Apple DEP & JSS

Question

Hi All,

I have been asked to enable my JSS environment for Apple DEP and also ensure that it is secure. My current setup is an internal JSS with mysql on it and file share.

I understand that we need an internet facing JSS. Is this correct? would a limited access JSS in DMZ work?
Do we need a external CA other than build in JSS? If yes, would an existing PKI thats on my domain work? or we need to go for 3rd party CA.

Please assist.

ThanksSumit

dpertschi · Answer

You'd only need a JSS in the DMZ if you are wanting to enroll Macs that are outside of your internal network.

If your only needing to use DEP to enroll Macs that are within your network, you only need to ensure that your JSS has the necessary network ports (see admin guide) open to communicate with the Apple Push Notification Service.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded