Browse Docs
ONLINE DOCUMENTATION

Deployment via Jumpcloud

This guide covers deploying the DefensX Agent to macOS devices managed by JumpCloud. The process uses shared scripts applicable to all customers, plus separate configuration profiles for the CA certificate, DNS Proxy extension, and customer-specific deployment settings.

Tip
 Steps 2–4 are customer-agnostic and only need to be set up once. To deploy to a new customer or deployment, only repeat Step 5 with the corresponding mobileconfig file. For new devices under an existing customer, simply update the Device Groups or Devices assignments of the existing command and policies.

Step 1: Download Required Files

Log in to the DefensX backend and navigate to Policies & Groups. Under the Deployments section, locate your deployment and click the RMM button.

rmm

In the RMM dialog, click Mac MDM and download the following files:

File How to Download

DefensX-[deployment].mobileconfig

Click Download mobileconfig

DefensX-CA.mobileconfig

Click Download DefensX-CA CertificateAs mobileconfig

DefensX-DNSProxy-Extension.mobileconfig

Click DNS Proxy Extension mobileconfig

DefensX-installer.sh

Click Download Installer Script

DefensX-uninstaller.sh

Click Download Uninstaller Script

Keep all files available, they are needed in the steps below.

Step 2: Add the Installer Script

  • Navigate to Device ManagementCommands and click + Command, then select Command from the list.

    jump add script as command

  • Select the command type as Mac.

  • In the Command Name field, enter DefensX Install Script.

  • Open DefensX-installer.sh in a text editor and paste its contents into the command field.

  • In the Run as field, select root.

    jump script content

  • In the Event section, configure the execution schedule. For example, set the Event to Run as repeating with a 15-minute interval.

  • Click the Device Groups or Devices tab and assign the command to the computers where you want to install DefensX.

  • Click Save.

Once saved, click Run now to execute the script immediately without waiting for the next scheduled trigger.

Step 3: Create the CA Certificate Configuration Profile

This profile deploys the DefensX Root CA certificate to managed devices.

  • Navigate to Device ManagementPolicy Management and click + to add a new policy.

  • Switch to the Mac tab, search for MDM Custom, and click Configure next to MDM Custom Configuration Profile.

    jump add policy

  • In the Policy Name field, enter DefensX CA Certificate Profile.

  • Under Settings, click Upload File and upload DefensX-CA.mobileconfig.

  • Click the Device Groups or Devices tab and assign the policy to the target computers.

  • Click Save.

Step 4: Create the DNS Proxy Extension Configuration Profile

This profile grants the DefensX DNS Proxy Network Extension the permissions it needs to operate without prompting users for approval. It enables DNS policy enforcement without modifying system-level DNS settings.

  • Navigate to Device ManagementPolicy Management and click + to add a new policy.

  • Switch to the Mac tab, search for MDM Custom, and click Configure next to MDM Custom Configuration Profile.

  • In the Policy Name field, enter DefensX DNSProxy Extension.

  • Under Settings, click Upload File and upload DefensX-DNSProxy-Extension.mobileconfig.

  • Click the Device Groups or Devices tab and assign the policy to the target computers.

  • Click Save.

Step 5: Create the Customer-Specific Configuration Profile

This profile delivers the unique deployment key and browser settings for a specific customer. Each DefensX deployment has its own mobileconfig file containing the relevant Deployment Key.

  • Navigate to Device ManagementPolicy Management and click + to add a new policy.

  • Switch to the Mac tab, search for MDM Custom, and click Configure next to MDM Custom Configuration Profile.

  • In the Policy Name field, enter a name that identifies the customer and deployment, e.g. DefensX [Customer Name] Default Settings.

  • Under Settings, click Upload File and upload the DefensX-[deployment].mobileconfig file downloaded in Step 1.

  • Click the Device Groups or Devices tab and assign the policy to the target computers.

  • Click Save.

At this point, you should have all three policies configured for DefensX as shown below.

jump defensx all policies

Uninstalling DefensX

Important
 Before running the uninstall script, remove the target devices from the command and policy assignments in Steps 2, 3, 4, and 5. If devices remain in those configurations, JumpCloud will continue reinstalling the agent and reapplying profiles.

To create the uninstall script:

  • Navigate to Device ManagementCommands and click + Command, then select Command from the list.

  • Select the command type as Mac.

  • In the Command Name field, enter DefensX Uninstall Script.

  • Open DefensX-uninstaller.sh in a text editor and paste its contents into the command field.

  • In the Run as field, select root.

  • In the Event section, configure the execution schedule.

  • Click the Device Groups or Devices tab and assign the command to the computers to uninstall DefensX from.

  • Click Save.

Once saved, click Run now to execute the script immediately without waiting for the next scheduled trigger.
Secure Industries, Inc 101 Avenue of The Americas, Floor 9 New York, NY 10013