Help

Websense Forcepoint PPPC

efil4xiN
Contributor II

Posted on ‎04-16-2024 03:59 AM

Hi all,

does anyone have a working PPPC for this DLP application? We are not seeing FDA enabled as required using the PPPC configs  currently out there ( not even the one the company created)

 

TIA

0 Kudos
Reply
3 REPLIES 3

jamf-42
Valued Contributor II

Posted on ‎04-16-2024 04:05 AM

your checking via terminal? (you won't see it in System Settings) 

sudo sqlite3 /Library/Application\ Support/com.apple.TCC/TCC.db 'select client,auth_value from access where service = "kTCCServiceSystemPolicyAllFiles"'

 Zero - No Allowed

Two - Allowed 

Reply

AJPinto
Honored Contributor III

Posted on ‎04-16-2024 04:57 AM

As @jamf-42 said, this is not something you would see in the macOS GUI. Reach out to Forcepoint, and they will give you the configuration profile you need.

 

The following identifiers need System Policy All Files access under Privacy Preference Policy Control. 

  • Identifier: com.forcepoint.ep.ESDaemonBundle
    • Code Requirement: anchor apple generic and identifier "com.forcepoint.ep.ESDaemonBundle" and certificate leaf[subject.OU] = C489D5E8E8
  • Identifier: com.websense.endpoint.helper
    • Code Requirement: identifier "com.websense.endpoint.helper" and anchor apple generic and certificate leaf[subject.OU] = C489D5E8E8
  • Identifier: /Library/Application Support/Websense Endpoint/EPClassifier/EndPointClassifier
    • Code Requirement: anchor apple generic
  • Identifier: /Library/Application Support/Websense Endpoint/DLP/wsdlpd
    • Code Requirement: anchor apple generic

Forcepoint also has a certificate, a system extension, and a VPN payload you need to configure for it to work correctly. 

 

TL;DR: Reach out to the vendor as they have a .mobileconfig they will give you to upload into Jamf and set everything you need.

0 Kudos
Reply

efil4xiN
Contributor II

Posted on ‎04-18-2024 04:13 AM

Thanks all . Tried all of those already. just going to step away for now

0 Kudos
Reply