Setting Up the Cisco Security Connector App with Jamf School

The Cisco Security Connector for iOS is full Umbrella DNS protection for supervised iOS devices. For information, see the Cisco Security Connector - Umbrella Setup Guide.

Important: Cisco Security Connector works best in a 1:1 configuration and can cause issues on Shared iPads.

Setting up the Cisco Security Connector with Jamf School involves the following steps:

  1. Download and deploy the Cisco Security Connector App.

  2. Configure a profile for the Root Certificate.

  3. Configure a profile for the DNS proxy.

  4. Scope the app and profile to devices.

The steps covered in this document require you to have a basic understanding of pushing apps and profiles to devices in Jamf School.

Download and Deploy the Cisco Security Connector App

It is recommended that you use volume purchasing through Apple School Manager to deploy the Cisco Security Connector App to your devices. For more information, see Distributing Apps and Books Purchased with Apple School Manager.

Configure a Profile for the Root Certificate

  1. Download the Umbrella Root CA .cer file for use on iOS devices. This certificate allows for error-less HTTPS block pages. To obtain the root certificate, do the following:

    1. In Cisco Security Connector, navigate to Policies > Root Certificate.

    2. Click Download Certificate.

    3. Save as a .cer file.

  2. Create a new profile in Jamf School.
    For more information, see Creating and Distributing Profiles.

  3. Use the Certificates payload to upload the root certificate.

Configure a Profile for the DNS Proxy

  1. Download the generic profile from the Umbrella dashboard.

  2. Use the following example to edit the profile. Remove any red, bold text and add any blue, italic underlined text.

    Important: Do not copy the text below, this is only an example and is not functional. Only use the generic download configuration from your dashboard.

    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
    <key>PayloadContent</key>
    <array>
    <dict>
    <key>AppBundleIdentifier</key>
    <string>com.cisco.ciscosecurity.app</string>
    <key>PayloadDescription</key>
    <string>Cisco Umbrella</string>
    <key>PayloadDisplayName</key>
    <string>Cisco Umbrella</string>
    <key>PayloadIdentifier</key>
    <string>com.apple.dnsProxy.managed.{pre-filled in the download}</string>
    <key>PayloadType</key>
    <string>com.apple.dnsProxy.managed</string>
    <key>PayloadUUID</key>
    <string>{pre-filled in the download}</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
    <key>ProviderBundleIdentifier</key>
    <string>com.cisco.ciscosecurity.app.CiscoUmbrella</string>
    <key>ProviderConfiguration</key>
    <dict>
    <key>disabled</key>
    <false/>
    <!-- Copy from here to paste into the Jamf School UI to provision a DNS proxy -->
    <dict>
    <key>disabled</key>
    <false/>
    <key>internalDomains</key>
    <array>
    <string>10.in-addr.arpa</string>
    <string>16.172.in-addr.arpa</string>
    <string>17.172.in-addr.arpa</string>
    <string>18.172.in-addr.arpa</string>
    <string>19.172.in-addr.arpa</string>
    <string>20.172.in-addr.arpa</string>
    <string>21.172.in-addr.arpa</string>
    <string>22.172.in-addr.arpa</string>
    <string>23.172.in-addr.arpa</string>
    <string>24.172.in-addr.arpa</string>
    <string>25.172.in-addr.arpa</string>
    <string>26.172.in-addr.arpa</string>
    <string>27.172.in-addr.arpa</string>
    <string>28.172.in-addr.arpa</string>
    <string>29.172.in-addr.arpa</string>
    <string>30.172.in-addr.arpa</string>
    <string>31.172.in-addr.arpa</string>
    <string>168.192.in-addr.arpa</string>
    <string>local</string>
    </array>
    <key>logLevel</key>
    <string>verbose</string>
    <key>orgAdminAddress</key>
    <string>{pre-filled in the download}</string>
    <key>organizationId</key>
    <string>{pre-filled in the download}</string>
    <key>regToken</key>
    <string>{pre-filled in the download}</string>
    <key>serialNumber</key>
    <string>%SerialNumber%</string>
    </dict>
    <!-- End copy -->
    <key>PayloadDisplayName</key><string>Cisco Security</string><key>PayloadIdentifier</key><string>com.cisco.ciscosecurity.app.CiscoUmbrella.{pre-filled in the download}</string><key>PayloadRemovalDisallowed</key><false/><key>PayloadType</key><string>Configuration</string><key>PayloadUUID</key><string>{pre-filled in the download}</string><key>PayloadVersion</key><integer>{pre-filled in the download}</integer></dict></plist>

  3. Create a new profile in Jamf School.
    For more information, see Creating and Distributing Profiles.

  4. Use the DNS Proxy payload to configure the following settings:

    1. Enter "com.cisco.ciscosecurity.app" in the App Bundle ID field.

    2. Enter "com.cisco.ciscosecurity.app.CiscoUmbrella" in the Provider Bundle ID field.

  5. Add the XML file you created in step 2 to the Provider Configuration.

Distribute the App and Profile

You are now ready to scope the profiles and app to your iOS devices. For more information, see Creating and Distributing Profiles and Distributing Apps and Books Purchased with Apple School Manager. Once this is complete, you should have a working Cisco Security Connector setup.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.