Jamf Integration Guide (2023)

Table of Contents
Jamf Integration Guide use use use References
  • coagulation solution
  • mobile security
  • GravityZone Security for Mobile MDM Integration
  • Jamf Integration Guide

Jamf Integration Guide

The Bitdefender Mobile Security app will detect malicious activity and take local actions based on the MDM platform. When an application connects to the MDM, the MDM can perform security operations in addition to what the application can do locally.

previous request

Jamf integration requires a connection between Bitdefender Mobile Security Console and the Jamf server.

Jamf application on MDM enrolled device

Self-service and iOS are supported.

Access the Jamf console

Visit the Jamf website: https://yourHost.jamfcloud.com where yourHost is part of the URL provided by Jamf.Release 10.14.0 or later

Admin account in the Jamf console

You need an administrator login with administrator privileges.

MDM password

Do not use a colon (:) in the MDM password field, and do not use password as the password value.

Communication between MDM and Bitdefender Mobile Security Console

Through the integration, Bitdefender Mobile Security Console is configured to share information with the Jamf Dashboard. When the app detects an event, it checks the current threat policy on the device. If there is a specific set of MDM operations, it refers to Mobile Security nodes. The application then contacts the correct Jamf server and provides it with the commands needed to complete the task.

Jamf configuration

MDM integration supports device synchronization. This allows the MDM console to manage device management functions. When setting up an MDM integration, users are managed through a scheduled synchronization process after the initial synchronization. If there are other devices in the device group used for synchronization, they will be added to the Mobile Security console. When devices are removed, they are also removed from the console. These modifications do not delete any associated device events.

Register the device with Jamf

To enroll a device, you can use one of the following methods:

  1. URL and administratorright to use.

    After configuring application deployment, you can enroll the device by calling a URL on the device and logging in as an administrator.

    use

    You must enable user-initiated recording for iOS devices in the Jamf console. The enrollment URL looks like this: https://yourHost.jamfcloud.com/enroll where yourHost is part of the URL provided by Jamf. Make sure the URL link is prefixed with "https", otherwise the URL may not load in the browser.

    This URL displays this screen on your iOS device.

    To enroll a device in Jamf, you need to perform the following steps:

    1. right to useUse your username and password on the Jamf registration page.

    2. Bypass the "Assign to User" screen by clickingSign up.

    3. clickgo onyesallowDownload the configuration file.

    4. clickconfigurationseveral times andhe did

    5. SMTP server configuration and registration invitation

      To set up an SMTP server, you need to follow these steps:

      You must configure device enrollment invitations. To complete the registration invitation, please follow these steps:

      1. Log in to the Jamf console.

      2. Select a device.

      3. Select Enrollment Invitation.

      4. Click +New.

      5. Select Register by User as the registration method.

      6. Select Email or SMS as the invitation method.

      7. Click Next.

      8. Make sure the Require login checkbox is unchecked. This image shows this option.

      9. Click Next.

      10. Enter an email address and click Next.

      11. Specify the details of the email, such as the subject and text of the message.

      12. Then click Next and click Finish. This image shows some example values ​​for message details.

      use

      Once the SMTP server is configured and email is configured and sent, email recipients can click the link and register their device.

    MDM sync on demand

    Due to the MDM sync window, in some cases new MDM users receive the Mobile Security app on their device and try to launch it before the device syncs with MDM. The Mobile Security Console manages this by performing an on-demand sync when an app tries to activate but doesn't have the relevant information. Mobile Security Console receives identification information from the authentication application and maps it to the correct client for authentication. Mobile Security Console then retrieves device and user information from the MDM configured for that client. Applications on this device are now authenticated and authorized to continue.

    use

    Make sure you have added the Jamf admin user to the Jamf console and that you have created one or more Jamf device groups that contain the devices you want to protect.

    Configure User and Device Sync in Bitdefender Mobile Security Console

    To configure MDM integration in Mobile Security Console:

    Jamf Integration Guide (1)

    1. right to usein the Mobile Security Dashboard.

    2. Wei La Lathey managePage.

    3. chooseto integrate.

    4. clickAdd MDMand select the MDM integration you want to use.

      Jamf Integration Guide (2)

    5. Enter the relevant information of the UEM integration list in the form, clickNext.

    6. clickNextand select the user groups to be synchronized. Available groups appear in the Available Device Groups list and can be moved to the Mobile Security Console's Selected Groups list by clicking the plus sign ("+"). This can be reversed by clicking the minus sign ('-').

    7. clickNext.

    8. Define MDM notificationsIf you want to be notified when MDM sync errors occur. If you need multiple email addresses, separate them with commas.

    9. clickFinishSave the settings and start the first sync by clickingsync now.

    Configure device application deployment

    For initial setup, set up or configure the following: ● An administrator user with access rights. ● Device groups. ● Mobile Security app (iOS only).

