Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Information needed when configuring MDM Profile for Apex One (Mac)

    • Updated:
    • 15 Oct 2020
    • Product/Version:
    • Apex One (Mac)
    • Platform:
Summary

This articles lists the information about the different policies and extensions needed to properly configure an MDM profile to be used for Apex One (Mac).

Details
Public

Trend Micro Apex One (Mac) needs Full Disk Access and System Extension to run, and users may receive this prompt after upgrading the Security agent to version 3.5.3617. You can refer to the information below if you are using MDM and would like to automate the process of allowing Full Disk Access for Trend Micro Apex One (Mac):

IDENTIFIER: com.trendmicro.icore
IDENTIFIER TYPE: Bundle ID
CODE REQUIREMENT: identifier "com.trendmicro.icore" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = E8P47U2H32

Allow access for the following services:

  • Accessibility
  • Admin Files
  • All Files
  • System Events
    • Receiver Identifier: com.apple.systemevents
    • Receiver Code Requirement: identifier "com.apple.systemevents" and anchor apple

iCore Service

Click image to enlarge.

IDENTIFIER: com.trendmicro.tmsm.MainUI
IDENTIFIER TYPE: Bundle ID
CODE REQUIREMENT: identifier "com.trendmicro.tmsm.MainUI" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = E8P47U2H32

Allow access for the following services:

  • Accessibility
  • Admin Files
  • All Files
  • System Events
    • Receiver Identifier: com.apple.systemevents
    • Receiver Code Requirement: identifier "com.apple.systemevents" and anchor apple

MainUI Service

Click image to enlarge.

 
If you want to display the information above, you can run these commands on your Mac machines: codesign -dr - /Applications/TrendMicroSecurity.app
codesign -dr - /Applications/TrendMicroSecurity.app/Contents/Resources/iCoreService.app/Contents/MacOS/iCoreService
 

Add the following information to allow Trend Micro Apex One (Mac) Security agent kernel extension:

Team IDBundle Identifier
E8P47U2H32com.trendmicro.kext.filehook
com.trendmicro.kext.KERedirect
com.trendmicro.kext.iTMKernAPI
com.trendmicro.icore.netfilter
com.trendmicro.icore.es

By adding below profile settings into MDM and deploy to the Managed Mac computer, the Chrome / Firefox extensions will be enabled automatically and a pop-up message for Chrome and FireFox will no longer appear.

 
For Safari, it is not possible make an automated browser extension deployment via MDM due to Apple restriction.
 
Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000277823
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.