Help

Deploying SCEP in High Sierra

bse_college
New Contributor III

Posted on ‎10-19-2017 04:22 AM

Hi all,

Has anyone deploying System Center Endpoint Protection (SCEP ) on High Sierra? Apparently is has a kernel extension that needs to be approved after installation (https://uit.stanford.edu/service/helpdesk/highsierra).

I was thinking using Composer but thought that I'd see what others were doing.

Brenton
IT Services
Bendigo South East College

0 Kudos
5 REPLIES 5

CapU
Contributor III

Posted on ‎10-19-2017 10:07 AM

I have it installed and running on High Sierra. I click to open the .dmg, then right click on the install and select "Show Original", now just copy the install.pkg out. I rename it so I can identify it later. I then drag into Casper Admin. Scope the install. I just tested my package and it just shows up in the Menu bar and updates the virus sig silently

a_stonham
Contributor II

Posted on ‎10-20-2017 07:29 AM

If your have MDM on the machine you don’t need the user to approve the Kernel extension..... For Now....

0 Kudos

dletkeman
Contributor

Posted on ‎11-09-2018 07:40 AM

I have done the same thing as specified in the post and in the comments but as of 10.13.6 at least the user is prompted to open system preferences and approve the extension. How do I get around this with Jamf? I can use Composer I suppose but except for asking to be approved everything else works.

0 Kudos

maxmaxmaxmaxmax
New Contributor II

Posted on ‎11-09-2018 01:05 PM

deleted post, wrong thread :(

0 Kudos

neilmartin83
Contributor II

Posted on ‎11-10-2018 01:17 PM

Hi @bse_college !

For SCEP (which is actually re-branded ESET), the Team Identifier to whitelist is Company Name: ESET, spol. s r.o. Team ID: P8DQRXPVLP

You can just grab the package installer out of the DMG (I believe it's hidden behind an alias) and deploy it as-is via a policy.

For configuring it, reporting etc, I did some write ups that may be of interest: https://soundmacguy.wordpress.com/?s=scep