Install the Cortex XDR Agent Using JAMF - Administrator Guide - 8.3 - Cortex XDR - Cortex XDR Agent - Advanced Endpoint Protection - Cortex - Security Operations

Cortex XDR Agent Administrator Guide

Product
Cortex XDR
Cortex XDR Agent
Version
8.3
Creation date
2024-01-02
Last date published
2024-07-04
Category
Administrator Guide
Abstract

Step-by-step instructions to configure a JAMF installation profile for the Cortex XDR agent on macOS endpoints.

To deploy the Cortex XDR agent to multiple endpoints, you can set up a JAMF profile. As part of your JAMF deployment you must grant full disk access, approve system extensions, content filter configuration, notifications and managed login items. Depending on your macOS version.

For a seamless configuration using JAMF that does not require creating the configuration profile manually, refer to Install with a Unified Configuration Profile for MDMs.

Caution

Following the changes Apple introduced in macOS 11.3 for MDMs, when you remove an MDM configuration profile that includes permissions for system extensions (for Cortex XDR agents or Global Protect), the system extensions will be instantly unloaded from all endpoints. As a result, the Cortex XDR protection status will be disabled.

    To set up a JAMF profile step-by-step, use the following workflow. For additional information, refer to the JAMF documentation on configuring configuration profiles.

    1. Create a new Computer Configuration Profile in JAMF.

      Under General Options, assign the following:

      • Name—Cortex XDR Agent Unified Configuration Profile

      • Level—Select Computer level.

      Unified_Config_Profile.png
    2. Configure System Extensions.