VMware Workspace ONE Community
gdramirez1
Contributor
Contributor
‎08-14-2020 08:28 AM

Microsoft Defender ATP macOS Big Sur

I have seen some of the work on the Microsoft Defender ATP inside 3rd Party Software Guidance on the VMWare Github.  I’m currently working with the new configuration profiles that Microsoft put out for the new system extensions in MDATP but cannot seem to get them to come down properly on Workspace ONE UEM 2006 with Big Sur.  They get applied to the Big Sur machine but still are being blocked and making me manually approve them.  If you guys get some time to check out these new configuration profiles and add any insight to the Github would be greatly appreciated since I can’t seem to make it work for WS1. I also noticed on the page that JAMF was talking about not having a content filter and thought maybe WS1 needs to make a work around as well.   Below is the information from Microsoft. Big thanks in advance guys!

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/mac-sysex...

Labels (1)
Labels
Tags (1)
Reply
0 Kudos
3 Replies
gdramirez1
Contributor
Contributor
‎08-14-2020 08:37 AM

Also doesn't help Microsoft's documentation is beyond vague. :smileyconfused:

Reply
0 Kudos
rterakedis
VMware Employee
VMware Employee
‎08-14-2020 08:52 AM

Hey gdramirez1​!

So looking at this documentation, I'm wondering if you need to set it up as follows (all the following payloads are in "Device" scoped macOS Profiles).  I don't have the infrastructure to test, but if that doesn't work let me know.  I think the "content filter" payload is the only unknown for me -- that may end up needing to be Custom XML.

Privacy Preferences:

pastedImage_0.png

pastedImage_1.png

System Extensions:

pastedImage_2.png

Content Filter:

pastedImage_3.png

Reply
rterakedis
VMware Employee
VMware Employee
‎08-26-2020 12:31 PM

Hey gdramirez1​ - Just checking to see if this helped, or if you're still running into issues?  Thanks!

Reply
0 Kudos