SCEP for Mac - Add support for macOS High Sierra 10.13
macOS High Sierra 10.13 was announced nearly 6 months ago for developers and beta testers. It has been released to the public for over 2 months.
Please update the SCEP for Mac application to support the latest version of macOS.
see our public announcement about sccm mac av.
For reference, if you're a Jamf Pro (formerly Casper Suite) user, there are some Extension Attributes you can configure which gather the status of SCEP:
You can also write your own using the scep_daemon binary which gets installed into:
(symlink of /Applications/System Center Endpoint Protection.app/Contents/MacOS )
/Applications/.scep/Contents/MacOS/scep_daemon --status can be parsed for results and fed back into the Extension Attributes.
For example, we parse out the RIPStatus value, to determine if the RealTime Protection has been disabled. You can also parse out how long since the last update attempt, how long since the last SUCCESSFUL updated was completed. And then make Smart Groups that apply remediation.
You could use scep_ctl to change the specific configuration setting, but in all the above cases (Disabled, over 2 days since last update attempt/last successful update) we usually just re-install the entire agent and re-apply our default configuration, as it causes SCEP to perform update, etc.
A bit brute-force but it works.
But, yes, SCEP reporting to Config Manager - or some other management tool - is still needed.
This would be helpful.....we have more than 1,000 Macs on campus and it would be nice to support the latest OS version...seems to do OK if we install on 10.12 and then upgrade to 10.13 but won't install on 10.13
Alejandro Ortega commented
LOT of feedback from MS team!
A single pane of glass is really important for SCEP across multiple operating systems!
Daniel Lingfjord commented
I agree with TBBX. I cannot stick with SCCM alone if its unable to do this. I'll need support from managers to allow budget for another system to properly do these things instead of SCCM.
Seems like important, basic functionality that could easily be added. Please consider implementing reporting for other OS versions!
Endpoint Protection for Mac and Linux, once installed, are simply adrift in the workstation cosmos, with no visibility of their health, status or activity. This is abnormal in the antimalware/antivirus space. Unless you're a home user, administrative reporting and visibility is a must.