Thread Info
  • State Verified Answer
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 10601 views
  • Users 0 members are here
Options
Suggested

Configuration Profile for Proxy Configuration

mscottblake

When you install the 10.0.2 EAP on a macOS 11 Big Sur computer, you are presented with a dialog requesting access for SophosWebNetworkExtension to create a proxy configuration. Is there a way to eliminate this dialog with a configuration profile from an MDM?

Proxy Configuration dialog

Top Replies

  • +6 verified

    Since you already have documentation for configuring options like this with Jamf Pro at https://community.sophos.com/intercept-x-endpoint/f/recommended-reads/116397/sophos-mac-endpoint-how-to-configure-jamf-privacy-preferences-for-10-15-compatibility, I am posting the correct keys for the 10.0.2 EAP to pre-approve the proxy configuration.

    Within the same Configuration Profile, add a Content Filter payload (this requires Jamf Pro 10.26+) with the following keys and values configured:

    Filter Name SophosWebNetworkExtension
    Identifier com.sophos.endpoint.network
    Network Filter Bundle Identifier com.sophos.endpoint.networkextension
    Network Filter Designated Requirement identifier "com.sophos.endpoint.networkextension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "2H5GFH3774"

    Note that the Filter Name can be anything, but it is required.

    Once the complete, the payload should look like this:

    Content Filter payload

    Jump to answer
Parents
  • 0

    Other similar products that I have configured use the com.apple.webcontent-filter configuration profile payload to pre-approve these types of messages.

    I have tried a few things to get rid of this message programmatically. For instance, I've tried with FilterSockets, FilterDataProviderBundleIdentifier, and FilterDataProviderDesignatedRequirement. I have also tried with FilterPackets, FilterPacketProviderBundleIdentifier, and FilterPacketProviderDesignatedRequirement. On top of that, I've tried with all 6 of these keys. None of these attempts have worked. I have added many different configurations including the following keys:

    <dict>
      <key>FilterDataProviderBundleIdentifier</key>
      <string>com.sophos.endpoint.networkextension</string>
      <key>FilterDataProviderDesignatedRequirement</key>
      <string>identifier "com.sophos.endpoint.networkextension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "2H5GFH3774"</string>
      <key>FilterPacketProviderBundleIdentifier</key>
      <string>com.sophos.endpoint.networkextension</string>
      <key>FilterPacketProviderDesignatedRequirement</key>
      <string>identifier "com.sophos.endpoint.networkextension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "2H5GFH3774"</string>
      <key>FilterPackets</key>
      <true/>
      <key>FilterSockets</key>
      <true/>
      <key>FilterType</key>
      <string>Plugin</string>
      <key>PluginBundleID</key>
      <string>com.sophos.endpoint.networkextension</string>
      <key>UserDefinedName</key>
      <string>SophosWebNetworkExtension</string>
    </dict>

    Maybe I'm barking up the wrong tree here, but nothing I have tried has made any effect on this dialog being shown.

Reply
  • 0

    Other similar products that I have configured use the com.apple.webcontent-filter configuration profile payload to pre-approve these types of messages.

    I have tried a few things to get rid of this message programmatically. For instance, I've tried with FilterSockets, FilterDataProviderBundleIdentifier, and FilterDataProviderDesignatedRequirement. I have also tried with FilterPackets, FilterPacketProviderBundleIdentifier, and FilterPacketProviderDesignatedRequirement. On top of that, I've tried with all 6 of these keys. None of these attempts have worked. I have added many different configurations including the following keys:

    <dict>
      <key>FilterDataProviderBundleIdentifier</key>
      <string>com.sophos.endpoint.networkextension</string>
      <key>FilterDataProviderDesignatedRequirement</key>
      <string>identifier "com.sophos.endpoint.networkextension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "2H5GFH3774"</string>
      <key>FilterPacketProviderBundleIdentifier</key>
      <string>com.sophos.endpoint.networkextension</string>
      <key>FilterPacketProviderDesignatedRequirement</key>
      <string>identifier "com.sophos.endpoint.networkextension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "2H5GFH3774"</string>
      <key>FilterPackets</key>
      <true/>
      <key>FilterSockets</key>
      <true/>
      <key>FilterType</key>
      <string>Plugin</string>
      <key>PluginBundleID</key>
      <string>com.sophos.endpoint.networkextension</string>
      <key>UserDefinedName</key>
      <string>SophosWebNetworkExtension</string>
    </dict>

    Maybe I'm barking up the wrong tree here, but nothing I have tried has made any effect on this dialog being shown.

Children
No Data