McAfee ePO 5.10 Installation on Single Server

With McAfee ePO software, IT administrators can unify security management across endpoints, networks, data, and compliance solutions from McAfee and third-party solutions. McAfee ePO software provides flexible, automated management capabilities so you identify, manage, and respond to security issues and threats. You define how McAfee ePO software should direct alerts and security responses based on the type and criticality of security events in your environment, as well as create automated workflows between your security and IT operations systems to quickly remediate outstanding issues.

Features

Please refer to ePO documentation : https://www.mcafee.com/enterprise/en-ca/downloads/trials/epolicy-orchestrator.html

The ePO Software Repository

The McAfee ePO server is the central software repository for all McAfee product installations, updates, and other content. The modular design of ePolicy Orchestrator allows new products to be added as extensions. This includes new or updated versions of McAfee and McAfee-compatible solutions from the Security Innovation Alliance. Packages are components that are checked in to the master repository, and then deployed to client systems. ePolicy Orchestrator also allows for replication to distributed repositories at remote locations for bandwidth optimization.

For McAfee ePO to keep your client systems up-to-date, a repository task that retrieves updates from a McAfee site (HTTP or FTP) was created to run daily at 1:00 am. The steps below show you how to modify the task so that it checks the McAfee update site every 12 hours instead.

Systems and the System Tree

The ePolicy Orchestrator System Tree organizes managed systems in units for monitoring, assigning policies, scheduling tasks, and taking actions. These units are called groups, which are created and administered by Global Administrators or users with the appropriate permissions. Groups may contain both systems and other groups. As shown in the graphic below, the installer created a sample system tree during setup.

Three groups were created under the default My Organization group; Laptops, Servers, and Workstations. The Servers group also has several subgroups for different server types based on function or role. These sample groups were created for your convenience. You are not required to use them, but they are referenced in the instructional exercises that follow. If you wish to test system & group creation through Active Directory, detailed steps are provided in the McAfee Quick Tips video Active Directory Synchronization in ePO.

adding system with automatic discovery
adding system manually

Compatibility Matrix

Microsoft operating system	Minimum Supported Versions
Microsoft operating system	ePO 5.10.0 Update 7	ePO 5.10.0	ePO 5.9.0 5.9.1
Windows Server 2019 Version 2004	Yes	No	No
Windows Server 2019 Version 1909 Windows Server 2019 Version 1903 Windows Server 2019 Version 1809	Yes	Yes	No
Microsoft Windows Server 2016	Yes 3	Yes 3	Yes 3
Microsoft Windows Server 2012 R2 (Standard and Datacenter)	Yes	Yes	Yes
Microsoft Windows Server 2012 (Standard and Datacenter)	Yes	Yes	Yes
Microsoft Windows Server 2008 Release 2 (64-bit) (Standard, Enterprise, and Datacenter)	Yes 2	Yes 2	Yes 2
Microsoft Windows Server 2008 (64-bit)1 (Standard, Enterprise, and Datacenter)	No	No	No
Microsoft Windows Server 2008 (32-bit) (Standard, Enterprise, and Datacenter)	No	No	No
Microsoft Windows 2003 Storage Server	No	No	No
Microsoft Windows Server 2003 Release 2 (32-bit)	No	No	No
Microsoft Windows Server 2003 Release 2 (64-bit)	No	No	No
Microsoft Windows Server 2003 (32-bit)	No	No	No
Microsoft Windows Server 2003 (64-bit)	No	No	No
Microsoft Windows 2003 Web	No	No	No

Microsoft SQL versions	Minimum Supported Versions
Microsoft SQL versions	ePO 5.10	ePO 5.9.1	ePO 5.9.0
SQL Server 2019 Express SQL Server 2019	Yes	No	No
SQL Server 2017 Express	Yes	Yes	No
SQL Server 2017	Yes	Yes	No
SQL Server 2016 Express	Yes	Yes	Yes
SQL Server 2016	Yes	Yes	Yes
SQL Server 2014 Express	Yes	Yes	Yes
SQL Server 2014	Yes	Yes	Yes
SQL Server 2012 Express	Yes	Yes	Yes
SQL Server 2012	Yes	Yes	Yes
SQL Server 2008 R2 Express	No	Yes	Yes
SQL Server 2008 R2	No	Yes	Yes
SQL Server 2008 Express	No	Yes 1	Yes 1
SQL Server 2008	No	Yes 1	Yes 1
SQL Server 2005 Express	No	No	No
SQL Server 2005	No	No	No

Upgrade path

Supported Upgrade Paths:

