Deploying the McAfee ePO Agent Using Jamf Pro

The McAfee ePO Agent is required to use any of the McAfee enterprise security tools for Mac. It is installed using a script created by the McAfee ePO Server. (This script includes connection details unique to the ePO Server that creates it.) This article explains how to deploy and run the script on clients using a policy in Jamf Pro.

Deploying the McAfee ePO Agent involves the following steps:

  1. Obtaining the necessary McAfee components

  2. Building a package of the McAfee components

  3. Adding the package to Jamf Pro

  4. Deploying the McAfee components and installation script

Step 1: Obtaining the Necessary McAfee Components

  1. Log in to a computer with a local administrator account and open Terminal.
  2. Create a directory for the script in the Application Support folder by executing the following command:
    sudo mkdir -p /Library/Application\ Support/McAfee/
  3. Download the install.sh script from your McAfee ePO Server.
  4. Copy the install.sh script to the directory you created in step 2 by executing the following command:
    sudo cp ~/Downloads/install.sh /Library/Application\ Support/McAfee/
    
  5. Modify the permissions on the install.sh script as needed.
  6. Modify the install.sh script to make it an executable script by executing the following command:
    sudo chmod +x /Library/Application\ Support/McAfee/install.sh
    
  7. Open the directory you created in step two by executing the following command:
    sudo open /Library/Application\ Support/McAfee/

Step 2: Building a Package of the McAfee Components

Use Composer or a third-party packaging tool to build a DMG containing the script. For information about using Composer, see the Composer User Guide.

Step 3: Adding the Package to Jamf Pro

Upload the package you just created containing the install.sh script to Jamf Pro using Jamf Admin. If the master distribution point in your environment is the Jamf Cloud distribution point, you can also upload the package directly to Jamf Pro through the web application. For more information, see Package Management in the Jamf Pro Administrator's Guide.

Step 4: Deploying the McAfee Components and the Installation Script

  1. Log in to Jamf Pro with a web browser.
  2. Click Computers at the top of the page.
  3. Click Policies.
  4. Click New.
  5. In the General payload, enter a display name for the policy.
  6. Choose Once per computer from the Execution Frequency pop-up menu.
  7. Click the Scope tab and configure the scope of the policy.
  8. Select the Packages payload and click Configure.
  9. Click Add for the package you just created.
  10. Select the Files and Processes payload and enter the following command in the Execute Command field:
    /Library/Application\ Support/McAfee/install.sh -i
  11. Click Save.
When the policy is run on clients, the ePO Agent will be installed and it will begin to check in with the McAfee ePO Server.
Note:
If you are deploying the McAfee ePO Agent using a Jamf Pro server hosted on a Windows server with certificate-based authentication enabled, the policy must include a script with the following:
#!/bin/sh/Library/Application\ Support/McAfee/install.4.6-current.sh -i | sed 's/…/elp/g'