Install Requirements for DLP Mac Agent

book

Article ID: 198350

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

The DLP agent for Mac OS requires additional access privileges or configuration at the OS and DLP server level for full functionality. 

These steps will vary depending on the Mac OS version and DLP agent version. An overview is provided below.

Cause

Mac OS security updates or architecture changes have driven the need to develop MDM profiles and other security system integrations. 

Environment

  • Release : DLP 15.x, Mac OS 10.x, 11.x
  • Component :Data Loss Prevention Endpoint Prevent

Resolution

Mac Agent Requirements

Kernel extensions:

DLP 15.7 MP2 or newer:
  • Apple has deprecated kernel extensions in Mac OS 11 (Big Sur).
  • The Symantec DLP agent for Mac OS 11 from version 15.7 MP2 has been re-designed to eliminate their use
DLP Agent Versions below 15.7 MP2

 

Full Disk Access MDM:

 

Firefox Browser Extension:

 

Outlook extension MDM:

  • The previous hooking process that DLP uses for Mac Outlook was deprecated. Broadcom has developed an agave extension that requires an MDM profile to load. 
  • See Monitoring New Outlook for Mac

 

SIP Requirements



References

      MDM profiles may need the following details:
      Symantec Team ID: 9PTGMPNXZ2 (in all versions earlier than those listed below)
    • Broadcom Team ID: Y2CCP3S9W7(as of 15.7.0103 or 15.5.0213 or 15.1.0215)

      If you are using JAMF you can try the following command from terminal to see what MDM profiles are loaded:
      echo "<result>profiles -C -v | awk -F": " '/attribute: name/{print $NF ","}' | sort</result>