we are installing our latest SEP with version 14.3.3384 on Big Sur (M1 MacBook) however it is constantly asking to enable the content filter
I know with Cisco AnyConnect as an example they have excellent documentation and I was able to get this resolved with a Configuration Profile. (https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect49/administration/guide/b_AnyConnect_Administrator_Guide_4-9/macos11-on-ac.html)
However, SEP does not offer a great documentation. Did anyone else figured out how to fix this or get a Configuration Profile installed to prevent this popup?
I am seeing similar. I made a Content Filter config profile for Broadcom SEP which is similar to the Cisco AnyConnect one, but with the com.broadcom.mes info, and while it will make the "You are not protected" notification disappear at profile install time, that message will come right back on reboot.
After the content filter is installed, you'll get a prompt notifying you that "You are not protected". We found that you can prevent this by opening the app immediately after installation. It just seems to be a bug with this version that won't likely be fixed until the next version is released.
Here's what we get from the SEP guys:
There is a profile to download at the bottom, but when imported into JAMF Pro, some areas failed to populate and so it wouldn't save. I got a call with them this week to get more info from them.
Btw, can you share the Cisco Anyconnect one you got to work? Thats next on my list of things to update.
So been having the issue were the "At Risk" window keeps popping up. Our TAM found this thread:
So basically Cisco AnyConnect and Broadcom SEP aren't playing nice.
the new Check Point Endpoint Security VPN E84.30 for Big Sur apparently does the same.
When both (SEP and Check Point VPN) are installed SEP shows the warning to configure the network content filter.
Even after manually doing so, after a reboot the warning appears again (maybe also after waiting some time).
As suggested in these articles we will open a case with Symantec/Broadcom to get a fix, hopefully 🙂
Symantec/Broadcom hinted us that there will be a M1 compatible version available around the second week in February, but this is still unofficial and there may be more delays. So do not get your hopes up too much.
I will get back to this post when we know more.