Release History

The release history contains a complete list of releases, features, and enhancements.

Important:

In an upcoming release of Jamf Protect, Jamf will discontinue support of macOS 10.14.x and earlier.

SD Card Support for Removable Storage Controls (2022-09-20)

Removable storage controls now detect and enforce default permission settings on SD cards used with the SDXC card slot available on 2021 and 2022 Mac computers with Apple silicon.

Support applies to new and existing removable storage control sets. If existing removable storage control sets are installed on 2021 and 2022 Mac computers in your environment, review these configurations and make updates as needed. For more information, see Removable Storage Controls.

Note:

Internal SDXC card slots on Intel-based Mac computers and eligible external SD card readers are already supported by removable storage control sets.

Jamf Protect Network Threat Prevention feature available (2022-07-26)

Network Threat Prevention is now available to all commercial Jamf Protect customers (not available to education customers). Network Threat Prevention is configured from within the Jamf Security RADAR portal, not in the Jamf Protect web app.

For more information about Network Threat Prevention see Configuring Network Threat Prevention.

3.3.0.607 (2022-06-22)

Introducing Real-time Agent Connectivity

The Jamf Protect agent no longer performs check-ins on a continuous five minute interval. The agent actively validates whether the current configuration is up-to-date, and determines when updated information is sent to the Jamf Protect Cloud. Agent check-ins now complete within five minutes of the agent detecting a change in check-in parameters.

Security events, including alerts, will continue to be sent immediately to the Jamf Protect Cloud or configured collection endpoint.

Real-time agent connectivity makes no changes to the Insights Collection intervals set within plans.

This release includes the following:

  • You can view real-time computer connection status from the Computers page.

  • You can no longer configure check-in time intervals from the Plans page.

  • You can manually request real-time check-ins from connected devices.

For more information, see Real-time Agent Connectivity.

Exceptions

Introducing Exceptions

You can now use Exceptions to optimize what system activity is monitored and which applications will be ignored by Threat Prevention.

An Exceptions Sets tab has been added to the Plans page in the Jamf Protect web app. From this tab you can create and view Exception Sets and their associated plans. Exception Sets can contain one or more criteria that define the processes or File Paths to exclude.

Jamf Protect currently supports three types of Exceptions:

  • Override Threat PreventionThis is an exception to Jamf Protect's managed malware feed. It provides management capabilities to allow execution of processes that would otherwise be blocked by Threat Prevention.
  • Ignore System Events for AnalyticsProvides management capabilities to optimize performance of the agent by ignoring trusted locations and/or processes on a system event-wide basis.
  • Ignore for AnalyticProvides management capabilities to reduce noise of trusted activity on a per-analytic basis.

For more information, see Exceptions.

Jamf Managed Default Exceptions

Jamf Protect provides a default Exception Set that balances securing your endpoints which may impact the user experience. This Exception Set will be maintained and updated by Jamf.

The Jamf Managed Default Exceptions set can be added to plans in addition to custom Exception Sets created by Jamf Protect administrators.

Jamf Protect Network Threat Prevention Beta

Preview Feature Documentation

Previews give you a first look at upcoming features and functionality, and allow you to provide feedback and submit defects to our software developers. Preview features and documentation are provided for testing purposes and should not be considered final.

Network Threat Prevention is currently available in a Preview capacity to all commercial Jamf Protect customers (not available to education customers). Management of this feature is performed in the Jamf Security RADAR portal, and not in the Jamf Protect web app.

Current Jamf Protect customers can reach out to Customer Success to request access. Eligible customers will be contacted with more details.

3.2.0.557 (2022-04-19)

Introducing Removable Storage Controls

If you are a Jamf Protect administrator, you can now prevent the use of removable storage devices to protect against accidental data loss and unauthorized access. Removable Storage Controls allow you to configure secure removable storage usage for your organization. For example, USB devices can be restricted or allowed based on vendor ID, product ID, device serial number, or encryption status.

The new Device Controls page in the Jamf Protect web app allows you to configure and view Removable Storage Control Sets and view their associated plans. Removable Storage Control Sets can be configured to apply increasingly granular rules applied to all removable storage devices, as well as allow use of specific devices with optional overrides.

Removable Storage Control Sets can be added to plans on the Plans page. Only one Removable Storage Control Set can be associated with any one plan.

Removable storage device restrictions are reported with the EnforcedRemovableDevicePolicy alert, including details about the device and the policy restriction applied.

Users who attempt to mount a removable storage device that has been restricted will see one of the following notifications:

If the removable storage device is prevented:If the removable storage device is read-only:

For more information, see Removable Storage Controls.

Note:

This feature is only available for computers with macOS 10.15 or later.

Resolved Issues

  • Removed the ability to uninstall Jamf Protect from computers via the command line or from scripts.

  • The USBInserted event now correctly reports on computers with macOS 12.

  • Threat Prevention and Custom Prevent matches are now properly quarantined if translocated.

Generate Jamf Protect Download URL (2022-02-17)

Introducing Generate Download URL

You can now automate obtaining the latest Jamf Protect installer or uninstaller PKG with a unique security identifier. The Generate Download URL feature provides a URL to the current Jamf Protect PKG without requiring authentication into the Jamf Protect Console or API.

This automatically generated token is unique to your Jamf Protect tenant, and can be rotated if necessary.

For more information, see Downloading the Jamf Protect Package and Plans for Deployment and Uninstalling Jamf Protect.

Change Management (2022-01-24)

Jamf Protect administrators can enable a change freeze to restrict changes to the Jamf Protect agent and its configuration. While a change freeze is active, users will have limited write access to Jamf Protect features.

Banners will be displayed in the Jamf Protect web app notifying users and administrators of an active change freeze.

For more information, see Change Management.

3.1.6.469 (2022-01-20)

Performance Enhancements

  • This release includes data flow optimizations for repeated events that improve the Jamf Protect agent performance and network utilization.