This document goes over all the deployment/MDM settings for PGP Encryption Desktop (Symantec Encryption Desktop) on macOS.
Important Note: PGP Encryption Desktop 11.0.1 and above now have the ability to install without certain components being enabled. For example, you can install without Virtual Disk on the system, while keeping Email Encryption installed. You could also install without Email Encryption while keeping Virtual Disk encryption installed. If you would like to have these easy-to-use commands (sudo installer
) to do a silent install of PGP Encryption Desktop on macOS, reach out to Symantec Encryption Support for further guidance and we can provide you some very convenient commands that will help with your deployment! Be sure to mention this KB for us to easily find the steps to help you out!
Ref: EPG-22596/IMSFR-1034
Identifier |
Identifier Type |
Code requirement for PGP Encryption Desktop (10.4.2 MP4 and above) |
Code requirement for PGP Encryptoin Desktop (10.4.2 MP5 and above) |
Service – App access |
com.pgp.engine |
Bundle ID |
identifier "com.pgp.engine" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2" |
identifier "com.pgp.engine" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7" |
SystemPolicyAllFiles - Allow |
com.pgp.pgp |
Bundle ID |
identifier "com.pgp.pgp" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2" |
identifier "com.pgp.pgp" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7" |
SystemPolicyAllFiles - Allow |
com.pgp.viewer |
Bundle ID |
identifier "com.pgp.viewer" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2" |
identifier "com.pgp.viewer" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7" |
SystemPolicyAllFiles - Allow |
com.pgp.shredder |
Bundle ID |
identifier "com.pgp.shredder" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2" |
identifier "com.pgp.shredder" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7" |
SystemPolicyAllFiles - Allow |
/Library/Application Support/PGP/SEDFVd |
Path |
identifier "com.Symantec.Encryption.SEDFVd" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2" |
identifier "com.Symantec.Encryption.SEDFVd" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7" |
SystemPolicyAllFiles - Allow |
Table: Kernel Extensions Settings
Display name |
Team ID for 10.4.2 MP4 |
Team ID for 10.4.2 MP5 and above |
Display Name & Kernel Extension Bundle ID |
|
Symantec |
9PTGMPNXZ2 |
Y2CCP3S9W7 |
Display Name |
Kernel Extension Bundle ID |
PGPdiskDriver |
com.pgp.iokit.PGPdiskDriver |
|||
PGPnke |
com.pgp.kext.PGPnke |
For further guidance, please reach out to Symantec Encryption Support.
207386 - Deploying PGP Encryption Desktop with MDM deployment settings on macOS (Symantec Encryption Desktop)
207397 - How to allow system extensions and configure MDM profile on macOS Big Sur 11.x with PGP Encryption Desktop (Email Encryption and Virtual Disk)
207391 - Configuring SSL/TLS for email communication for the Mail app with macOS Big Sur/macOS 11 and PGP Encryption Desktop
206979 - Known Issues with PGP Encryption Desktop and macOS 11/Big Sur (Symantec Encryption Desktop)