How to Deploy Agent/Smart Installer with MDM

A frequently asked question of Mac-using McAfee customers is how do I deploy a .sh script to Macs? MDMs generally can only only deploy .pkg or .dmg files to Mac. The answer is to use a packaging utility to wrap the .sh file inside a .pkg file. MDMs typically provide a packaging tool, or you can use of the many open-source packaging utilities.

McAfee has posted instructions on how to build a .pkg for use with Jamf Pro MDM – KB94262Deploying McAfee products with Jamf Pro software.

For others, the basic steps are:

  1. Obtain the agentpackages.zip (contains install.sh) or McAfeeSmartInstall.sh from your ePO admin.
  2. Place the file where you want it installed – I recommend /tmp as the file will get cleaned up after a reboot.
  3. Open your packaging tool and drag-n-drop the file into the tool window. This will place the file in the appropriate installed location.
  4. Change the owner to root, group to wheel, and permissions to 755 (owner – all, group – read and execute, others – read and execute).
  5. Add version number to package filename. In on-prem epo, version numbers are important, while in MVISION ePO, version numbers aren’t so important. You will be upgrading your agent package at some point and it helps to be able to tell the current version from the new version!
  6. Build your package and upload to your MDM for distribution. We always recommend signing packages but doing so is outside the scope of this post.

The MDM will need to execute the script that the package wrote to disk. You can either do this by running the command in a policy from MDM or via a .pkg postinstall script. The postinstall script is outside the scope of this post, but Rich Trouton has an excellent post here that dives into the technical aspects of installer packages.

As for the run command method, the MDM will need to run:
For install.sh: /private/tmp/install.sh -i
• For McAfeeSmartInstall.sh: /private/tmp/McAfeeSmartInstall.sh

NOTE: There is currently a bug in the smart installer script – you must update the script in a text editor to get it to install. The workaround is available here and also in the above Jamf Pro link.

Configuration Profiles

What allowed extensions or filters are needed to enable McAfee endpoint products to successfully protect your Mac depends on what version of macOS you are running. McAfee provides sample configuration profiles (in the KB links below) that you can directly import or use for inspiration in building your own. It doesn’t hurt to use the same profiles on multiple OS versions as the older OS versions will just ignore what doesn’t apply. All configuration profiles are required for successful use of McAfee endpoint products on Mac.

Note to Mac Admins: Bundle IDs for Extensions (System or Kernel) need to be explicitly defined in Big Sur and Monterey. Please view the KB links below for the bundle IDs.

Note to Jamf Pro Admins: Uploading a System Extension config profile is currently broken (PI-008562). You will have to create and populate the system extension profile yourself. Click here and here for example screen shots.

Monterey (12.0) and Big Sur (11.0)
System Extensions (SEXTs) – https://kc.mcafee.com/corporate/index?page=content&id=KB93600
Web Content Filters – https://kc.mcafee.com/corporate/index?page=content&id=KB93600
Privacy Preferences (PPPC) – https://kc.mcafee.com/corporate/index?page=content&id=KB91109
+ DLP PPPC – https://kc.mcafee.com/corporate/index?page=content&id=KB92159
+ FRP PPPC – fmpd already allowed as part of KB91109

Catalina (10.15)
System Extensions (SEXTs) – https://kc.mcafee.com/corporate/index?page=content&id=KB93600
Web Content Filters – https://kc.mcafee.com/corporate/index?page=content&id=KB93600
Legacy System Extensions (KEXTs) – https://kc.mcafee.com/corporate/index?page=content&id=KB89728
+ MCP Kext – https://kc.mcafee.com/corporate/index?page=content&id=KB90163
+ DLP Kext – https://kc.mcafee.com/corporate/index?page=content&id=KB91332
Privacy Preferences (PPPC) – https://kc.mcafee.com/corporate/index?page=content&id=KB91109
+ DLP PPPC – https://kc.mcafee.com/corporate/index?page=content&id=KB92159
+ FRP PPPC – fmpd already allowed as part of KB91109

