Server & Network Security Base: > System & Security Management

McAfee ePolicy Orchestrator (ePO)

(1/9) > >>

hi guys,

do you know about McAfee ePolicy Orchestrator? how it works and how to distribute to the whole enterprise network and manage and control? enough we talked like a kid for a simple antivirus, now we will work about the whole Enterprise security and how to controlling from a central point. so lets jump in advanced level ...

To know detail of McAfee ePolicy Orchestrator, walk here;

(McAfee ePolicy Orchestrator (ePO) is widely acknowledged as the most advanced and scalable security management software in the industry. With ePO software, organizations of all sizes can efficiently manage any number of devices — all from a personalized web console. As a key component of the McAfee Security Management Platform, ePO software manages security across endpoints, networks, and data; integrates third-party solutions; and automates workflows to create efficiencies, streamline compliance, and provide visibility into security and compliance postures.

Only McAfee ePO delivers:

End-to-end visibility — Get a unified view of your security posture. A single point of reference for security data across endpoints, data, and networks provides immediate insight and shortens response times.

An open, extensible architecture — Easily leverage your existing IT infrastructure. McAfee ePO software connects management of both McAfee and third-party security solutions to your LDAP, IT operations, and configuration management tools.

Proven efficiencies — Respond quickly and spend less. Independent studies show ePO software helps organizations of every size streamline administrative tasks, ease audit fatigue, and reduce security management-related hardware costs.

we the guys who know better and have experience on McAfee ePolicy Orchestrator will try to help others who will be new and wanted to learn and deploy on small business to enterprise network ...

Nice Topic Munna.  :thumbsup:


--- Quote from: Samker on 17. February 2011., 21:30:05 ---Nice Topic Munna.  :thumbsup:

--- End quote ---

thanks man, it's a nice enterprise security management software and fully automated ... most of entry level and mid level administrator don't know how to automated(included automated installation, update, patch update, scanning, reporting ..etc.) the security system for the whole network, they feel it but don't know how to solve .. on the 1st stage it's little complicated but not too much complicated ... OK we should learn more.

lets wait for the question .... i know it will take little more time to run ... i meant the topic. hoping will grow up soon and we all should learn something new by exchanging the experience and knowledge ..


--- Quote from: metalmunna on 17. February 2011., 22:24:00 ---
--- Quote from: Samker on 17. February 2011., 21:30:05 ---Nice Topic Munna.  :thumbsup: 

--- End quote ---

lets wait for the question .... i know it will take little more time to run ... i meant the topic. hoping will grow up soon and we all should learn something new by exchanging the experience and knowledge ..

--- End quote ---

I'm sure this will be very popular Topic since We have a lot of McAfee users at SCF. ;)

thanks man, till the question comes we can start learning(included me) .. from the very beginning by small part of every essential steps on each session;

(It is recommended that we should have a working knowledge of Microsoft Windows administration and system administration concepts, a basic understanding of computer security concepts, and a general understanding of viruses and anti-virus technologies.)

lets start from the installation and pre request installation;
(used by Official McAfee ePolicy Orchestrator 4.5 Installation Guide)

System requirements

Verify that your environment meets the minimum requirements listed here:
• Server and Agent Handler
• Database
• Distributed repositories

Server and Agent Handler requirements

Free disk space — 1 GB minimum (first-time installation); 1.5 GB minimum (upgrade);
2 GB recommended.
Memory — 1 GB available RAM; 2–4 GB recommended.
Processor — Intel Pentium III-class or higher; 1 GHz or higher.
Monitor — 1024x768, 256-color, VGA monitor.
NIC — Network interface card; 100 MB or higher.

NOTE: If using a server with more than one IP address, ePolicy Orchestrator uses the first
identified IP address. If you want to use additional IP addresses for agent-server communication,
see Installing an Agent Handler.
Dedicated server — If managing more than 250 computers, McAfee recommends using a
dedicated server.
File system — NTFS (NT file system) partition recommended.
IP address — McAfee recommends using static IP addresses for ePO servers.
Server-class operating system — 32bit or 64bit
• Windows Server 2003 Enterprise with Service Pack 2 or later
• Windows Server 2003 Standard with Service Pack 2 or later
• Windows Server 2003 Web with Service Pack 2 or later
• Windows Server 2003 R2 Enterprise with Service Pack 2 or later
• Windows Server 2003 R2 Standard with Service Pack 2 or later
• Windows Server 2008

NOTE: Installation is blocked if you attempt to install on a version of Windows earlier than
Server 2003. In addition, ePolicy Orchestrator stops functioning if, after having been installed
on Windows Server 2003, the server is upgraded to Windows Server 2008.

• Firefox 3.0
• Microsoft Internet Explorer 7.0 or 8.0
If using Internet Explorer and a proxy, follow these steps to bypass the proxy server.
1 From the Tools menu in Internet Explorer, select Internet Options.
2 Select the Connections tab and click LAN Settings.
3 Select Use a proxy server for your LAN, then select Bypass proxy server for local
4 Click OK as needed to close Internet Options.
Domain controllers — The server must have a trust relationship with the Primary Domain
Controller (PDC) on the network. For instructions, see the Microsoft product documentation.
Security software
• Install and/or update the anti-virus software on the ePolicy Orchestrator server and scan
for viruses.

CAUTION: If running VirusScan Enterprise 8.5i or 8.7i on the system where you are installing
ePolicy Orchestrator, you must ensure that the VSE Access Protection rules are disabled
during the installation process, or the installation fails.
• Install and/or update firewall software on the ePolicy Orchestrator server.
• McAfee recommends avoiding the use of Port 8443 for HTTPS communication. Although this
is the default port, it is also the primary port used by many web-based activities, is a popular
target for malicious exploitation, and it is likely to be disabled by the system administrator
in response to a security violation or outbreak.

NOTE: Ensure that the ports you choose are not already in use on the ePolicy Orchestrator
server computer.
• Notify the network staff of the ports you intend to use for HTTP and HTTPS communication
via ePolicy Orchestrator.
NOTE: Installing the software on a Primary Domain Controller (PDC) is supported, but not
Supported virtual infrastructure software
• VMware ESX 3.5.x
• Microsoft Virtual Server 2005 R2 with Service Pack 1
• Windows Server 2008 Hyper-V


[0] Message Index

[#] Next page


Go to full version