Cb Defense: How to Deploy Sensor with Jamf Cloud
search cancel

Cb Defense: How to Deploy Sensor with Jamf Cloud

book

Article ID: 288869

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Deploy the Cb Defense Sensor with Jamf Cloud

Environment

  • Cb Defense Sensor: All Versions
  • Cb Defense PSC Console: All Versions
  • Apple macOS: All Supported Versions
  • Jamf Cloud used for MDM and software deployment

Resolution

Prepare Installation Package and Scripts

  1. Download the Cb Defense macOS Sensor Install kit to Mac endpoint
  2. Mount the confer_installer_mac-<version>.dmg file and extract the "CbDefense Install.pkg" and "cbdefense_install_unattended.sh" files
  3. Edit the "cbdefense_install_unattended.sh" file to included the required COMPANY_CODE and CBD_INSTALLER values (add values in between quotation marks)(all other values are optional) 
    #options 
CBD_INSTALLER="/Path/Where/PreinstallScript/Downloads/Installer.pkg"
COMPANY_CODE="COMPANY_CODE"
  4. Create a separate pre-install script that that will use the Curl command to download the "Cb Defense Install.pkg" to the location referenced in the "cbdefense_install_unattended.sh".  Example of script to that will download Cb Defense Installer to the /tmp directory of a client: 
    #!/bin/bash
 
#This script will pull the CbDefenseInstaller.pkg from an AWS S3 bucket or other network location and download it to the /tmp/ directory on a macOS client machine. 
#The file will need to be public for this command to function (See AWS documentation if Authentication is required). 
#The command option is the letter "O" rather than the number "0"
 
cd /tmp/
curl -O (URL to File goes here) -O /tmp/

Upload Installer and Scripts to Jamf Cloud 

  1. Upload the installer to Jamf Cloud by navigating in Jamf to All Settings > Computer Management > Packages
  2. If using an AWS S3 Bucket, log in the AWS management instance and navigate to AWS > S3 > S3 Bucket > File > Actions > Make Public to make the package available
  3. Upload both the Pre-install script and the "cbdefense_install_unattended.sh" file to Jamf Cloud under All Settings > Computer Management > Scripts

Create Deployment Policy in Jamf Cloud

  1. Navigate to Jamf Cloud > Computers > Policies > Add New.
  2. Edit the Scripts section of the new policy.
  3. Set the Cb Defense Pre-install script to "Before" so that it runs first and downloads the "CbDefense Installer.pkg" to the designated directory 
  4. Set the "cbdefense_install_unattended.sh" to "After" so that it will run after the download of the "CbDefense Installer.pkg" and install the Cb Defense Sensor

Additional Information

  • While this article focuses on using an AWS S3 bucket for hosting application installers, this method may be used for other hosting methods
  • Note that the above script is accessing a Cb Defense installer which is publicly reachable in AWS S3
  • The "Cb Defense Install.pkg" does not include the Company Code or any other data that will link the installer to any organization
  • There are options outlined in AWS documentation for using Curl to download from S3 buckets with a Username, Password, and Access Keys
  • Kext approval for the Cb Defense Sensor is required on macOS 10.13 and higher
  • Kext approval can be configured with a Configuration Profile within Jamf that can be pushed out to managed machines independent of the Cb Defense install process
  • The Kext can be pre-approved with MDM policy either through Jamf or other MDM solutions
Powered by Wolken Software