General Requirements

  • Target computers with macOS 10.13 or later

  • An internet browser for access to the Jamf Protect web app

    Note:

    Google Chrome, Safari, or Firefox are recommended.

  • Full disk access granted for the Jamf Protect agent on computers

  • Communication through port 443 available

    Note:

    On macOS 10.13.4 or earlier, port 8883 is used by default.

MDM Requirements

Deploying Jamf Protect using an MDM solution is not required but highly recommended. If deploying Jamf Protect without MDM, end users may need to re-approve some Privacy & Security processes after upgrading to macOS 13.0.

When using an MDM solution to manage computers, you must safelist certain Jamf Protect processes to ensure the application runs correctly. The following Apple MDM payloads must be installed on computers with Jamf Protect:

Privacy Preferences Policy Control (PPPC)

This payloads grants Jamf Protect full disk access on managed computers.

System Extensions
Jamf Protect runs as a system extension on macOS by default. This payloads safelists the system extension on managed computers.
Login and Background Items

On macOS 13 or later, users are prompted to allow certain login items and background process to run. This payload ensures that users cannot disable Jamf Protect on managed computers.

Note:

On computers enrolled with Jamf Pro 10.42.0 or later, this payload is automatically installed.

These payloads are available using these methods:

  • As a payload that is automatically included in a downloaded plan.

  • As a separate configuration profile that you can download from the Jamf Protect web app by navigating to Administrative > Downloads, and then upload to an MDM solution or install locally.

  • Directly in Jamf Pro by navigating to Settings > Computer Management > Security.

For more information about each payload, see MDM payloads for Mac computers in Apple Platform Deployment.

macOS 10.15.0 Features

The following Jamf Protect features use the Apple's Endpoint Security Framework on macOS 10.15.0 or later and cannot be used on computers with previous versions of macOS.

  • Threat Prevention


    For more information, see Threat Prevention Overview.

  • Built-in analytics that monitor Gatekeeper and Malware Removal Tool (MRT) events.


    For more information, navigate to Dashboards > Apple Security in the Jamf Protect web app.

  • The Jamf Protect system extension

SIEM Requirements

If using a security information and event management (SIEM) solution to store security information with Jamf Protect, you must create or determine an appropriate endpoint to use for communication between the Jamf Protect agent and your SIEM.

Work with your IT administrator to determine or create an SIEM endpoint. The SIEM should support JSON formatted events sent from the endpoint via HTTPS.

If you use Splunk in your environment, see Splunk Integration with Jamf Protect.