Issue
- Use Jamf Pro to deploy ESET Endpoint Antivirus for macOS 7.x on Big Sur (11) and later
Solution
Follow the instructions below to deploy ESET Endpoint Antivirus for macOS using Jamf Pro to manage using ESET PROTECT On-Prem.
- Configure System Extensions, Privacy Preference Policy Control (PPPC), VPN, and Content Filter profile
- Create Policies
- Additional Options
I. Configure System Extensions, PPPC, VPN, and Content Filter profile
- Open Jamf Pro and click Computers → Configuration Profiles to set the approval for System Extensions, PPPC, VPN, and Content Filter and click New to add a new configuration profile (one configuration profile can contain all the settings).
-
Type a Name for the profile.
-
In the Options tab, click System Extensions → Configure.
-
In the Allowed TEAM IDs and System Extensions section, type the following information:
- Display Name: ESET SE [you can choose any name you want]
- System Extension Types: Allowed System Extensions
- Team Identifier: P8DQRXPVLP
- Allowed System Extensions:
com.eset.endpoint
com.eset.network
-
In the Options tab, click Privacy Preferences Policy Control → Configure.
-
Add in the following information for your applicable ESET product:
ESET Endpoint Antivirus for macOS
- Main product identifier EEA:
- Identifier: com.eset.eea.g2
- Identifier Type: Bundle ID
- Code Requirement:
identifier "com.eset.eea.g2" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
- App or Service: SystemPolicyAllFiles
- Access: Allow
- Device identifier:
- Identifier: com.eset.devices
- Identifier Type: Bundle ID
- Code Requirement:
identifier "com.eset.devices" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
- App or Service: SystemPolicyAllFiles
- Access: Allow
- Realtime identifier:
- Identifier: com.eset.endpoint
- Identifier Type: Bundle ID
- Code Requirement:
identifier "com.eset.endpoint" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
- App or Service: SystemPolicyAllFiles
- Access: Allow
- Main product identifier EEA:
-
In the Options tab, click VPN → Configure.
-
Create a configuration profile for ESET Web and Email Protection with the following settings:
- VPN type: VPN
- Connection type: Custom SSL
- Identifier: com.eset.network.manager
- Server: localhost
- Provider Bundle Identifier: com.eset.network
- User authentication: certificate
- Provider Type: App-proxy
- Provider Designated Requirement:
identifier "com.eset.network" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
Select the check box next to Enable VPN on Demand
- On Demand Rules Configuration XML:
<array>
<dict>
<key>Action</key>
<string>Connect</string>
</dict>
</array>
- Idle Timer: Do not disconnect
For more information, see the Online Help guide.
-
Click the Scope tab and click Add.
-
In the Add Deployment Targets section, select the computers (or Computer Groups) you want to apply the policy to by clicking Add, and then click Done.
-
Click Save to apply your changes.
II. Create policies
-
Click Policies in the left menu and click New.
-
Type a Display Name for the policy, and in the Trigger section, select the Recurring Check-in check box.
-
Download the following ESET Security product and ESET Management Agent installation scripts:
- ESET Security product installation script: ESETavJamf_g2.sh (right-click and select Save link as)
- ESET Management Agent installation script: Create the Agent Live Installer and download the PROTECTAgentinstaller.sh file from ESET PROTECT On-Prem.
-
After downloading the scripts, follow the steps in Jamf Pro Administrator's Guide to add the scripts to Jamf.
-
From the Options tab, click Scripts and then click Configure.
-
Click Add to select the scripts to add to the policy.
-
Optionally, add the Parameter Values below for the Endpoint script. If no parameter values are added, it will install ESET Endpoint Antivirus for macOS version 7 and need to be activated by the ESET PROTECT On-Prem server.
- Parameter 4 (Optional): Activate with EBA account information in the following format:
123-ABC-456:user=security.admin@mail.com:pass=SecurityAdminPass
- Parameter 5 (Optional): Specify HTTP Proxy in the format
http://Proxy-IP-or-FQDN:3128
- Parameter 4 (Optional): Activate with EBA account information in the following format:
-
Click the Scope tab and click Add.
-
In the Add Deployment Targets section, select the computers (or Computer Groups) you want to apply the policy to by clicking Add, and then click Done.
-
Click Save to apply your changes.
III. Additional options
- Verify you can manage the ESET Endpoint using ESET PROTECT On-Prem: Open the ESET PROTECT Web Console, click Computers and verify that the Jamf endpoint is displayed in the All Group.
- If you did not type the License Key or Security Admin during the install scripts, you can activate the ESET products using ESET PROTECT On-Prem.
- Extension Attributes: Extension Attributes show information regarding ESET products in the Computer details → Search Inventory → General section.
Follow the instructions below to add the Extension Attribute:
-
Open Jamf pro and click the All Settings gear icon → Computer Management → Extension attributes.
-
Click New to create a new extension attribute.
-
In Display Name type a name for the extension attribute, select Script in the Input Type drop-down menu and then paste the ESETstatusEA.sh (right-click and select Save link as) script into the Shell field and click Save.
-
The extension attribute will be automatically set to all computer groups. Click a computer and in the General section, it will display the extension attribute.