    Jamf user with administrator privileges

    To create a Jamf administrator with appropriate access rights, follow these steps:

    1. From the main menu, select Computers.

    2. Click Manage Settings.

    3. Click System Settings.

    4. Select the Jamf Pro user account and group.

    5. Click the + New button.

    6. Choose to create a standard account.

    7. Enter a field value for the new administrator.

      1. Make sure the access level is "full access".

      2. Make sure the permission set is "Administrator".

    8. Click Save.

    device group

    There are two types of device groups available for organizing and synchronizing devices using Mobile Security Console. exist:

    • Smart device group.

    • Static device group.

    You can choose how to organize your devices into one or more device groups. For example, device groups can organize devices for different risk profiles.

    When you add Jamf MDM to the Mobile Security Dashboard, the following items are created:

    • Bitdefender Risk Stop extension.

    • Device groups for different risk locations.

    It is good practice that these device groups are created based on specific criteria and tuned for specific risks.

    mobile security

    To deploy the Mobile Security app through Jamf MDM, use the version of the app available through the Apple App Store. The latest iOS apps are in the app store and it is best to develop the latest apps through Jamf. To get the app from a public app store, search for the corresponding store for Mobile Security apps. To deploy as an internal application, connect to Jamf, specify the appropriate application (or IPA file for iOS) for Jamf in the application settings.

    To upload the Mobile Security app as a deployed app, follow these steps:

    1. From the main menu, select Devices.

    2. Select Mobile Apps.

    3. Click +New.

    4. Choose an app type from App Store Apps.

    5. Click Next.

    6. Type "mobile security app" in the search dialog and set the app store country to "United States".

    7. Click Next.

    8. Click the Add button to select the Bitdefender Mobile Security app.

    9. Provide a display name and ensure the following are selected under the General tab:

      • Automatically install/prompt user to install the distribution method.

      • Automatic app update enforcement must be enabled.

    10. For the Scope tab, you can specify specific devices, users, user groups, or all devices and users. You can specify a group of device users as a specific target, which is the recommended method.

    11. For the Application Settings tab, use the Application Settings Builder. The repository file "com.jamfsoftware.casperfocus/current" is selected by default. Specify known values ​​and add additional configuration values ​​as needed. See the table in the iOS Activation section for details.

    12. Click Save.

    Device scope settings

    For mobile applications, such as the Mobile Security application, you can set the scope of the application. You can use groups of mobile devices similar to shapes to set ranges. Or you can define user groups, devices or specific users.

    Assign registered devices to static device groups

    If you choose to use static device groups instead of smart device groups, the following steps describe how to assign registered devices to static device groups.

    1. Log in to the Jamf console.

    2. Select a device.

    3. Choose Static Device Group.

    4. Select the group you want the device to be in.

    5. Click Tasks and Edit.

    6. Select the desired device and save.

    Configure automatic activation of device applications

    The Mobile Security app for iOS can be activated automatically. The process is described in the following sections.

    iOS

    The Mobile Security app uses the app settings when the app is pressed on the device. This allows you to launch iOS applications without entering credentials, providing the best user experience. Application Settings preprograms the iOS application with the required information. This configuration is done inside Jamf. In the add application step, there is a setting option. Alternatively, you can edit the application after adding it.

    adjustment key

    value type

    set value

    supplementary notes

    MDD device ID

    chain

    $UDID

    necessary

    tenant number

    chain

    Recovery from Mobile Security Console

    Copy the value of the Tenant ID field on the Manage Mobile Security Console page on the General tab.

    default channel

    chain

    Recovery from Mobile Security Console

    Copy the value from the Default Channel field on the Manage Mobile Security Console page on the General tab.

    tracking_id_1

    chain

    Use the desired ID

    (Optional) This is a tracking ID.

    tracking_id_2

    chain

    Use the desired ID

    (Optional) This is a tracking ID.

    show_eula

    chain

    No

    (Optional) If this key is not used, the default shows the End User License Agreement (EULA).

    About App Settings

    To configure your application, you can use the Application Configuration Generator which creates a startup PLIST file for you. Set the PLIST XML value in the field under the Application Settings tab.

    in this section:

    References

    Top Articles
    Latest Posts
    Article information

    Author: Horacio Brakus JD

    Last Updated: 07/13/2023

    Views: 6052

    Rating: 4 / 5 (51 voted)

    Reviews: 82% of readers found this page helpful

    Author information

    Name: Horacio Brakus JD

    Birthday: 1999-08-21

    Address: Apt. 524 43384 Minnie Prairie, South Edda, MA 62804

    Phone: +5931039998219

    Job: Sales Strategist

    Hobby: Sculling, Kitesurfing, Orienteering, Painting, Computer programming, Creative writing, Scuba diving

    Introduction: My name is Horacio Brakus JD, I am a lively, splendid, jolly, vivacious, vast, cheerful, agreeable person who loves writing and wants to share my knowledge and understanding with you.