Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Compliance Reporting and Remediation with Jamf Pro

Jamf
October 24, 2018

Compliance Reporting and Remediation with Jamf Pro

Presentation from JNUC 2018, the world's largest rally of Apple IT administrators.

Session:
Compliance Reporting and Remediation with Jamf Pro

Presented by:
Christopher Kemp, Accenture

View all session slides, recordings and more at https://www.jamf.com/events/jamf-nation-user-conference/2018/.

Jamf

October 24, 2018
Tweet

More Decks by Jamf

Other Decks in Technology

Transcript

  1. © JAMF Software, LLC
    Christopher Kemp
    Engineering Lead

    Mac Workstation Team

    Accenture

    View full-size slide

  2. © JAMF Software, LLC
    Accenture - Technology Landscape
    • 459,000 employees across 53 countries

    • 452,000 managed workstations

    • 12,000 (2.65%) Mac workstations (Jamf Pro)

    • 140k managed mobile devices

    ~ 80k iOS, 60k Android (Microsoft Intune)

    View full-size slide

  3. © JAMF Software, LLC
    Accenture - Mac Enablement Program
    • Mac Enablement program launched in 2012 to
    support Apple client team

    • Expanded with Accenture Digital, Accenture
    Interactive

    • Doubled in size (5k-10k) in 2017

    • ~50% using Apple Device Enrollment

    View full-size slide

  4. © JAMF Software, LLC
    Compliance Reporting and 

    Remediation with Jamf Pro
    Presentation Agenda:
    • Protect myTech Challenges

    • Leveraging Jamf Pro

    • Extending Jamf Pro

    View full-size slide

  5. © JAMF Software, LLC
    • OS version is current

    • Security patches have been applied

    • Native security enabled 

    FileVault, Firewall, SIP, etc.

    • 3rd-party security tools are active

    • Core applications are up-to-date
    Reporting and Remediation Challenges
    How we determine Security Compliance:

    View full-size slide

  6. © JAMF Software, LLC
    Reporting and Remediation Challenges
    What did we need to accomplish?
    • Provide an in-app experience for users to view

    their machine’s compliance status

    • Deliver notifications to the end users

    • Automate remediation when possible

    • Pre-populated ServiceNow tickets when 

    auto-remediation not possible

    View full-size slide

  7. © JAMF Software, LLC
    Accenture’s “Protect myTech” Panel

    View full-size slide

  8. © JAMF Software, LLC
    Reporting and Remediation Challenges
    Benefits of a Self Service implementation:
    • Fits into the current Accenture Mac ecosystem

    • Jamf Pro is providing most of the Compliance data

    • Jamf Pro, Self Service provides mechanisms

    for end-user feedback and self-remediation

    • Easily customize actions, conditions

    • Easy to maintain over time

    View full-size slide

  9. © JAMF Software, LLC
    Key Components of the Compliance Panel
    • Policies and Notifications

    • Smart Groups for Policy Scoping

    • Use of Patch Reporting titles (versioning)

    • Scripting, Extension Attributes
    Leveraging Jamf Pro

    View full-size slide

  10. © JAMF Software, LLC
    Leveraging Jamf Pro
    • Green - OK

    • Red - NC

    • Yellow - ??

    • Blue - Help Desk
    Use Policies to create a simple Status Display

    View full-size slide

  11. © JAMF Software, LLC
    Green: Display-only
    policy, no actions
    Button feedback: OK
    i - detailed info about
    what this icon means
    Leveraging Jamf Pro

    View full-size slide

  12. © JAMF Software, LLC
    Red: Actionable item
    ! Moves to head of list
    Button initiates action:
    FIX or Help
    i - details of action
    Leveraging Jamf Pro

    View full-size slide

  13. © JAMF Software, LLC
    Yellow:
    Display or ! Actionable
    Button, i:
    describes the condition
    Leveraging Jamf Pro

    View full-size slide

  14. © JAMF Software, LLC
    Whitespace pins to 1st
    position of list
    Button initiates ticket
    creation (Help)
    Leveraging Jamf Pro

    View full-size slide

  15. © JAMF Software, LLC
    Leveraging Jamf Pro - Policies

    View full-size slide

  16. © JAMF Software, LLC
    Leveraging Jamf Pro
    • Green, Red criteria are opposing Yes/No
    conditions

    • Yellow conditions are simple, but independent

    • Criteria built from existing data, Patch Title
    versioning, Extension Attributes
    Smart Groups

    View full-size slide

  17. © JAMF Software, LLC
    Leveraging Jamf Pro - Smart Groups

    View full-size slide

  18. © JAMF Software, LLC
    Leveraging Jamf Pro Remediation In Action

    View full-size slide

  19. © JAMF Software, LLC
    Extending Jamf Pro
    • Patch Reporting for non-curated titles

