Thread Info
  • State Verified Answer
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 10601 views
  • Users 0 members are here
Options
Suggested

Configuration Profile for Proxy Configuration

mscottblake

When you install the 10.0.2 EAP on a macOS 11 Big Sur computer, you are presented with a dialog requesting access for SophosWebNetworkExtension to create a proxy configuration. Is there a way to eliminate this dialog with a configuration profile from an MDM?

Proxy Configuration dialog

Top Replies

  • +6 verified

    Since you already have documentation for configuring options like this with Jamf Pro at https://community.sophos.com/intercept-x-endpoint/f/recommended-reads/116397/sophos-mac-endpoint-how-to-configure-jamf-privacy-preferences-for-10-15-compatibility, I am posting the correct keys for the 10.0.2 EAP to pre-approve the proxy configuration.

    Within the same Configuration Profile, add a Content Filter payload (this requires Jamf Pro 10.26+) with the following keys and values configured:

    Filter Name SophosWebNetworkExtension
    Identifier com.sophos.endpoint.network
    Network Filter Bundle Identifier com.sophos.endpoint.networkextension
    Network Filter Designated Requirement identifier "com.sophos.endpoint.networkextension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "2H5GFH3774"

    Note that the Filter Name can be anything, but it is required.

    Once the complete, the payload should look like this:

    Content Filter payload

    Jump to answer
Parents Reply Children
  • 0 in reply to David Lancaster

    Hi David, sorry for the delay in the reply. I know the issue was related to Sophos as once I have uninstalled it Zscaler is working fine. Zscaler is not using kernel extensions as I didn't have to allow it in the Security and Privacy. In fact, no other application at my end required this access. Once the application was uninstalled, I have installed 10.0.1 again and tested the functionality. All was fine with the exception of the engines that were not working on Big Sur. Then I have added the device to my EAP and updated to 10.0.2 and this time all worked fine.

    It is difficult to say what exactly was happening but when I was looking through the Zscaler Client App I could see that the tunnel used by Zscaler was not coming up hence both ZIA and ZPA were not working.

    Since then, I have few devices that have updated to 10.0.2 and they seem to be working fine so the issue might be specific to my test device setup/. I will continue to monitor the behaviour and will report here if I pick up anything else out of the ordinary.

    Regards,