Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Using MDM for Mass Deployment and Security Permissions Configuration of Apex One (Mac) in macOS Big Sur

    • Updated:
    • 2 Jun 2021
    • Product/Version:
    • Apex One (Mac)
    • Platform:
Summary

This article shows how to generate an MDM profile that can be used for Mass Deployment and Security Permissions Configuration of Apex One (Mac) in macOS Big Sur.

Details
Public

To create an MDM profile for macOS Big Sur and Airwatch / JAMF:

Open the JAMF or Airwatch MDM Server, go to Device > Profiles, and click Add to add a new macOS Profile.

 
It is important to specify which OS the profile is for to prevent format issues.
 

Open the MDM console to access the device profile page

  1. Go to Security and Privacy.
  2. Under Gatekeeper, select Anywhere or Allow apps outside Mac App store

o to Security and Privacy and have the Gatekeeper to select “Anywhere” or allow apps outside Mac App store

 
For more information about macOS' Gatekeeper, read this article from Apple: Using Gatekeeper in macOS deployments.
 
  1. Go to Kernel Extension Policy, and tick the Allow User Overrides option.
  2. Indicate the Allowed Kernel Extensions for Apex Mac Service:
    • identifier "com.trendmicro.icore" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = E8P47U2H32    
    • identifier "com.trendmicro.tmsm.MainUI" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = E8P47U2H32
    •  identifier "com.trendmicro.icore.es" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = E8P47U2H32

o to Security and Privacy and have the Gatekeeper to select “Anywhere” or allow apps outside Mac App store

Apple Identifier in exact keywords: 

  1. Go to Privacy Preferences.
  2. Navigate to the Apple Identifier section, and add the following value to the "Receiver Code Requirement" field:
    Identifier "com.apple.systemevents" and anchor apple

Apply the Apple Identifier

 
After deploying the MDM profile to the Mac machines, configure the browser plugin information and MDM configuration for older versions of macOS. Check the following article for reference: Information needed when configuring MDM Profile for Apex One (Mac).
 
Premium
Internal
Partner
Rating:
Category:
Configure; Deploy
Solution Id:
000285787
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.