    • Statuses not covered by recon

    • Generic master notification alert

    • Mass creation and editing of components
    Gaps We Needed To Fill

    View full-size slide

  20. © JAMF Software, LLC
    Extending Jamf Pro
    • Patch Server for Jamf Pro - Bryson Tyrrell

    • Community Patch Server
    Patch Reporting for non-curated titles

    View full-size slide

  21. © JAMF Software, LLC
    Extending Jamf Pro
    • alerter Notification

    • Adobe Flash Player.app

    • Symantec Health Check

    • ServiceNow targeted ticketing
    Scripting - master notification, statuses

    View full-size slide

  22. © JAMF Software, LLC
    Extending Jamf Pro
    alerter - Master Notification
    Valère Jeantet 

    Eloy Durán 

    Julien Blanchard
    By:

    View full-size slide

  23. © JAMF Software, LLC
    Extending Jamf Pro
    • Searches /Applications and /Applications/
    Adobe* for Flash Player.app and version
    checks each one. If any version is not current,
    EA is set to “Flagged”.

    • Remediation script generates a report for the
    user identifying where each copy of the app is
    found and what version it is.
    Adobe Flash Player.app

    View full-size slide

  24. © JAMF Software, LLC
    Extending Jamf Pro
    • SEP Installed

    • Last Scan < 14 days

    • NTP Definitions < 14 days

    • AV Definitions < 14 days
    Symantec Health Check
    • IPS kext

    • NFS kext

    • Internet Sec. kext

    • SyLink file exists
    Symantec Health Check EA:

    11111111

    View full-size slide

  25. © JAMF Software, LLC
    Extending Jamf Pro
    ServiceNow Ticketing - Create SNOW Ticket.sh
    appID=$4
    errorCode=$5
    Hostname=`hostname`
    SNOW=“https://blah.blah.blah/blah/blah/etc/etc”
    open -a Safari.app "$SNOW&aid=$appID&ec=$errorCode&mn=$Hostname"

    View full-size slide

  26. © JAMF Software, LLC
    Extending Jamf Pro
    • Jamf Classic API

    • ruby-jss - Chris Lasell, Aurica Hayes
    Mass Creation, Editing of Policies and Groups

    View full-size slide

  27. © JAMF Software, LLC
    Extending Jamf Pro
    • create_policies_from_list.rb - takes a list of
    Compliance Points and creates the “bones” of
    Green/Red/Yellow policies.
    • Hard-coded values: Category name, icon IDs, Jamf Pro server
    name and credentials
    Mass Creation, Editing of Policies and Groups

    View full-size slide

  28. © JAMF Software, LLC
    Extending Jamf Pro
    • create_RG_smart_groups.rb - takes a text list
    of Patch Title IDs and creates Green/Red
    Smart Groups for scoping.
    • Hard-coded values: level (acceptable revisions), Jamf Pro
    server name and credentials, Group name format
    Mass Creation, Editing of Policies and Groups

    View full-size slide

  29. © JAMF Software, LLC
    Extending Jamf Pro
    • patch_title_smart_group_updater.rb

    • Hard-coded values: Patch Title IDs, level (acceptable
    revisions), Jamf Pro server name and credentials, Group name
    format
    Mass Creation, Editing of Policies and Groups

    View full-size slide

  30. © JAMF Software, LLC
    Future Plans
    • Additional Checks

    • Feedback

    • Webhooks
    How Will We Build On This Solution?

    View full-size slide

  31. © JAMF Software, LLC
    Compliance Reporting and 

    Remediation with Jamf Pro
    Recap:
    • Needs for reporting and remediating
    compliance issues

    • Leveraging Jamf Pro and Self Service to report
    and address these issues

    • Extending Jamf Pro’s capabilities with scripting
    and third-party add-ons

    View full-size slide

  32. © JAMF Software, LLC
    Mac Workstation Team - Thank You!
    • Brandon Peek - Mac Engineering Mgr

    • Maik Sanftenberg - Engineering Lead

    • Chad Proctor - Mac Operations Lead

    • Kayla Green - Senior Analyst

    • Hafizulla Chittoor - Support Analyst

    View full-size slide

  33. © JAMF Software, LLC
    Questions?

    View full-size slide

  34. © JAMF Software, LLC
    Reference URLs
    • Accenture Mac Enablement Github:

    https://accenture.github.io/mac-enablement

    • alerter:

    https://github.com/vjeantet/alerter

    • ruby-jss:

    http://pixaranimationstudios.github.io/ruby-jss/

    • Patch Server for Jamf Pro

    https://marketplace.jamf.com/details/patch-server-for-jamf-
    pro/

    View full-size slide

  35. © JAMF Software, LL
    THANK YOU!

    View full-size slide