Save 37% off PRO during our Black Friday Sale! »

Compliance Reporting and Remediation with Jamf Pro

9d350fa2294e1192f8f12b0ebf1a1d8b?s=47 Jamf
October 24, 2018

Compliance Reporting and Remediation with Jamf Pro

Presentation from JNUC 2018, the world's largest rally of Apple IT administrators.

Session:
Compliance Reporting and Remediation with Jamf Pro

Presented by:
Christopher Kemp, Accenture

View all session slides, recordings and more at https://www.jamf.com/events/jamf-nation-user-conference/2018/.

9d350fa2294e1192f8f12b0ebf1a1d8b?s=128

Jamf

October 24, 2018
Tweet

Transcript

  1. None
  2. © JAMF Software, LLC Christopher Kemp Engineering Lead Mac Workstation

    Team Accenture
  3. © JAMF Software, LLC Accenture - Technology Landscape • 459,000

    employees across 53 countries • 452,000 managed workstations • 12,000 (2.65%) Mac workstations (Jamf Pro) • 140k managed mobile devices ~ 80k iOS, 60k Android (Microsoft Intune)
  4. © JAMF Software, LLC Accenture - Mac Enablement Program •

    Mac Enablement program launched in 2012 to support Apple client team • Expanded with Accenture Digital, Accenture Interactive • Doubled in size (5k-10k) in 2017 • ~50% using Apple Device Enrollment
  5. © JAMF Software, LLC Compliance Reporting and 
 Remediation with

    Jamf Pro Presentation Agenda: • Protect myTech Challenges • Leveraging Jamf Pro • Extending Jamf Pro
  6. © JAMF Software, LLC • OS version is current •

    Security patches have been applied • Native security enabled 
 FileVault, Firewall, SIP, etc. • 3rd-party security tools are active • Core applications are up-to-date Reporting and Remediation Challenges How we determine Security Compliance:
  7. © JAMF Software, LLC Reporting and Remediation Challenges What did

    we need to accomplish? • Provide an in-app experience for users to view
 their machine’s compliance status • Deliver notifications to the end users • Automate remediation when possible • Pre-populated ServiceNow tickets when 
 auto-remediation not possible
  8. © JAMF Software, LLC Accenture’s “Protect myTech” Panel

  9. © JAMF Software, LLC Reporting and Remediation Challenges Benefits of

    a Self Service implementation: • Fits into the current Accenture Mac ecosystem • Jamf Pro is providing most of the Compliance data • Jamf Pro, Self Service provides mechanisms
 for end-user feedback and self-remediation • Easily customize actions, conditions • Easy to maintain over time
  10. © JAMF Software, LLC Key Components of the Compliance Panel

    • Policies and Notifications • Smart Groups for Policy Scoping • Use of Patch Reporting titles (versioning) • Scripting, Extension Attributes Leveraging Jamf Pro
  11. © JAMF Software, LLC Leveraging Jamf Pro • Green -

    OK • Red - NC • Yellow - ?? • Blue - Help Desk Use Policies to create a simple Status Display
  12. © JAMF Software, LLC Green: Display-only policy, no actions Button

    feedback: OK i - detailed info about what this icon means Leveraging Jamf Pro
  13. © JAMF Software, LLC Red: Actionable item ! Moves to

    head of list Button initiates action: FIX or Help i - details of action Leveraging Jamf Pro
  14. © JAMF Software, LLC Yellow: Display or ! Actionable Button,

    i: describes the condition Leveraging Jamf Pro
  15. © JAMF Software, LLC Whitespace pins to 1st position of

    list Button initiates ticket creation (Help) Leveraging Jamf Pro
  16. © JAMF Software, LLC Leveraging Jamf Pro - Policies

  17. © JAMF Software, LLC Leveraging Jamf Pro • Green, Red

    criteria are opposing Yes/No conditions • Yellow conditions are simple, but independent • Criteria built from existing data, Patch Title versioning, Extension Attributes Smart Groups
  18. © JAMF Software, LLC Leveraging Jamf Pro - Smart Groups

  19. © JAMF Software, LLC Leveraging Jamf Pro Remediation In Action

  20. © JAMF Software, LLC Extending Jamf Pro • Patch Reporting

    for non-curated titles • Statuses not covered by recon • Generic master notification alert • Mass creation and editing of components Gaps We Needed To Fill
  21. © JAMF Software, LLC Extending Jamf Pro • Patch Server

    for Jamf Pro - Bryson Tyrrell • Community Patch Server Patch Reporting for non-curated titles
  22. © JAMF Software, LLC Extending Jamf Pro • alerter Notification

    • Adobe Flash Player.app • Symantec Health Check • ServiceNow targeted ticketing Scripting - master notification, statuses
  23. © JAMF Software, LLC Extending Jamf Pro alerter - Master

    Notification Valère Jeantet 
 Eloy Durán 
 Julien Blanchard By:
  24. © JAMF Software, LLC Extending Jamf Pro • Searches /Applications

    and /Applications/ Adobe* for Flash Player.app and version checks each one. If any version is not current, EA is set to “Flagged”. • Remediation script generates a report for the user identifying where each copy of the app is found and what version it is. Adobe Flash Player.app
  25. © JAMF Software, LLC Extending Jamf Pro • SEP Installed

    • Last Scan < 14 days • NTP Definitions < 14 days • AV Definitions < 14 days Symantec Health Check • IPS kext • NFS kext • Internet Sec. kext • SyLink file exists Symantec Health Check EA: 11111111
  26. © JAMF Software, LLC Extending Jamf Pro ServiceNow Ticketing -

    Create SNOW Ticket.sh appID=$4 errorCode=$5 Hostname=`hostname` SNOW=“https://blah.blah.blah/blah/blah/etc/etc” open -a Safari.app "$SNOW&aid=$appID&ec=$errorCode&mn=$Hostname"
  27. © JAMF Software, LLC Extending Jamf Pro • Jamf Classic

    API • ruby-jss - Chris Lasell, Aurica Hayes Mass Creation, Editing of Policies and Groups
  28. © JAMF Software, LLC Extending Jamf Pro • create_policies_from_list.rb -

    takes a list of Compliance Points and creates the “bones” of Green/Red/Yellow policies. • Hard-coded values: Category name, icon IDs, Jamf Pro server name and credentials Mass Creation, Editing of Policies and Groups
  29. © JAMF Software, LLC Extending Jamf Pro • create_RG_smart_groups.rb -

    takes a text list of Patch Title IDs and creates Green/Red Smart Groups for scoping. • Hard-coded values: level (acceptable revisions), Jamf Pro server name and credentials, Group name format Mass Creation, Editing of Policies and Groups
  30. © JAMF Software, LLC Extending Jamf Pro • patch_title_smart_group_updater.rb •

    Hard-coded values: Patch Title IDs, level (acceptable revisions), Jamf Pro server name and credentials, Group name format Mass Creation, Editing of Policies and Groups
  31. © JAMF Software, LLC Future Plans • Additional Checks •

    Feedback • Webhooks How Will We Build On This Solution?
  32. © JAMF Software, LLC Compliance Reporting and 
 Remediation with

    Jamf Pro Recap: • Needs for reporting and remediating compliance issues • Leveraging Jamf Pro and Self Service to report and address these issues • Extending Jamf Pro’s capabilities with scripting and third-party add-ons
  33. © JAMF Software, LLC Mac Workstation Team - Thank You!

    • Brandon Peek - Mac Engineering Mgr • Maik Sanftenberg - Engineering Lead • Chad Proctor - Mac Operations Lead • Kayla Green - Senior Analyst • Hafizulla Chittoor - Support Analyst
  34. © JAMF Software, LLC Questions?

  35. © JAMF Software, LLC Reference URLs • Accenture Mac Enablement

    Github:
 https://accenture.github.io/mac-enablement • alerter:
 https://github.com/vjeantet/alerter • ruby-jss:
 http://pixaranimationstudios.github.io/ruby-jss/ • Patch Server for Jamf Pro
 https://marketplace.jamf.com/details/patch-server-for-jamf- pro/
  36. © JAMF Software, LL THANK YOU!