I have a similar question time ago, so let me share what are my toughs on your questions:
Our request is how can we design/implement this solution with the existence of DR site ?
yes but will be a not "one-click button solution"
Do we need to integrate McAfee EPO with the two NSX manager (Primary and Secondary)?
2 EPOs for 2 NSX manager
Does McAfee EPO understand the Primary and Secondary roles for NSX manager ?
no EPO can be configured in DR mode
What about redirection policies, do we need to configure them twice ?
no, policies need to be share as per DR mode of EPO
Do we need two McAfee EPO server (one on main and second on DR) ? or just a replication for this machine to DR site ?
yes for DR mode in EPO, the tricky part will be sync since is not an easy task, this is a failover only not LB or such a thing, so in addition you need to deal with MSCS and meed requirements for having that between sites, so will be a complex solution not easy to maintain.