Mojave (10.14)
Legacy System Extensions (KEXTs) – https://kc.mcafee.com/corporate/index?page=content&id=KB89728
+ MCP Kext – https://kc.mcafee.com/corporate/index?page=content&id=KB90163
+ DLP Kext – https://kc.mcafee.com/corporate/index?page=content&id=KB91332
Privacy Preferences (PPPC) – https://kc.mcafee.com/corporate/index?page=content&id=KB91109
+ DLP PPPC – https://kc.mcafee.com/corporate/index?page=content&id=KB92159
+ FRP PPPC – fmpd already allowed as part of KB91109

High Sierra (10.13)
Legacy System Extensions (KEXTs) – https://kc.mcafee.com/corporate/index?page=content&id=KB89728
+ MCP Kext – https://kc.mcafee.com/corporate/index?page=content&id=KB90163
+ DLP Kext – https://kc.mcafee.com/corporate/index?page=content&id=KB91332

Featured

Current Versions

Last Updated: 18 Nov 2021

Provides Support for Monterey, Big Sur and Catalina (MFE provides support for N-1 only).
All products use Rosetta 2 on Apple Silicon (M1) Macs.
All products use system extensions – except MCP on Catalina, which uses a Kext.

NameTypeVersionePO ExtensionRelease DateRelease NotesMin. OS Version
MAMcAfee Agent for MacePO Package5.7.4.4185.7.4.14821 Sep 2021Link10.13
DXLDXL Clientbundled w/MA6.0.3.4416.0.0.25921 Sep 202110.13
ENSMEndpoint Security for MacStandalone10.7.8.18610.7.0.988
(platform)
10.6.1.106 (license)
12 Oct 2021Link10.15.6
TPENSM Threat PreventionePO Package
/Standalone
10.7.8.12810.7.0.115512 Oct 2021Link10.15.6
FWENSM FirewallePO Package10.7.8.11510.7.0.102512 Oct 202110.15.6
WCENSM Web ControlePO Package10.7.8.11910.7.0.107712 Oct 202110.15.6
ATPENSM Adaptive Threat ProtectionePO Package10.7.8.13110.7.0.104012 Oct 202110.15.6
MNEManagement of Native EncryptionePO Package
/Standalone
5.2.0.1215.2.0.2114 Apr 2021Link10.15.6
MCPMcAfee Client ProxyePO Package
/Standalone
4.1.5.101 (Big Sur)
3.2.0.267 (Catalina)
4.1.0.164 (Big Sur)
3.2.0.189 (Catalina)
29 Sept 2021Link11.2 (Big Sur)
10.15.6 (Catalina)
FRPFile and Removable Media ProtectionePO Package5.4.1.165.4.1.10919 Aug 2021Link10.15.6
DLPData Loss Prevention and Device ControlePO Package11.6.0.4611.6.0.2712 Nov 2020Link10.15.6
MVEDRMVISION Endpoint Detection and ResponseePO Package3.5.2.11003.5.2.11005 Nov 2021Link10.15.6

Mojave Versions

Last Updated: 14 Feb 2021Last Versions to Support Mojave
(after this, all products use system extensions…except MCP on Catalina)
Currently, you must use these versions on Catalina if you use MVEDR!

