1. Home
    2. Cortex
    3. Cortex XDR
    4. Cortex XDR™ Agent Administrator's Guide
    5. Cortex® XDR™ Agent 7.3 for Mac
    6. Install the Cortex® XDR™ Agent for Mac
    7. Install with a Unified Configuration Profile for MDMs

    Install with a Unified Configuration Profile for MDMs

    Use the Palo Alto Networks unified configuration profile for MDMs to seamlessly install the Cortex® XDR™ agent on macOS endpoints.
    You install the Cortex XDR agent by deploying an installation package on the endpoint. When you install the Cortex XDR agent for macOS, the operating system requires the user to approve extensions and notifications and to grant full disk access permissions. For a seamless installation that does not require end user interaction, Palo Alto Networks provides a unified configuration profile that you can upload to any third-party deployment software of your choice. This unified configuration profile is compatible with all supported macOS versions and all supported Cortex XDR agent versions.
    The following payloads are included in the unified configuration profile:
    • Kernel Extensions
      Type:
      com.apple.syspolicy.kernel-extension-policy
      Prerequisites: macOS 10.15.3 and earlier
    • System Extensions
      Type:
      com.apple.system-extension-policy
      Prerequisites: macOS 10.15.4 and later for Cortex XDR agent 7.0 or later
    • Content Filter
      Type:
      com.apple.webcontent-filter
      Prerequisites: macOS 10.15.4 and later for Cortex XDR agent 7.0 or later
    • Privacy Preferences Policy Control
      Type:
      com.apple.TCC.configuration-profile-policy
      Prerequisites: macOS 10.15.0 and later
    • Notifications
      Type:
      com.apple.notificationsettings
      Prerequisites: macOS 10.15.0 and later
    If you prefer to use individual configuration profiles, refer to Install the Cortex® XDR™ Agent Using JAMF
    To deploy the Cortex XDR agent on Mac endpoints using the Palo Alto Networks unified configuration profile file:
    1. Upload the signed unified configuration profile to your MDM tool.
      1. Download the signed configuration file
        CortexXDR_UnifiedConfigProfile_V2_SignedPANW.mobileconfig
         (MD5=
        3b3f8fbe27a64d57de0beedd8ddc009d
        ). If you prefer or are required to sign the configuration file using your own signing certificate, download the unsigned configuration file
        CortexXDR_UnifiedConfigProfile_V2_Unsigned.mobileconfig
         (MD5=
        55f2cc1b32d38916c56f56c21a76752c
        ) and sign it.
      2. Upload the file to your MDM and save the profile.
      Palo Alto Networks recommends you upload only a signed configuration profile file to your MDM, and avoid uploading the unsigned file directly to your MDM.
    2. Upload the Cortex XDR agent installation package to your MDM tool.
      1. Create a new agent installation package in the Cortex XDR management console.
      2. Upload the agent installation ZIP package to your MDM.
      3. Proceed to distribute the Cortex XDR agent package across your endpoints.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2021 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo