Page tree
Skip to end of metadata
Go to start of metadata

This McAfee-ePO integration combines the reach of Lumeta’s network discovery with McAfee's ePolicy Orchestrator (McAfee ePO) to improve your organization's security posture. 

For more on McAfee ePO and McAfee DXL integrations including configuration and information and views of the McAfee Task Manager, see McAfee ePO & DXL.

The McAfee ePO integration provides McAfee ePO customers with a way to ensure that the ePO agent is installed comprehensively on all network devices in a particular segment (or multiple segments) as intended.  The integration reconciles McAfee findings with Lumeta findings and insodoing, uncovers:

  1. Assets lacking the McAfee ePO agent
  2. Assets to which visibility is blocked
  3. Assets with comprehensive management

To manage e-policy in Lumeta, first configure the McAfee feed, then review the ePO Management dashboard, located on Lumeta's main Dashboards menu.

To manage e-policy in McAfee ePO server, configure the McAfee feed, then install the Lumeta extension to your ePO server.

The dashboard provides a variety of useful information:

IPs Unmanaged by McAfee - IPs Lumeta found on your network that McAfee doesn't know about and doesn't have under management. Together, these unknowns represent a policy-management gap and vulnerability that could be exploited. This information is presented visually, in a bar chart that shows the volume of unmanaged, and also in a table with details on each unmanaged IP address (i.e., IP and MAC address, responsiveness and when the first and last response was received, and the Zone in which the device is located).

IPs Unmanaged by Lumeta - These are those IPs managed by McAfee that Lumeta did not find on the network. Typically there will not be any devices managed by McAfee that have not been indexed by Lumeta. In the event these widgets show results, check your your Lumeta discovery configuration, which is not providing the level of visibility you require. Contact us for help in identifying the prospective source  of the problem.

McAfee- and Lumeta-Managed IPs - When this subset becomes the whole (i.e., when all devices are managed by both resources, your organization's e-policy is well in hand.

Following is the ePO Management dashboard and a description of the data fields returned. All analytics from the McAfee feed go here. None affect Map filters, Reports or Search.

  • IP Address - Device identifier
  • MAC Address - Device identifier
  • Active - device responded to Lumeta probe
  • First Observed - Device came on the network
  • Last Observed - Device left the network after this point
  • Zone - Number corresponding to the zone to which the device belongs



The data in any dashboard widget can be exported by clicking the Export icon (i.e., the away-pointing arrow). After identifying Lumeta-discovered IPs that you'd like to bring into McAfee, you can either export the data from the source widget and then import it to McAfee. Or, you can install the Lumeta extension on your McAfee ePO server.

Submit a comment at the bottom of this page if you have a question or need additional information about the ePO Management dashboard.

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.