Deploying Symantec Encryption Desktop with MDM deployment settings on macOS Catalina

book

Article ID: 207386

calendar_today

Updated On:

Products

Desktop Email Encryption, Powered by PGP Technology Drive Encryption Powered by PGP Technology Encryption Desktop Corporate Powered by PGP Technology Encryption Desktop Powered by PGP Technology Encryption Desktop Professional Powered by PGP Technology Encryption Desktop Storage Powered by PGP Technology Encryption Management Server Powered by PGP Technology Desktop Email Encryption Drive Encryption

Issue/Introduction

This document goes over all the deployment/MDM settings for Symantec Encryption Desktop on macOS Catalina. 

Resolution

 

Identifier

Identifier Type

Code requirement for 10.4.2 MP4

Code requirement for 10.4.2 MP5 and above

Service – App access

com.pgp.engine

Bundle ID

identifier "com.pgp.engine" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2"

identifier "com.pgp.engine" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7"

SystemPolicyAllFiles - Allow

com.pgp.pgp

Bundle ID

identifier "com.pgp.pgp" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2"

identifier "com.pgp.pgp" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7"

SystemPolicyAllFiles - Allow

com.pgp.viewer

Bundle ID

identifier "com.pgp.viewer" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2"

identifier "com.pgp.viewer" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7"

SystemPolicyAllFiles - Allow

com.pgp.shredder

Bundle ID

identifier "com.pgp.shredder" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2"

identifier "com.pgp.shredder" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7"

SystemPolicyAllFiles - Allow

/Library/Application Support/PGP/SEDFVd

Path

identifier "com.Symantec.Encryption.SEDFVd" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "9PTGMPNXZ2"

identifier "com.Symantec.Encryption.SEDFVd" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "Y2CCP3S9W7"

SystemPolicyAllFiles - Allow

 



Table: Kernel Extensions Settings

 

Display name

Team ID for 10.4.2 MP4

Team ID for 10.4.2 MP5 and above

Display Name & Kernel Extension Bundle ID

 

Symantec

 

9PTGMPNXZ2

        

Y2CCP3S9W7

Display Name

Kernel Extension Bundle ID

PGPdiskDriver

com.pgp.iokit.PGPdiskDriver

PGPnke

com.pgp.kext.PGPnke