Set up instance

Australia Security Management

Release

australia

ft:locale

en-US

ft:publication_title

Australia Security Management

ft:clusterId

security

bundleId

security

workflow

Technology

Set up your ServiceNow AI Platform instance for the McAfee ePO integration

Release version: Australia

Updated March 12, 2026

2 minutes to read

Summarize

Summarized using AI

Summary of Set up your ServiceNow AI Platform instance for the McAfee ePO integration

This guide outlines the essential setup tasks for integrating your ServiceNow AI Platform instance with McAfee ePO. Completing these tasks is crucial for a successful installation of the integration application.

Show full answer Show less

Set up requirements

Role required: ServiceNow AI Platform administrator (admin).
Ensure you have the necessary roles assigned for installation and configuration, including:
- System Administrator (admin) for application installation.
- Security Incident Administrator (snsi.admin) for application configuration and profile management.
- Security Incident Analyst (snsi.analyst) for handling security incidents and related tasks.
Confirm the use of McAfee ePO version 5.9, compatible with version 10.4.3 of the ePolicy Orchestrator.
Install the ServiceNow extension plugin within your McAfee ePO console.
Verify that the Security Incident Response Dependency plugin (com.snc.sidep) is installed and activated to support required functionalities.
Check for installation and activation of the following Security Operations applications:
- Security Incident Response
- Security Incident Response Workspace
- Security Integration Framework
- Security Support Common
- Security Support Orchestration
Install and configure a MID Server in your ServiceNow AI Platform instance.
If utilizing the approval process for profiles, create an approval group to manage requests for isolating and restoring host machines.

Key Outcomes

By completing these setup tasks, you ensure a smooth integration between ServiceNow AI Platform and McAfee ePO, enabling efficient handling of security incidents and streamlined operations within your organization.

The following section lists the setup tasks that you’re required to complete in your ServiceNow AI Platform® instance prior to installing the application for the McAfee ePO integration.

Set up requirements

Role required: ServiceNow AI Platform administrator (admin). Review the following information before your ServiceNow AI Platform® instance for the McAfee ePO integration.

The following table is a list of setup requirements for the application. Verify that you’ve completed these tasks before you install the application for the integration from the ServiceNow Store.


Set up task	Description
Verify that you’ve assigned the required ServiceNow AI Platform® and Security Incident Response (SIR) roles.	The following roles are required: A user with the system administrator (admin) role to install the application. A user with the security incident administrator (sn_si.admin) role configures the application, and creates, activates, and removes profiles. A user with the security incident analyst (sn_si.analyst) role works with security incidents. Tasks include manually launching profiles from security incidents. If the approval option is selected in a profile during the configuration step, users with this role also submit requests for isolating hosts and returning them to the network.
Verify that you are using version 5.9 of McAfee ePO.	The integration supports version 10.4.3 of the McAfee ePolicy Orchestrator.
Verify that you have installed the ServiceNow extension plugin in your McAfee ePO console.	Install the ServiceNow plugin in your McAfee ePO console. For more information and to obtain the plugin file, in your ServiceNow AI Platform instance, navigate to Knowledge > Articles > All and, in the Search field, enter, ServiceNow Security Operations Extension for McAfee ePO .
Verify that the ServiceNow core applications that are required to support the integration are installed and activated before you install the application for the integration.	Security Incident Response Dependency plugin (com.snc.si_dep) is required. This plugin automatically installs all the dependencies that are required to support the Security Incident Response product. Install and activate this plugin before you install and activate the other Security Operations applications required by the integration. Verify that the following Security Operations applications are installed and activated from the ServiceNow Store. If not installed, install and activate one application at a time in the following order to ensure a smooth installation. Security Incident Response Security Incident Response Workspace Security Integration Framework Security Support Common Security Support Orchestration For more information about installing the Security Operations core applications, see Get entitlement for a Security Operations product or application and Activate a ServiceNow Store application.
Verify that you have installed and configured a MID Server.	An installed and configured MID Server is required in your ServiceNow AI Platform® instance. See the ServiceNow Product Documentation website for more information about MID Servers.
If you want to enable the approval process for profiles, verify that you have created an approval group to process requests.	There is an optional approval process available for isolating host machines and restoring them to the network. If this option is enabled, prior approval is required before host machines are isolated and restored to your network. If your organization wants an extra level of control over these actions, enable the Require approval option during the configuration step for a profile. By default, approval authority is assigned to the ServiceNow AI Platform® security incident administrator (sn_si.admin). This authority can be reassigned to an approval group. Within the group, any member has permission to approve or reject requests. You select an active approval group during the configuration step of your profile setup. For more information, see Create an approval group.