted nodes to deploy to and hit deploy agents.
        Getting Started with ePO 7.jpg
      13. There are several different options in deploying agents including a url install or creating a new system (these are included in the best practices video).
      14. You can look at information on any single machine that an agent is pushed to. Such information includes: OS, processor in the machine, IP address, physical memory, user logged on, etc.
      15. Under products you can look at the individual product that was deployed and any threat events involved with the machine and the agent.
        Getting Started with ePO 8.jpg
      16. You can use Client tasks to deploy additional products. These are scheduled tasks that can deploy products immediately or at a specific time. (more information on this can be seen in the best practices video).
      17. Under Assigned Policies you can view all current policies surrounding products.

     

    III – Extensions and Packages

     

      1. Under Extensions (found in the software section in the main menu) you can install extensions for multiple products to help you manage them. Simply click on the zip file for the extension on the desktop to install it.
      2. To deploy, view the Master Repository (also under the software section). This is where all the software installed in your ePO is listed and included.  Add a specific package for the product you wish by clicking on the zip file for the package and uploading it to the master repository.
      3. Extensions give you the power to manage McAfee policies while packages give you the power to deploy McAfee or third party partner software.

     

    IV – Software Manager

     

      1. Software manager is a simpler way to manage products without extensions and packages.
      2. After entering the license key during initial installation, it will populate software’s that have been purchased including extensions and packages.
      3. Just check in on the individual product and accept the use terms to add it to software manager.
      4. The manager also lets you install evaluation products to check out other software’s McAfee has to offer.

     

    V – Role Based Access

     

      1. In the main menu, under User Management, choose Permission Sets (There are 4 premade permission sets that you can leverage or create your own).
      2. There are several options for role based access which will need to be decided by you.
        • Permissions will often be very different for each product.
      3. After permission sets are created, create a new user under the users tab in the menu.
      4. Enter username using ePO authentication or windows authentication.
        • Here you will assign them to the specific permission set that you created (this allows you to manage roles inside of ePO).

     

    VI – Conclusion

     

    We’ve seen how to install ePO Management Console on your system. It’s an easy process. You can now use ePO for a vast variety of software’s to help keep your employees and organization as safe as possible. In addition, the default setup will automatically update your ePO so you can stay up to date with no efforts.

     

     

    For more information about the McAfee ePO, visit:

     

    McAfee ePolicy Orchestrator (ePO) page:

    http://www.mcafee.com/us/products/epolicy-orchestrator.aspx

    McAfee Sales page

    http://www.mcafee.com/us/about/contact-us.aspx