Configuring Endpoint Protection remotely via Jamf Pro

/* * These styles apply ONLY to the header and footer assets. */ * { padding: 0; margin: 0; box-sizing: border-box; } .footer { background: #f5f5f6; color: #555a62; font-size: 14px; line-height: 1.5; padding: 18px 0; } .footer-wrap { padding-left: 18px; padding-right: 18px; max-width: 1396px; margin: 0 auto; } .footer .follow-cta, .footer a { color: #6B829B; font-size: 12px; margin-right: 10px; text-decoration: none; } .footer a:hover { color: #0276b3; } .footer .social-link img { height: 15px; width: auto; margin-right: 20px; } .footer .social-link:last-of-type img { margin-right: 0 } .footer-row { display: flex; flex-wrap: wrap; justify-content: space-between; align-items: center; margin: -3px; } .footer-col { padding: 0 3px; } .footer-col-copyRight { justify-content: flex-start; } .footer-col-logo { justify-content: flex-end; display: flex; align-items: center; } .footer-col-copyRight, .footer-col-logo { flex: 1; display: flex; } .logo { width: 120px; height: 28px; opacity: 0.6; } @media screen and (max-width: 768px) { .footer-row { display: block; } .footer-col { width: 100%; text-align: center; margin: 6px 0; } .footer-col:first-child { margin-top: 0; } .footer-col:last-child { margin-bottom: 0; } .footer-col-copyRight, .footer-col-logo { justify-content: center; } .logo { margin: 0 auto; } } /*# sourceMappingURL=styles.css.map */ <iframe src="https://www.googletagmanager.com/ns.html?id=GTM-T9RD3NN" height="0" width="0" style="display:none;visibility:hidden"></iframe>

Configuring Endpoint Protection remotely via Jamf Pro - TeamViewer Support

This article applies to all TeamViewer Endpoint Protection customers which use Jamf Pro as a MDM solution.

General

This is a small guide on how to manage permissions for TeamViewer Endpoint Protection macOS using Jamf Pro MDM

TeamViewer Endpoint Protection can be rolled out remotely from the TeamViewer Management Console if TeamViewer Client or Host is already installed on the target devices. After the activation of TeamViewer endpoint protection some permissions require manual user confirmation in order to allow for the Full Disk Scanning and Real Time Protecton modules to work and scan the antire machine.

Requirements

There are some preconditions, that you must meet, so that you can use Aprove remotely The Kernel Extension and Full Disk access using Jamf Pro 10.X MDM.

You need a full Teamviewer Client or Host already installed.
Jamf Pro 10.x already configured on the device(s)
TeamViewer Endpoint Protection already activated
- You can pre-aprove the settings even before activation however we recommend to activate before and then push the settings afterwards.

Allow the Kernel Extension

The Kernel Extension is used starting with macOS 10.13 and it will be removed starting with 10.16. It is used to allow for the Real Time Protection to access the necessary paths on the system for scanning. The Kernel Extension is signed by Bitdefender S.R.L. our technology partner.

Log in to Jamf Pro.
Go to Computers > Configuration Profiles -> New or use and existing profile.
Scroll down to Approved Kernel Extensions
Enter a Display Name: BitDefender and Team ID: GUNFMW623Y

Allow Full Disk Access

The Full Disk access is required starting with macOS 10.14 as part of the new security and privacy changes Apple introduced. It is used to allow for allowing the application to perform full disk scans.

1) Log in to Jamf Pro.

2) Go to Computers > Configuration Profiles -> New or use and existing profile.

3) Go to Privacy Preference Policy Control

4) Create a New App Access payload

Identifier: com.teamviewer.rm.endpointprotection
Identifier Type: Bunddle ID
Requirements

 anchor apple generic and identifier "com.teamviewer.rm.endpointprotection" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = H7UGFBUGV6)

App or Service: Accesability
Access: Allow
Save

💡Hint: for more information you can read Jamf Pro documentation here:

https://www.jamf.com/jamf-nation/articles/553/preparing-your-organization-for-user-data-protections-on-macos-10-14