Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Cb Defense: What Information Is Required In MDM Profile For KEXT Approval Of 3.0.x.x Sensor?

Cb Defense: What Information Is Required In MDM Profile For KEXT Approval Of 3.0.x.x Sensor?

Environment

  • Cb Defense Web Console: All Versions
  • Cb Defense Sensor: 3.0.x.x
  • MacOS: 10.13.x and higher

Question

What information related to the Cb Defense sensor Kext is required in an MDM profile?

Answer

The Team ID and Bundle ID can be included in the MDM profile.  While the inclusion of the Bundle ID includes a reference to the Team ID, the Team ID may require a dedicated entry.  Please see the sample below for reference.  This sample includes only the data required in an MDM profile for approval of the Cb Defense sensor version 3.0.x.x Kexts.  Additional required and optional parameters included with MDM profiles are covered in Apple's developer documentation.

<plist version="1.0">

<dict>

    <key>AllowedTeamIdentifiers</key>

    <array>

        <string>JA7945SK43</string>

    </array>

    <key>AllowedKernelExtensions</key>

    <dict>

        <key>JA7945SK43</key>

        <array>

            <string>com.confer.sensor.kext</string>

        </array>

    </dict>

</dict>

</plist>

Additional Notes

  • User Approved Kernel Extension Loading was introduced with macOS 10.13 High Sierra.  As a result, the KEXT associated with the Cb Defense sensor must either be manually approved by end users or pre-approved with an MDM profile.

  • When User Approved Kernel Extension Loading was first introduced in macOS 10.13.0, it was bypassed as long as the Mac was managed with any MDM profile.  Beginning with macOS 10.13.4, MDM management alone is not sufficient. The Cb Defense Team ID and Bundle ID must be added to the profile for KEXT approval.

  • The Team ID and Bundle ID vary depending on the Cb Defense sensor version.

  • Additional required and optional parameters included with MDM profiles are covered in Apple's developer documentation.

Related Content

Cb Defense: What Information Is Required In MDM Profile For KEXT Approval Of 3.1.x.x Sensor?

Mac supported sensors and agents

Cb Defense: How to approve KEXT on JAMF

macOS 10.13.4 Kext Approval Changes

Prepare your institution for macOS High Sierra 10.13.4

Apple Developer's Kernel Extension Policy Reference​

Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎08-15-2018
Views:
688
Contributors