Posted on 07-18-2022 05:57 AM
Does anyone here have experience with Check Point Endpoint Security on macOS?
We are trying to deploy it on our macs but have some problems with it:
1. We can't use kernel extensions since Jamf does not install them on M1 macs (or whatever the condition for that is)
2. When running the uninstall script provided by Check Point, the user gets prompted to enter an admin password. Why does this happen? Shouldn't Jamf run scripts as admin?
Would be nice if someone could share his experiences :-)
07-18-2022 06:23 AM - edited 07-18-2022 06:24 AM
@LK Perhaps it's time to consider a new vendor for your Endpoint Security needs?
1) While not recommended (besides the general fragility of kernel extensions you have to lower the system security settings (which kind of defeats the purpose), Kernel Extensions can be installed on M-series Macs but they have to be re-written for the ARM architecture since the Rosetta emulator isn't available to to them. Installing them has nothing to do with Jamf Pro.
2) Doing scripted removal of a System Extension that does not prompt for an admin password is possible, but few vendors have taken the trouble to provide scripts with the required steps. If you have the Check Point removal script you can modify it to follow the technique shown in @rtrouton 's blog post: https://derflounder.wordpress.com/2021/10/26/silently-uninstalling-system-extensions-on-macos-monter...