Deploying SCEP in High Sierra

bse_college
New Contributor III

Hi all,

Has anyone deploying System Center Endpoint Protection (SCEP ) on High Sierra? Apparently is has a kernel extension that needs to be approved after installation (https://uit.stanford.edu/service/helpdesk/highsierra).

I was thinking using Composer but thought that I'd see what others were doing.

Brenton
IT Services
Bendigo South East College

5 REPLIES 5

CapU
Contributor III

I have it installed and running on High Sierra. I click to open the .dmg, then right click on the install and select "Show Original", now just copy the install.pkg out. I rename it so I can identify it later. I then drag into Casper Admin. Scope the install. I just tested my package and it just shows up in the Menu bar and updates the virus sig silently

a_stonham
Contributor II

If your have MDM on the machine you don’t need the user to approve the Kernel extension..... For Now....

dletkeman
Contributor II

I have done the same thing as specified in the post and in the comments but as of 10.13.6 at least the user is prompted to open system preferences and approve the extension. How do I get around this with Jamf? I can use Composer I suppose but except for asking to be approved everything else works.

maxmaxmaxmaxmax
New Contributor II

deleted post, wrong thread :(

neilmartin83
Contributor II

Hi @bse_college !

For SCEP (which is actually re-branded ESET), the Team Identifier to whitelist is Company Name: ESET, spol. s r.o. Team ID: P8DQRXPVLP

You can just grab the package installer out of the DMG (I believe it's hidden behind an alias) and deploy it as-is via a policy.

For configuring it, reporting etc, I did some write ups that may be of interest: https://soundmacguy.wordpress.com/?s=scep