Mac-OS deployment via Intune

DefensX-CA must be installed on all the computers to ensure that the DefensX Agent and browser extensions run without any problems.

MobileConfig file is used to publish DEPLOYMENT_KEY and other settings specific to your customer accounts.

Because of the way how Intune works, it is not possible to combine a profile for Trusted certificate and custom application settings into a single package. This is intune’s limitation. In this step, we need to download required files for the configuration steps.

First, Login to DefensX backend and navigate to Policies&Groups page. In this screen click on the RMM button and configure the options based on your deployment model, eg. Enable LOGON User.

After that, click on the "MacOS Intune" button in the dialog and select "Download mobileconfig" to download mobile configuration file. When the download is completed click on the "MacOS Intune" button once more and at this time click on the "Download DefensX-CA" button.

As the last step now download the macOS installer from the Agent Downloads section.

Please keep these three files, you will need to use it in the following steps.

Login to Intune Management Portal and navigate to Devices → Configuration profiles menu and click on the Create profile.

At first step, ensure following are selected:

and click the Create button.

On the next screen, enter DefensX-CA as Name and click the Next button.

In this screen, upload the DefensX-CA.cer file which is downloaded at the first step and click the Next button.

Now assign some groups or All the devices to this profile which you’re planning to install DefensX. Then click the Next and after Create button.

Login to Intune Management Portal and go to Devices → Configuration profiles menu and click Create profile.

At first step, make following selections:

and click Create button.

On the next step, just fill out the Name field as DefensX and click Next button.

On the next step, on the Custom configuration profile name field enter DefensX Browser Settings and on the Deployment channel field select Device channel.

At this stage, profile file which is downloaded at the first step (ending with .mobileconfig) must be uploaded on the Configuration profile file.

On the next step, depending on your deployment strategy, you can assign some specific Groups or you can select "All devices" to assign this profile. After than click the Next button. On the final step review the changes and click the Create button.

On the last step we need to define install .pkg file in the Intune as LineOfBusiness app.

On the next screen click Select app package file link and upload the DefensXInstaller.pkg file which is downloaded at the first step and click OK button.

On the next screen;

After all the steps completed successfully, MacOS devices will start to fetch new profiles and install the agent.

You can check the installation status per device through Intune in following menus: