Hi Everyone
I hope this document will help everyone who use Cortex in their environment for mac and manage via JAMF Pro. You can deploy cortex via Jamf. It is pretty simple and straight forward. All you need to follow PaloAlto Networks document: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-7/cortex-xdr-agent-admin/cortex-xdr-agent-for-mac/install-the-cortex-xdr-agent-for-macos. Here you will find they have already pre-configure MDM profile for Cortex one for M1 and another one for non M1. you will get all those here: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-7/cortex-xdr-agent-admin/cortex-xdr-agent-for-mac/install-the-cortex-xdr-agent-for-macos/install-the-cortex-xdr-agent-for-mac-using-unified-configuration-profile#id945ae538-41d5-4b65-ad37-233fd665e992. After download unsigned one upload to your Jamf pro and make some changes as required and follow the document if needed.
After upload profile scope your machine to have them on endpoint before cortex install to avoid user interaction and also connect cortex console with end points. Once you have profile at the endpoint you can push the cortex policy to the endpoint. For deploy Cortex 7.7.2 you can follow this document: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-7/cortex-xdr-agent-admin/cortex-xdr-agent-for-mac/install-the-cortex-xdr-agent-for-macos/install-the-cortex-xdr-agent-for-mac-using-jamf#install-the-cortex-xdr-agent-using-jamf. If you download pre-configured Profile then you can avoid all the steps till step 9 and then go ahead create policy with the package .zip file which you should get from your security team or cortex mgt. console. you can upload .zip file (don't extract it) to your distribution point and add to the policy. Scope your target and then you are done.
