- Jamf Nation Community
- Products
- Jamf Pro
- Cortex 7.7.2 Deploy via JAMF
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β07-20-2022 06:54 AM
Hi Everyone
I hope this document will help everyone who use Cortex in their environment for mac and manage via JAMF Pro. You can deploy cortex via Jamf. It is pretty simple and straight forward. All you need to follow PaloAlto Networks document: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-7/cortex-xdr-agent-admin/cortex-xdr-agent-for-.... Here you will find they have already pre-configure MDM profile for Cortex one for M1 and another one for non M1. you will get all those here: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-7/cortex-xdr-agent-admin/cortex-xdr-agent-for-.... After download unsigned one upload to your Jamf pro and make some changes as required and follow the document if needed.
After upload profile scope your machine to have them on endpoint before cortex install to avoid user interaction and also connect cortex console with end points. Once you have profile at the endpoint you can push the cortex policy to the endpoint. For deploy Cortex 7.7.2 you can follow this document: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-7/cortex-xdr-agent-admin/cortex-xdr-agent-for-.... If you download pre-configured Profile then you can avoid all the steps till step 9 and then go ahead create policy with the package .zip file which you should get from your security team or cortex mgt. console. you can upload .zip file (don't extract it) to your distribution point and add to the policy. Scope your target and then you are done.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
β07-21-2022 10:06 AM - edited β07-21-2022 10:07 AM
Hi @Shaw69
Step One: You need upload Cortex Unified Profile to your Jamf
Step Two: Scope target to deploy profile But before that you need to create two different Smart Group One for M1 and another for non M1.
Step Three: Create a policy with .Zip file for cortex deployment
Step Four: Scope the target group and you done.
Detail document is: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-7/cortex-xdr-agent-admin/cortex-xdr-agent-for-...
14 REPLIES 14
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
β07-21-2022 10:06 AM - edited β07-21-2022 10:07 AM
Hi @Shaw69
Step One: You need upload Cortex Unified Profile to your Jamf
Step Two: Scope target to deploy profile But before that you need to create two different Smart Group One for M1 and another for non M1.
Step Three: Create a policy with .Zip file for cortex deployment
Step Four: Scope the target group and you done.
Detail document is: https://docs.paloaltonetworks.com/cortex/cortex-xdr/7-7/cortex-xdr-agent-admin/cortex-xdr-agent-for-...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β07-25-2022 05:05 AM
This Topic I post as a Solution for everyone. So please let me know if anyone face any issue to deploy that your environment.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-11-2022 12:02 PM
how does this actually install if it is in a compressed zip file? i have the configuration profile created and it deploys correctly. but i dont see how just putting a zip file on the system will allow the software to install since the pkg for the installer is inside and requires input if ran individually.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-11-2022 12:05 PM
.zip file should work. It is working for me fine. I upload .zip file on my Jamf pro admin tool.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-11-2022 12:07 PM
yes, i uploaded to through jamfadmin site but how is it deployed to the user afterwards? or does the physical software not need to be installed?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-11-2022 12:10 PM
Yes you need to deploy that .zip file via a policy to mac endpoints. You need to use that .zip file as package.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-31-2022 09:49 AM
Hi All ,
How do we disable tamper protection for cortex xdr ? any idea
Regards
Ajay
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-31-2022 11:37 AM
Why you need disable tamper protection. Can you please provide a little more? what you are trying to do. I don't have to do anything for that.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-31-2022 11:41 AM
I am trying to update the cortex version 7.8.1 for the all the macs in the estate while executing the policy i am getting this error
Installation failed. The installer reported: Self Prot state: enabled
installer: Error - Disable agent tampering protection and run this installation package again.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-31-2022 11:46 AM
Hi @sabastaj
You can use following script to disable cortex via Jamf
echo $4 | sudo "/Library/Application Support/PaloAltoNetworks/Traps/bin/cytool" runtime stop all
Here you have to pass Cortex password on $4 variable. If you need help on that you can search how to pass variable via JAMF with policy. Or you can partner with your Cortex admin to get cortex password.
Another thing why you need use Jamf to upgrade cortex. You guys can do upgrade via Cortex console to upgrade and that should work if you have unified profile installed on the endpoint.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-31-2022 11:55 AM
thanks for this info this helped will let you know if i need anything
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on β10-31-2022 01:21 PM
@sabastaj I just perform upgrade from cortex console that worked great on macOS Monterey and also Ventura. So you should be good if you use unified profile and push upgrade from console. But still you need to package for new version that way your newly Image machine will get new package. Let me know if you have any more question on this.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Friday
My Cortex guy absolutely HATES updating devices via the console and won't give me access to do it myself. I am hoping that he will give me the password to do this via Jamf. It's maddening when he tells my boss I need to update all the Mac's, but won't give me access or the password.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monday
Unfortunatley if you want to update then you will need the password. You can script out that and pass as variable via Jamf. Otherwise your cortex guy need to update from console,