Upgrade From Version	Upgrade To ePO Version
Upgrade From Version	5.10	5.9.1	5.9.0	5.3.3	5.3.2	5.3.1	5.3.0	5.1.3	5.1.2	5.1.1
5.9.1	Supported	n/a	n/a	n/a	n/a	n/a	n/a	n/a	n/a	n/a
5.9.0	Supported	Supported	n/a	n/a	n/a	n/a	n/a	n/a	n/a	n/a
5.3.3	Supported	Supported	Blocked	n/a	n/a	n/a	n/a	n/a	n/a	n/a
5.3.2	Supported	Supported	Supported	Supported	n/a	n/a	n/a	n/a	n/a	n/a
5.3.1	Supported	Supported	Supported	Supported	Supported	n/a	n/a	n/a	n/a	n/a
5.3.0	Blocked	Blocked	Blocked	Blocked	Supported	Supported	n/a	n/a	n/a	n/a
5.1.3 (EOL)	Supported	Supported	Supported	Supported	Supported	Supported	n/a	n/a	n/a	n/a
5.1.2 (EOL)	Blocked	Blocked	Blocked	Supported	Supported	Supported	n/a	Supported	n/a	n/a
5.1.1 (EOL)	Blocked	Blocked	Blocked	Supported	Supported	Supported	Supported	Supported	Supported	n/a
5.1.0 (EOL)	Blocked	Blocked	Blocked	Supported	Supported	Supported	Supported	Supported	Blocked	Supported

SQL Server 2016 with SP1 Express Edition

Below links are for SQL Server 2016 with SP1 Express Edition (English):

Express Core (411 MB): https://download.microsoft.com/download/9/0/7/907AD35F-9F9C-43A5-9789-52470555DB90/ENU/SQLEXPR_x64_E...
Express Advanced (1255 MB): https://download.microsoft.com/download/9/0/7/907AD35F-9F9C-43A5-9789-52470555DB90/ENU/SQLEXPRADV_x6...

Installation Steps

Log on to the Windows Server system to be used as the McAfee ePO server.
Use an account with local administrator permissions.
Locate the software you downloaded from the McAfee website and extract the files to a temporary location. Right-click Setup.exe and select Run as Administrator.
The executable is located in the downloaded McAfee ePO installation folder.
CAUTION: If you try to run Setup.exe without first extracting the contents of the .zip file, the installation fails.
The McAfee ePolicy Orchestrator - InstallShield Wizard starts.
Click Next to continue the installation.
Monitor the installation process when using the InstallShield Wizard. You might need to restart your system.
In the Destination Folder step, click either:
- Next to install your McAfee ePO software in the default location (C:\Program Files (x86)\McAfee\ePolicy Orchestrator\).
- Change to specify a custom destination location for your McAfee ePO software. When the Change Current Destination Folder window opens, browse to the destination and create folders as needed, then click OK.
The installer searches for SQL Servers. If the installer finds any SQL Servers, it automatically moves to the next stage and the servers it finds can be selected from a drop-down list. If the installer is unable to find any, a dialog box asks if you want to search again. Click No to go to the next step where the SQL Server information can be entered manually.

In the Database Information step, specify information for your database, then click Next.

Specify the Database Server and Database Name.


Database Server	If the installer found the SQL Server in the previous step, select your server from the drop-down list. If the server is not listed, enter the information manually by typing the name of the SQL Server. If you are using dynamic SQL ports, enter the name of the SQL Server and the name of the SQL instance separated by a backslash. For example, if your SQL Server is called SQLServer and you are using the default instance name of MSSQLSERVER, enter `SQLServer\MSSQLSERVER`.
Database Name	This value is automatically populated with the name of the database. Enter a new database name to change the value.

Specify which type of Database Server Credentials to use.


Windows authentication	From the Domain menu, select the domain of the user account to use for accessing the SQL Server from the drop-down list. If the required domain is not listed, type the domain name, user name, and password.
SQL authentication	Type the user name and password for your SQL Server. Make sure that credentials you provide represent an existing user on the SQL Server with appropriate rights. NOTE: The Domain menu is grayed out when using SQL authentication.

Click Next.
The installer attempts to connect to the SQL Server using the credentials given. If the installer can't automatically determine the port, this message appears: Setup was unable to access the SQL UDP port 1434. Click OK to return to the Database Information page. However, the SQL Server TCP port field is now available. Enter the port and click Next.

The Pre-Installation Auditor automatically starts. Review the results and correct any failures, then click Rerun. Once all checks have passed, click Finish.
In the HTTP Port Information step, review the default port assignment, then click Next to verify that the ports are not already in use on this system.
IMPORTANT: You can change some of these ports now. When your installation is complete, you can change only the Agent wake-up communication port and Agent broadcast communication port.
In the Administrator Information step, type this information, then click Next.
1. Type the user name and password you want to use for your primary administrator account.
2. Type the server recovery passphrase.
  The passphrase includes 14–200 characters, must not contain leading or trailing backslashes (\), spaces, double quotation marks ("), or characters below ASCII 32 or above ASCII 65535.
  IMPORTANT: Keep a record of this passphrase; you need it to decrypt the Disaster Recovery Snapshot records and McAfee can't recover it.
In the Type License Key step, type your license key, then click Next.
If you don't have a license key, you can select Evaluation to continue installing the software in evaluation mode. The evaluation period is limited to 90 days. You can enter a license key after installation is complete from the McAfee ePO Settings or Software Catalog. Optionally, if you want McAfee ePO to automatically download the products you are licensed for after the installation completes, select Enable Automatic Product Installation. For more information, see Automatic Product Installation.
NOTE: The Enable Automatic Product Installation option is enabled by default and only available if you have a license key.
Accept the McAfee End User License Agreement and click OK.
From the Ready to install the Program dialog box, decide if you want to allow McAfee to collect system and software telemetry data, then click Install to begin installing the software.
When the installation is complete, click Finish to exit the Setup program.