Jamf Nation Community

msample · ‎09-22-2021

Today we received an unexpected app drop from Cisco ID'd as "Cisco Orbital." So I'm racing to test a config profile in order to trust it in security & privacy so that doesn't prompt my end-users. Found this link which contains the info Cisco provides after taking time around mid-day today: https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/216089-advisory-for-amp-for-endpoi...

But I haven't had time to build it yet. If anyone out there has run into the same issue, would appreciate the feedback.

msample · ‎09-23-2021

Found the resolve for this. I built the correct config profile but just needed to add one additional "allowance."

So you config profile should have these two services added:

• SystemPolicyAllFiles: Allow

• SystemPolicySysAdminFiles: Allow

This should resolve the prompts that the end user may have seen to go to System preferences/Security & Privacy/Privacy/Full Disk Access to trust the Cisco Orbital app

TheWindowsMan · ‎12-15-2023

Hello @msample I am fairly new to Jamf, and I tried to setup the policy so it enables users do the system preferences for Orbital but its still asking for admin. I have made this available in the Self service store the user runs it and it then tries to enable the settings and it still asks for admin, used the Cisco page and the 2 services you added and still its and issue.

msample · ‎12-19-2023

Hello, are you creating a policy for this or building a config profile instead? It's been a little while since I've re-visited this and I was with another entity when I had this in front of me. You most definitely want to build a config profile to allow those files to be trusted. I believe I used the tool "PPPC" which I grabbed from github. Its pretty easy to use.

Jamf Nation Community

"Cisco Orbital" just dropped