-->

Important

Download the latest version of Jamf Pro for Mac - Powerful sysadmin/enterprise tool (was Casper Suite). Download (10 MB). Redesigned for the. How to Open Self Service. To start Self Service on a Macintosh computer, click on a blank area of the desktop, then from the Menu Bar, select Go Applications (Or press Shift + Command + A from any Finder window) If you navigate the Applications folder, you can also look for the Self Service icon, double click it. Once you have located it, click on the Install button within its entry and wait for Self Service to indicate that the install has finished. It will show that it is still installing the program in the status screen near the top of the window and by displaying a number on the download button neat. Use Jamf Self Service to upgrade to macOS High Sierra 20180601 Create a package of the “Install macOS High Sierra.app” 1.Download the Install macOS High Sierra app. From the Apple menu, choose App Store. Search the App Store for macOS High Sierra, or go directly to the macOS High Sierra page at mac/macoshighsierra. Use Jamf Self Service to upgrade to macOS Mojave 20190123 Create a Jamf Pro policy to download the Install macOS Mojave app 1. Use a web browser to open your Jamf Pro management window. Click Computers, and then click Policies. Click New to create a new policy. In the Display Name field enter a descriptive name such as “Download Mojave”.

Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender Advanced Threat Protection. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future.

Applies to:

This page will guide you through the steps you need to take to set up macOS policies in Jamf Pro.

You'll need to take the following steps:

Step 1: Get the Microsoft Defender ATP onboarding package

1. In Microsoft Defender Security Center, navigate to Settings > Onboarding.

2. Select macOS as the operating system and Mobile Device Management / Microsoft Intune as the deployment method.

3. Select Download onboarding package (WindowsDefenderATPOnboardingPackage.zip).

4. Extract WindowsDefenderATPOnboardingPackage.zip.

5. Copy the file to your preferred location. For example, C:UsersJaneDoe_or_JohnDoe.contosoDownloadsWindowsDefenderATPOnboardingPackage_macOS_MDM_contosojamfWindowsDefenderATPOnboarding.plist.

Step 2: Create a configuration profile in Jamf Pro using the onboarding package

1. Locate the file WindowsDefenderATPOnboarding.plist from the previous section.

2. In the Jamf Pro dashboard, select New.

3. Enter the following details:

   General

   • Name: MDATP onboarding for macOS
   • Description: MDATP EDR onboarding for macOS
   • Category: None
   • Distribution Method: Install Automatically
   • Level: Computer Level

4. In Application & Custom Settings select Configure.

5. Select Upload File (PLIST file) then in Preference Domain enter: com.microsoft.wdav.atp.

6. Select Open and select the onboarding file.

7. Select Upload.

8. Select the Scope tab.

9. Select the target computers.

10. Select Save.

11. Select Done.

Step 3: Configure Microsoft Defender ATP settings

1. Use the following Microsoft Defender ATP configuration settings:

   • enableRealTimeProtection
   • passiveMode

   Note

   Not turned on by default, if you are planning to run a third-party AV for macOS, set it to true.

   • exclusions
   • excludedPath
   • excludedFileExtension
   • excludedFileName
   • exclusionsMergePolicy
   • allowedThreats

   Note

   EICAR is on the sample, if you are going through a proof-of-concept, remove it especially if you are testing EICAR.

   • disallowedThreatActions
   • potentially_unwanted_application
   • archive_bomb
   • cloudService
   • automaticSampleSubmission
   • tags
   • hideStatusMenuIcon

   For information, see Property list for Jamf configuration profile.

2. Save the file as MDATP_MDAV_configuration_settings.plist.

3. In the Jamf Pro dashboard, select General.

4. Enter the following details:

   General

   • Name: MDATP MDAV configuration settings
   • Description:<blank>
   • Category: None (default)
   • Distribution Method: Install Automatically(default)
   • Level: Computer Level(default)

5. In Application & Custom Settings select Configure.

6. Select Upload File (PLIST file).

7. In Preferences Domain, enter com.microsoft.wdav, then select Upload PLIST File.

8. Select Choose File.

9. Select the MDATP_MDAV_configuration_settings.plist, then select Open.

10. Select Upload.

    Note

    If you happen to upload the Intune file, you'll get the following error:
    

11. Select Save.

12. The file is uploaded.

13. Select the Scope tab.

14. Select Contoso's Machine Group.

15. Select Add, then select Save.

16. Select Done. You'll see the new Configuration profile.

Step 4: Configure notifications settings

These steps are applicable of macOS 10.15 (Catalina) or newer.

