Get Started with EPM

This section details the most likely tasks to get started with EPM, including automatically authorizing and assigning computers to groups.

After you deploy EPM, you can:

  • Create policy
  • Create groups and assign policy
  • Assign computers to these groups

Create Policy

There are various approaches you can take to create policies in EPM. For example, if you are new to EPM, you may want to create a group, assign it as the Default group, add all your computers to that group, and then assign the Endpoint Privilege Management QuickStart policy to that group.

If you are migrating to EPM, you may want to replicate your existing groups and assign the same policy to them, before authorizing and placing your computers in those groups.

Create Groups and Assign Policy

After you create a policy, you can create a computer group and assign the policy to the group.

Create Groups

  1. On the sidebar menu, click Computer Groups.
  2. Click Create Group.
  3. Enter a Group Name. The Description field is optional. At any time, click the menu, and then select Edit Properties to edit the group name and description.
  4. Click Create Group. Your group is created and appears in the list.
  5. After a group is created, you can set it as the default group. Select a group name, and then select Set as Default from the menu.

When computers are added to EPM, they are automatically added to the default group.

Assign Policy

  1. Go to Policies.
  2. Find the policy, and then select Assign Policy to Group from the menu.
  3. In the Assign Policy to a Group panel, select the revision for the policy you want to assign, and then select the group.
  4. Click Assign Policy.

Install Endpoint Privilege Management

Requirements

For more information about the installation requirements, see Endpoint Privilege Management Release Notes.

You need to install Endpoint Privilege Management for the target operating system, as well as the EPM adapter.

You can view installation package details by visiting the Configuration page.

The Endpoint Privilege Management installation packages differ based on your operating system.

Windows

For 32-bit (x86) systems, choose the Win 32 Bit Download Type.

For 64-bit (x64) systems, choose the Win 64 Bit Download Type.

You need to install Endpoint Privilege Management for Windows with the iC3MODE switch enabled:

Msiexec.exe /i PrivilegeManagementForWindows_x.xxx.x.msi IC3MODE=1 /qn /norestart

Optionally, use the /qn switch to run a silent install. Using this switch requires administrative rights.

MacOS

For MacOS computers, choose the MacOS Download Type.