Configuration for Installation by MDM - Administrator Guide - 7.9 - Cortex XDR - Cortex XDR Agent - Advanced Endpoint Protection - Cortex - Security Operations

Cortex XDR Agent iOS App
Product
Cortex XDR
Cortex XDR Agent
Version
7.9
Creation date
2022-08-31
Last date published
2023-12-12
Category
Administrator Guide

Using an MDM solution you can manage and control the installation of the iOS Cortex XDR App across all managed corporate or personally-owned iOS devices.

These instructions are supplied by Palo Alto Networks to assist our customers. Support with third party vendor tools (with the exception of JAMF) is out of the scope of Palo Alto Networks.

  1. Create the iOS App installation package using the Cortex XDR console, and then extract the app link and Distribution ID.

  2. In the iOS MDM, create a mobile device app for Cortex XDR. The app is not publicly visible in the App Store. You must enter the app link that you got from the installation package manually. Searching the App Store won't return any results.

    1. Set a display name, such as, Cortex XDR.

    2. Set the short version that you see in the app store.

    3. Set the bundle identifier "com.paloaltonetworks.cortex.ios"

    4. Set the app as Free.

    5. If available, set the distribution method to Install Automatically.

    6. If available, set Automatically Force App Updates if you intend to always keep the app up to date.

    7. If available, set Convert Unmanaged App to Managed.

    8. If available, set Allow Users to Remove The App to False.

  3. Create the managed app configuration:

    1. Download our app configuration spec file Download:

      • App Config Spec File Name: iOSCortexXDR_AppConfigSpec_V1.xml

      • SHA-256: 8f0001398937f0b0ad6eeb72cfd022641557c112bb87e4c466fbffdc2b96c612

    2. There are three options, depending on the MDM provider:

      MDM Provided Solution

      Actions

      The provider allows the app configuration spec file to be uploaded and has a built-in editor for the required fields.

      Upload the App Config Spec File to your MDM solution and follow the instructions to fill in the required fields.

      The provider allows the generated app configuration Plist file to be uploaded.

      The AppConfig Generator is a third party tool which assists in the generation of configuration plist for a mobile app on a device enrolled in an MDM solution.

      1. Go to https://appconfig.jamfresearch.com/generator.

      2. Select Browse and upload the App Config Spec File.

      3. Select Configure, and follow the instructions to fill in the required fields. Submit.

      4. Select Download Plist and pass the generated Plist file in the app configuration tab of newly created mobile app.

      The provider allows the generated app to be entered or pasted into the configuration dictionary.

      The AppConfig Generator is a third party tool which assists in the generation of configuration plist for a mobile app on a device enrolled in an MDM solution.

      1. Go to https://appconfig.jamfresearch.com/generator.

      2. Select Browse and upload the App Config Spec File.

      3. Select Configure, and follow the instructions to fill in the required fields. Submit.

      4. Select Copy Dictionary and paste the generated dictionary in the app configuration tab of newly created mobile app.

These images are given for example only, they may differ from the application you are using.

AppConfigGenerator01.png
AppConfigGenerator02.png
AppConfigGenerator03.png