1. Download notif.mobileconfig from our GitHub repository

2. Save it as MDATP_MDAV_notification_settings.plist.

3. In the Jamf Pro dashboard, select General.

4. Enter the following details:

   General

   • Name: MDATP MDAV Notification settings
   • Description: macOS 10.15 (Catalina) or newer
   • Category: None (default)
   • Distribution Method: Install Automatically(default)
   • Level: Computer Level(default)

5. Select Upload File (PLIST file).

6. Select Choose File > MDATP_MDAV_Notification_Settings.plist.

7. Select Open > Upload.

8. Select the Scope tab, then select Add.

9. Select Contoso's Machine Group.

10. Select Add, then select Save.

11. Select Done. You'll see the new Configuration profile.

Step 5: Configure Microsoft AutoUpdate (MAU)

1. Use the following Microsoft Defender ATP configuration settings:

2. Save it as MDATP_MDAV_MAU_settings.plist.

3. In the Jamf Pro dashboard, select General.

4. Enter the following details:

   General

   • Name: MDATP MDAV MAU settings
   • Description: Microsoft AutoUpdate settings for MDATP for macOS
   • Category: None (default)
   • Distribution Method: Install Automatically(default)
   • Level: Computer Level(default)

5. In Application & Custom Settings select Configure.

6. Select Upload File (PLIST file).

7. In Preference Domain enter: com.microsoft.autoupdate2, then select Upload PLIST File.

8. Select Choose File.

9. Select MDATP_MDAV_MAU_settings.plist.

10. Select Upload.

11. Select Save.

12. Select the Scope tab.

13. Select Add.

14. Select Done.

Step 6: Grant full disk access to Microsoft Defender ATP

1. In the Jamf Pro dashboard, select Configuration Profiles.

2. Select + New.

3. Enter the following details:

   General

   • Name: MDATP MDAV - grant Full Disk Access to EDR and AV
   • Description: On macOS Catalina or newer, the new Privacy Preferences Policy Control
   • Category: None
   • Distribution method: Install Automatically
   • Level: Computer level

4. In Configure Privacy Preferences Policy Control select Configure.

5. In Privacy Preferences Policy Control, enter the following details:

   • Identifier: com.microsoft.wdav
   • Identifier Type: Bundle ID
   • Code Requirement: identifier 'com.microsoft.wdav' and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9

6. Select + Add.

   • Under App or service: Set to SystemPolicyAllFiles

   • Under 'access': Set to Allow

7. Select Save (not the one at the bottom right).

8. Click the + sign next to App Access to add a new entry.

9. Enter the following details:

   • Identifier: com.microsoft.wdav.epsext
   • Identifier Type: Bundle ID
   • Code Requirement: identifier 'com.microsoft.wdav.epsext' and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = UBF8T346G9

10. Select + Add.

    • Under App or service: Set to SystemPolicyAllFiles

    • Under 'access': Set to Allow

11. Select Save (not the one at the bottom right).

12. Select the Scope tab.

13. Select + Add.

14. Select Computer Groups > under Group Name > select Contoso's MachineGroup.

15. Select Add.

16. Select Save.

17. Select Done.

Step 7: Approve Kernel extension for Microsoft Defender ATP

1. In the Configuration Profiles, select + New.

2. Enter the following details:

   General

   • Name: MDATP MDAV Kernel Extension
   • Description: MDATP kernel extension (kext)
   • Category: None
   • Distribution Method: Install Automatically
   • Level: Computer Level

3. In Configure Approved Kernel Extensions select Configure.

4. In Approved Kernel Extensions Enter the following details:

   • Display Name: Microsoft Corp.
   • Team ID: UBF8T346G9

5. Select the Scope tab.

6. Select + Add.

7. Select Computer Groups > under Group Name > select Contoso's Machine Group.

8. Select + Add.

9. Select Save.

10. Select Done.

Step 8: Approve System extensions for Microsoft Defender ATP

1. In the Configuration Profiles, select + New.

2. Enter the following details:

   General

   • Name: MDATP MDAV System Extensions
   • Description: MDATP system extensions
   • Category: None
   • Distribution Method: Install Automatically
   • Level: Computer Level

3. In System Extensions select Configure.

4. In System Extensions enter the following details:

   • Display Name: Microsoft Corp. System Extensions
   • System Extension Types: Allowed System Extensions
   • Team Identifier: UBF8T346G9
   • Allowed System Extensions:
     • com.microsoft.wdav.epsext
     • com.microsoft.wdav.netext

5. Select the Scope tab.

6. Select + Add.

7. Select Computer Groups > under Group Name > select Contoso's Machine Group.

8. Select + Add.

9. Select Save.

10. Select Done.

Step 9: Configure Network Extension

As part of the Endpoint Detection and Response capabilities, Microsoft Defender ATP for Mac inspects socket traffic and reports this information to the Microsoft Defender Security Center portal. The following policy allows the network extension to perform this functionality.

