Step-by-step instructions to configure a JAMF installation profile for the Cortex XDR agent on macOS endpoints.
To deploy the Cortex XDR agent to multiple endpoints, you can set up a JAMF profile. As part of your JAMF deployment you must grant full disk access, approve system extensions, content filter configuration, notifications and managed login items. Depending on your macOS version.
For a seamless configuration using JAMF that does not require creating the configuration profile manually, refer to Install with a Unified Configuration Profile for MDMs.
Caution
Following the changes Apple introduced in macOS 11.3 for MDMs, when you remove an MDM configuration profile that includes permissions for system extensions (for Cortex XDR agents or Global Protect), the system extensions will be instantly unloaded from all endpoints. As a result, the Cortex XDR protection status will be disabled.
To set up a JAMF profile step-by-step, use the following workflow. For additional information, refer to the JAMF documentation on configuring configuration profiles.
Create a new Computer Configuration Profile in JAMF.
Under General Options, assign the following:
Name—
Cortex XDR Agent Unified Configuration Profile
Level—Select Computer level.
Configure System Extensions.