Help

Missing firewall options in Jamf Pro

rpayne
Contributor II

Posted on ‎04-30-2024 06:47 PM

How do we manage the "Automatically allow built-in software to receive incoming connections" and "Automatically allow downloaded signed software to receive incoming connections" options in the Firewall pane of System Settings? The only options in Jamf Pro are "Block all incoming connections and Control incoming connections for specific apps."

Am I missing something?

Screen shots for reference.

0 Kudos
Reply
6 REPLIES 6

rpayne
Contributor II

Posted on ‎04-30-2024 06:48 PM

Here is the only options in Jamf ProScreenshot 2024-04-30 at 7.45.51 PM.png

0 Kudos
Reply

RaxiaDK
Contributor III

Posted on ‎04-30-2024 11:49 PM

 This is what Firewall can https://developer.apple.com/documentation/devicemanagement/firewall

0 Kudos
Reply

RaxiaDK
Contributor III

Posted on ‎04-30-2024 11:54 PM

RaxiaDK_0-1714546446593.png

 

0 Kudos
Reply

AJPinto
Esteemed Contributor

Posted on ‎05-01-2024 04:39 AM

Apple only has minimum controls for the macOS firewall build into the MDM protocols. Keep in mind that managing a Firewall technically falls under Security not Device Management, and you would want a security tool to manage this.

0 Kudos
Reply

user-pWhYjAZxRj
New Contributor

Posted on ‎05-01-2024 09:03 AM

According to Apple's Developer Configuration Profile Reference, the following keys are not supported. Both will be forced ON when the Firewall profile is activated (through Jamf Pro for example):

  • Automaticallyallowsigneddownloadedsoftware
  • Automaticallyallowbuilt-insoftware options

See page 44 of https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf

0 Kudos
Reply

JevermannNG
Contributor II

Posted on ‎05-01-2024 10:56 PM

I use ProfileCreator for those settings. Just make sure that the exported Profile is signed before uploaded to the Jamf Server, otherwise Jamf might handle it wrong:

Bildschirmfoto 2024-05-02 um 07.54.03.png

0 Kudos
Reply
Back to Top