Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Compliance Reporting and Remediation with Jamf Pro

Jamf
October 24, 2018

Compliance Reporting and Remediation with Jamf Pro

Presentation from JNUC 2018, the world's largest rally of Apple IT administrators.

Session:
Compliance Reporting and Remediation with Jamf Pro

Presented by:
Christopher Kemp, Accenture

View all session slides, recordings and more at https://www.jamf.com/events/jamf-nation-user-conference/2018/.

Jamf

October 24, 2018
Tweet

More Decks by Jamf

Other Decks in Technology

Transcript

  1. © JAMF Software, LLC Accenture - Technology Landscape • 459,000

    employees across 53 countries • 452,000 managed workstations • 12,000 (2.65%) Mac workstations (Jamf Pro) • 140k managed mobile devices ~ 80k iOS, 60k Android (Microsoft Intune)
  2. © JAMF Software, LLC Accenture - Mac Enablement Program •

    Mac Enablement program launched in 2012 to support Apple client team • Expanded with Accenture Digital, Accenture Interactive • Doubled in size (5k-10k) in 2017 • ~50% using Apple Device Enrollment
  3. © JAMF Software, LLC Compliance Reporting and 
 Remediation with

    Jamf Pro Presentation Agenda: • Protect myTech Challenges • Leveraging Jamf Pro • Extending Jamf Pro
  4. © JAMF Software, LLC • OS version is current •

    Security patches have been applied • Native security enabled 
 FileVault, Firewall, SIP, etc. • 3rd-party security tools are active • Core applications are up-to-date Reporting and Remediation Challenges How we determine Security Compliance:
  5. © JAMF Software, LLC Reporting and Remediation Challenges What did

    we need to accomplish? • Provide an in-app experience for users to view
 their machine’s compliance status • Deliver notifications to the end users • Automate remediation when possible • Pre-populated ServiceNow tickets when 
 auto-remediation not possible
  6. © JAMF Software, LLC Reporting and Remediation Challenges Benefits of

    a Self Service implementation: • Fits into the current Accenture Mac ecosystem • Jamf Pro is providing most of the Compliance data • Jamf Pro, Self Service provides mechanisms
 for end-user feedback and self-remediation • Easily customize actions, conditions • Easy to maintain over time
  7. © JAMF Software, LLC Key Components of the Compliance Panel

    • Policies and Notifications • Smart Groups for Policy Scoping • Use of Patch Reporting titles (versioning) • Scripting, Extension Attributes Leveraging Jamf Pro
  8. © JAMF Software, LLC Leveraging Jamf Pro • Green -

    OK • Red - NC • Yellow - ?? • Blue - Help Desk Use Policies to create a simple Status Display
  9. © JAMF Software, LLC Green: Display-only policy, no actions Button

    feedback: OK i - detailed info about what this icon means Leveraging Jamf Pro
  10. © JAMF Software, LLC Red: Actionable item ! Moves to

    head of list Button initiates action: FIX or Help i - details of action Leveraging Jamf Pro
  11. © JAMF Software, LLC Yellow: Display or ! Actionable Button,

    i: describes the condition Leveraging Jamf Pro
  12. © JAMF Software, LLC Whitespace pins to 1st position of

    list Button initiates ticket creation (Help) Leveraging Jamf Pro
  13. © JAMF Software, LLC Leveraging Jamf Pro • Green, Red

    criteria are opposing Yes/No conditions • Yellow conditions are simple, but independent • Criteria built from existing data, Patch Title versioning, Extension Attributes Smart Groups
  14. © JAMF Software, LLC Extending Jamf Pro • Patch Reporting

    for non-curated titles • Statuses not covered by recon • Generic master notification alert • Mass creation and editing of components Gaps We Needed To Fill
  15. © JAMF Software, LLC Extending Jamf Pro • Patch Server

    for Jamf Pro - Bryson Tyrrell • Community Patch Server Patch Reporting for non-curated titles
  16. © JAMF Software, LLC Extending Jamf Pro • alerter Notification

    • Adobe Flash Player.app • Symantec Health Check • ServiceNow targeted ticketing Scripting - master notification, statuses
  17. © JAMF Software, LLC Extending Jamf Pro alerter - Master

    Notification Valère Jeantet 
 Eloy Durán 
 Julien Blanchard By:
  18. © JAMF Software, LLC Extending Jamf Pro • Searches /Applications

    and /Applications/ Adobe* for Flash Player.app and version checks each one. If any version is not current, EA is set to “Flagged”. • Remediation script generates a report for the user identifying where each copy of the app is found and what version it is. Adobe Flash Player.app
  19. © JAMF Software, LLC Extending Jamf Pro • SEP Installed

    • Last Scan < 14 days • NTP Definitions < 14 days • AV Definitions < 14 days Symantec Health Check • IPS kext • NFS kext • Internet Sec. kext • SyLink file exists Symantec Health Check EA: 11111111
  20. © JAMF Software, LLC Extending Jamf Pro ServiceNow Ticketing -

    Create SNOW Ticket.sh appID=$4 errorCode=$5 Hostname=`hostname` SNOW=“https://blah.blah.blah/blah/blah/etc/etc” open -a Safari.app "$SNOW&aid=$appID&ec=$errorCode&mn=$Hostname"
  21. © JAMF Software, LLC Extending Jamf Pro • Jamf Classic

    API • ruby-jss - Chris Lasell, Aurica Hayes Mass Creation, Editing of Policies and Groups
  22. © JAMF Software, LLC Extending Jamf Pro • create_policies_from_list.rb -

    takes a list of Compliance Points and creates the “bones” of Green/Red/Yellow policies. • Hard-coded values: Category name, icon IDs, Jamf Pro server name and credentials Mass Creation, Editing of Policies and Groups
  23. © JAMF Software, LLC Extending Jamf Pro • create_RG_smart_groups.rb -

    takes a text list of Patch Title IDs and creates Green/Red Smart Groups for scoping. • Hard-coded values: level (acceptable revisions), Jamf Pro server name and credentials, Group name format Mass Creation, Editing of Policies and Groups
  24. © JAMF Software, LLC Extending Jamf Pro • patch_title_smart_group_updater.rb •

    Hard-coded values: Patch Title IDs, level (acceptable revisions), Jamf Pro server name and credentials, Group name format Mass Creation, Editing of Policies and Groups
  25. © JAMF Software, LLC Future Plans • Additional Checks •

    Feedback • Webhooks How Will We Build On This Solution?
  26. © JAMF Software, LLC Compliance Reporting and 
 Remediation with

    Jamf Pro Recap: • Needs for reporting and remediating compliance issues • Leveraging Jamf Pro and Self Service to report and address these issues • Extending Jamf Pro’s capabilities with scripting and third-party add-ons
  27. © JAMF Software, LLC Mac Workstation Team - Thank You!

    • Brandon Peek - Mac Engineering Mgr • Maik Sanftenberg - Engineering Lead • Chad Proctor - Mac Operations Lead • Kayla Green - Senior Analyst • Hafizulla Chittoor - Support Analyst
  28. © JAMF Software, LLC Reference URLs • Accenture Mac Enablement

    Github:
 https://accenture.github.io/mac-enablement • alerter:
 https://github.com/vjeantet/alerter • ruby-jss:
 http://pixaranimationstudios.github.io/ruby-jss/ • Patch Server for Jamf Pro
 https://marketplace.jamf.com/details/patch-server-for-jamf- pro/