Note

JAMF doesn’t have built-in support for content filtering policies, which are a pre-requisite for enabling the network extensions that Microsoft Defender ATP for Mac installs on the device. Furthermore, JAMF sometimes changes the content of the policies being deployed.As such, the following steps provide a workaround that involve signing the configuration profile.

1. Download netfilter.mobileconfig from our GitHub repository to your device and save it as com.microsoft.network-extension.mobileconfig

2. Follow the instructions on this page to create a signing certificate using JAMF’s built-in certificate authority

3. After the certificate is created and installed to your device, run the following command from the Terminal from a macOS device:

4. From the JAMF portal, navigate to Configuration Profiles and click the Upload button.

5. Select Choose File and select microsoft.network-extension.signed.mobileconfig.

6. Select Upload.

7. After uploading the file, you are redirected to a new page to finalize the creation of this profile.

8. Select the Scope tab.

9. Select + Add.

10. Select Computer Groups > under Group Name > select Contoso's Machine Group.

11. Select + Add.

12. Select Save.

13. Select Done.

Step 10: Schedule scans with Microsoft Defender ATP for Mac

Jamf Pro Download

Follow the instructions on Schedule scans with Microsoft Defender ATP for Mac.

Step 11: Deploy Microsoft Defender ATP for macOS

1. Navigate to where you saved wdav.pkg.

2. Rename it to wdav_MDM_Contoso_200329.pkg.

3. Open the Jamf Pro dashboard.

4. Navigate to Advanced Computer Searches.

5. Select Computer Management.

6. In Packages, select + New.

7. In New Package Enter the following details:

   General tab

   • Display Name: Leave it blank for now. Because it will be reset when you choose your pkg.
   • Category: None (default)
   • Filename: Choose File

   Open the file and point it to wdav.pkg or wdav_MDM_Contoso_200329.pkg.

8. Select Open. Set the Display Name to Microsoft Defender Advanced Threat Protection and Microsoft Defender Antivirus.

   Options tab
   Keep default values.

   Limitations tab
   Keep default values.

9. Select Save. The package is uploaded to Jamf Pro.

   It can take a few minutes for the package to be available for deployment.

10. Navigate to the Policies page.

11. Select + New to create a new policy.

12. In General Enter the following details:

    • Display name: MDATP Onboarding Contoso 200329 v100.86.92 or later

13. Select Recurring Check-in.

14. Select Save.

15. Select Packages > Configure.

16. Select the Add button next to Microsoft Defender Advanced Threat Protection and Microsoft Defender Antivirus.

17. Select Save.

18. Select the Scope tab.

19. Select the target computers.

    Scope

    Select Add.

    Self-Service

20. Select Done.

Jamf Pro (formerly Casper Suite) is the EMM tool that delights IT pros and the users they support by delivering on the promise of unified endpoint management for Apple devices. At Jamf, connecting the Apple user experience with IT requirements has been our business for the last decade. With Jamf Pro for Mac, iPad, iPhone, and Apple TV management, IT can support an extraordinary Apple experience for the end user while meeting or exceeding organization goals and requirements.

Whether you work at a school, business, or government agency, Jamf Pro has been developed to meet your needs--because it's supported by Apple specialists for the enterprise. Because we understand the potential of Apple in the enterprise, and how to help you get where you want to be.

To begin your journey, take the first step: learn how Jamf Pro can transform Apple ecosystem management in your organization. Then engage with Jamf to help every step of the way.

Note: Pricing for Jamf Pro is license-based, with discounts for volume purchases and education organizations. Please contact Jamf for more information.

New Look and Feel

• Completely redesigned action-oriented dashboard to quickly view the status of your policies
• Interactive tables to easily customize your view and quickly sort your data
• Collapsible sidebar menu gives you more screen space to work with when you need it.
• Breadcrumbs shows you the path you?ve taken and provides a quick link back.
• Contextual warnings will help you solve common issues quickly and direct you where to go.
• Access Jamf Pro 10 on your mobile devices and perform common management actions.

Patch Management

• Patch notifications keeps you informed to when patches are available from common software titles.
• Patch reports shows you exactly what software versions are running on all your Macs.
• The brand new Patch policies, purpose-built for patching, will automatically scope your eligible devices and give you control over how the patch is delivered.

Self Service

• Redesigned for the user from the ground up to provide a delightful native Mac experience
• Simple navigation in the library allows users to find what they need quickly.
• The new History tab shows users what they have previously downloaded or patched.
• Patch notifications and updates are consolidated into one location and will let the user know when it?s time to update their software.
• Make Self Service your own by fully customizing the branding, including the banner, icon and app name itself.

Jamf Self Service Application