Help

"Cisco Orbital" just dropped

msample
Contributor II

Posted on ‎09-22-2021 09:22 PM

Today we received an unexpected app drop from Cisco ID'd as "Cisco Orbital." So I'm racing to test a config profile in order to trust it in security & privacy so that doesn't prompt my end-users. Found this link which contains the info Cisco provides after taking time around mid-day today: https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/216089-advisory-for-amp-for-endpoi...

But I haven't had time to build it yet. If anyone out there has run into the same issue, would appreciate the feedback. 

0 Kudos
3 REPLIES 3

msample
Contributor II

Posted on ‎09-23-2021 07:58 AM

Found the resolve for this. I built the correct config profile but just needed to add one additional "allowance."

So you config profile should have these two services added:

• SystemPolicyAllFiles: Allow

• SystemPolicySysAdminFiles: Allow

This should resolve the prompts that the end user may have seen to go to System preferences/Security & Privacy/Privacy/Full Disk Access to trust the Cisco Orbital app

 

 

0 Kudos

TheWindowsMan
New Contributor
In response to msample

Posted on ‎12-15-2023 07:40 AM

Hello @msample I am fairly new to Jamf, and I tried to setup the policy so it enables users do the system preferences for Orbital but its still asking for admin. I have made this available in the Self service store the user runs it and it then tries to enable the settings and it still asks for admin, used the Cisco page and the 2 services you added and still its and issue.

0 Kudos

msample
Contributor II
In response to TheWindowsMan

Posted on ‎12-19-2023 09:20 AM

Hello, are you creating a policy for this or building a config profile instead? It's been a little while since I've re-visited this and I was with another entity when I had this in front of me. You most definitely want to build a config profile to allow those files to be trusted. I believe I used the tool "PPPC" which I grabbed from github. Its pretty easy to use.

0 Kudos