NameTypeVersionePO ExtensionRelease DateRelease NotesMin. OS Version
MAAgent for MacePO Package5.7.0.1945.7.0.10708 Dec 2020Link10.13
DXLDXL CLientbundled w/MA6.0.3.18508 Dec 202010.13
ENSMEndpoint Security for MacStandalone10.7.1.10810.7.0.697
(platform)
10.6.1.106 (license)
8 Sep 2020Link10.14.5
TPENSM Threat PreventionePO Package
/Standalone
10.7.1.10910.7.0.7558 Sep 2020Link10.14.5
FWENSM FirewallePO Package10.7.1.10410.7.0.6848 Sep 202010.14.5
WCENSM Web Control
ePO Package
10.7.1.10310.7.0.7508 Sep 202010.14.5
ATPENSM Adaptive Threat ProtectionePO Package10.7.1.10610.7.0.7058 Sep 202010.14.5
MNEManagement of Native EncryptionePO Package
/Standalone
5.1.0.75.1.0.89 Jun 2020Link10.14.5
MCPClient ProxyePO Package
/Standalone
3.2.0.2673.2.0.18931 Aug 2020Link10.14.5
FRPFile and Removable Media ProtectionePO Package5.1.1.2615.2.0.15111 Feb 2020Link10.14.5
DLPData Loss Prevention and Device ControlePO Package11.5.2.611.5.3.811 Aug 2020Link10.14.5
MVEDRMVISION Endpoint Detection and ResponseePO Package3.3.0.6253.3.0.62526 Nov 2020Link10.14.5

High Sierra Versions

Last Updated: 14 Feb 2021Last Versions to Support High Sierra
(after this, all products are notarized)

NameTypeVersionePO ExtensionRelease DateRelease NotesMin. OS Version
MAAgent for MacePO Package5.6.6.2905.6.6.10410 Nov 2020Link10.13
DXLDXL Clientbundled w/MA6.0.0.24110 Nov 202010.13
ENSMEndpoint Security for MacStandalone10.6.4.11710.6.1.1216
(platform)
10.6.1.106 (license)
13 Aug 2019Link10.13
TPENSM Threat PreventionePO Package
/Standalone
10.6.4.11310.6.1.123413 Aug 2019Link10.13
FWENSM FirewallePO Package10.7.1.10410.6.1.119613 Aug 201910.13
WCENSM Web Control
ePO Package
10.7.1.10310.6.1.119113 Aug 201910.13
ATPENSM Adaptive Threat ProtectionePO Package10.7.1.10610.6.1.119113 Aug 201910.13
MNEManagement of Native EncryptionePO Package
/Standalone
5.0.0.35.0.0.11112 Mar 2019Link10.13
MCPClient ProxyePO Package
/Standalone
2.5.0.2432.5.0.26913 Aug 2019Link10.13
FRPFile and Removable Media ProtectionePO Package5.1.0.17095.1.0.20913 Aug 2019Link10.13
DLPData Loss Prevention and Device ControlePO Package11.3.0.811.3.0.1923 Jul 2019Link10.13
MVEDRMVISION Endpoint Detection and ResponseePO Package3.0.0.4323.0.0.43222 Aug 2019Link10.13

Download Sources

McAfee does not make its software publicly available to download. You must be a McAfee customer with a valid grant number or licensed ePO in order to download.

Locations:
Product Downloads – requires Grant Number
ePO Software Catalog – requires licensed ePO server

Definitions:
• Standalone – designed to be used without ePO -or- designed to be installed without using ePO
• ePO Package – designed to be checked-in – this is endpoint software that is installed from ePO.
• ePO Extension – designed to be checked-in – this is used to configure software installed from ePO.
• Documentation – install guides, product guides, release notes, etc.

Documentation

General Info:
SNS – McAfee Support Notification Service – receive emails about product updates
PER – How to submit a new Product Idea – create an enhancement request

NameKnown IssuesMER ToolSupported Platforms
MAMcAfee Agent for MacKB93773KB86785KB51573
DXLDXL ClientKB90005
ENSMEndpoint Security for MacKB85855KB87626KB84934
TPENS Threat PreventionKB85825
FWENS Firewall
WCENS Web Control
ATPENS Adaptive Thread ProtectionKB90658
MNEManagement of Native EncryptionKB91240KB79508KB79375
MCPMcAfee Client ProxyKB83131KB92089KB74182
FRPFile and Removable Media ProtectionKB85807KB76759KB81149
DLPData Loss Prevention and Device ControlKB89301KB86628KB68147
MVEDRMVISION Endpoint Detection and ResponseKB91275KB92109KB91345