Install Traps on Mac Endpoints
Before you can install or upgrade Traps for Mac, you must download the software from the Support portal and then generate an installation package from the ESM Console. The installation package specifies the IP address and port settings the agent will use to connect to the ESM Server. To generate the installation package you must be assigned a role which enables the Installation Package privilege. Otherwise, this feature is disabled (hidden completely from view) or read-only.
Use the following instructions to create and install the package directly on the endpoint:
- Download the Traps for Mac software ZIP file from
the Supportportal.The Traps for Mac software version must not exceed the current ESM version.
- Generate the installation package. This package specifies
the ESM Server or ESM Servers to which the agent can connect for
the first time. After the first successful connection, the agent
receives a list of all available ESM Servers to use for future connections.
- From the ESM Console, select SettingsAgentInstallation Package.
- From the action menu , select Generate Package.
- Select the ESM Server to which the Traps agent will
first connect. The ESM Console automatically populates the list
with any enabled ESM Servers (to review your servers, select SettingsESMMulti ESM).
- If you use a multi-ESM deployment, we recommend that you select All to include all available ESM Servers with the installation package. This ensures the agent can try other ESM Servers when the primary ESM Server is unreachable.
- If you only use one ESM Server or prefer to force the agent to establish the initial connection with a specific ESM Server (such as in a regional deployment), select the specific ESM Server from the list.
- Browse to the Traps for Mac software package you downloaded in the first step.
- Click Generate.
- Verify the status of the installation package.When the installation package is available, the ESM Console displays a new record in the Installation Package table indicating the time the package was created and a link to Download the installation package.To view the status of the installation package, you can also filter the ESM logs (MonitorESMLogs) for a Report Type of Installation Package. The log message indicates whether the ESM Console successfully generated the package.
- When the installation package has finished generating,
save the installation package.
- Select SettingsAgentInstallation Package.
- Select the Download link next to the installation package and save it to a location that you can reach from the Mac endpoint.
- Install Traps for Mac on the endpoint. Alternatively,
you can use your preferred software deployment tool to distribute
the installation package to multiple Mac endpoints.To install Traps for Mac on the endpoint using the installation package:
- Open the installation package and double click the Traps.pkg file to launch the installer.
- Click Continue to proceed with the installation.
- If prompted to confirm the destination, click Continue.
- Click Install to begin the installation.
- Enter the Username and Password credentials of the administrator with access to install software on the endpoint, and then click Install Software.
- (Traps 4.1.1 and later on macOS 10.13) Allow Traps to install system extensions: Dismiss the System Extension Blocked warning and go to System PreferencesSecurity & PrivacyGeneral and select Allow.
- To use SSL for secure communication between the Traps
agent and the ESM Server, add the trusted root CA certificate of
the ESM Server on the Mac endpoint.You must have administrative privileges on the endpoint to perform this step.
- Export the trusted root CA certificate from the ESM Server and copy it to a location which you can access from the Mac endpoint.
- From a command prompt, use the following command to
add the certificate with Always Trust settings:
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain <full_path_to_certificate_in_PEM_or_DER_format>
- To verify that the trusted root CA certificate was added to the Keychain library, open Keychain Access (ApplicationsUtilitiesKeychain Access) and view the System keychains.
- After the installation completes, verify your connection.
- To open the Traps console, click the Traps icon in the menu bar, and select Open Console.
- Click Check In Now to initiate a connection with the ESM Server. If successful, the Last Check-In field updates to display the recent check-in date and time.
Upgrade to Traps 4.1
Upgrade to Traps 4.1 The Traps™ 4.1 release comprises the Endpoint Security Manager (ESM) Server, the ESM Console, and the Traps agent. Use the following ...
Set Up the Endpoint Infrastructure
Set Up the Endpoint Infrastructure Use the following workflow to set up the Endpoint infrastructure or, to upgrade your existing Endpoint infrastructure, use the workflow ...
Set Up Traps in a VDI Environment Overview
Set Up Traps in a VDI Environment Overview Use the following workflow to set up Traps in a VDI environment. Review the installation considerations and ...
TLS/SSL Encryption for Traps Components
TLS/SSL Encryption for Traps Components Traps supports Transport Layer Security (TLS) versions 1.0 and 1.2 and Secure Sockets Layer (SSL) version 3.0. TLS/SSL, which is ...
Install Traps on Windows Endpoints
Install Traps on Windows Endpoints Before installing Traps on a Windows endpoint, verify that the system meets the requirements described in Traps Software Requirements . ...
Manage Content Updates
Manage Content Updates Content updates are categorized on the Support portal by ESM version. To update the default policy of the ESM Console, you must ...
Uninstall the GlobalProtect App for Mac
Uninstall the GlobalProtect App for Mac Use the following steps to uninstall the GlobalProtect app from your Mac endpoint if your GlobalProtect configuration allows it ...
Verify Connectivity from the Endpoint
Verify Connectivity from the Endpoint After successfully installing Traps, the Traps agent should be able to connect to the server that is running the Endpoint ...
Endpoint Infrastructure Installation Considerations
Endpoint Infrastructure Installation Considerations To install or upgrade the ESM components consider the following: The ESM Server and the ESM Console must run the same ...