Question

Blacklist App Control for MAC OS

Forum|Forum|1 year ago
June 8, 2024
2 replies
176 views

+4

JL85
Contributor

Dear Team,

I know that with Jamf Protect can do App Control to block all the know apps with attribute like hash file/team id/sign id....

Can Jamf Protect support to control the all black list apps not only App Store but also the third-part apps.

Example my Org has many departments. Each departments will have the whitelist apps. Therefore, it is not in the whistlist the apps should not launch. The thing here is due to user's role need administrator permission, it is hard to control except check inventory manually.

Mass thank

+5

MultiSiggloo
New Contributor
Forum|Forum|1 year ago
June 9, 2024

If you are looking for extended allowlist/blocklist control, maybe you should take a peek at Google Santa.
https://github.com/google/santa

S

Like

+26

AJPinto
Legendary Contributor
Forum|Forum|1 year ago
June 10, 2024

It sounds like your needs are beyond what Jamf offers. The Allowed Apps from Appstore Only is an MDM Configuration from Jamf Pro with managing gatekeeper trust app locations, not Jamf Protect. Jamf Pro does support Application Blacklisting, but I would not recommend relying on that function and only use it for situations that matter to device management, like blocking an macOS installer or messages.app for example. Jamf Protect is more or less an EDR and cannot manage application white/blacklisting.

What you need is a permissions management tool. I suggest looking into something like CyberArk EPM. This will allow you to remove Admin access from your users (which they should not have anyway) and elevate the various functions your users need to perform without them having admin access. You can also set up application white/blacklists and target the policies at user/devices specifically to block or allow applications, and binaries based on role.

Like

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded