Compliance Reporting and Remediation with Jamf Pro

Transcript

1. None

2. © JAMF Software, LLC Christopher Kemp Engineering Lead Mac Workstation

   Team Accenture

3. © JAMF Software, LLC Accenture - Technology Landscape • 459,000

   employees across 53 countries • 452,000 managed workstations • 12,000 (2.65%) Mac workstations (Jamf Pro) • 140k managed mobile devices ~ 80k iOS, 60k Android (Microsoft Intune)

4. © JAMF Software, LLC Accenture - Mac Enablement Program •

   Mac Enablement program launched in 2012 to support Apple client team • Expanded with Accenture Digital, Accenture Interactive • Doubled in size (5k-10k) in 2017 • ~50% using Apple Device Enrollment

5. © JAMF Software, LLC Compliance Reporting and 
 Remediation with

   Jamf Pro Presentation Agenda: • Protect myTech Challenges • Leveraging Jamf Pro • Extending Jamf Pro

6. © JAMF Software, LLC • OS version is current •

   Security patches have been applied • Native security enabled 
 FileVault, Firewall, SIP, etc. • 3rd-party security tools are active • Core applications are up-to-date Reporting and Remediation Challenges How we determine Security Compliance:

7. © JAMF Software, LLC Reporting and Remediation Challenges What did

   we need to accomplish? • Provide an in-app experience for users to view
 their machine’s compliance status • Deliver notifications to the end users • Automate remediation when possible • Pre-populated ServiceNow tickets when 
 auto-remediation not possible

8. © JAMF Software, LLC Accenture’s “Protect myTech” Panel

9. © JAMF Software, LLC Reporting and Remediation Challenges Benefits of

   a Self Service implementation: • Fits into the current Accenture Mac ecosystem • Jamf Pro is providing most of the Compliance data • Jamf Pro, Self Service provides mechanisms
 for end-user feedback and self-remediation • Easily customize actions, conditions • Easy to maintain over time

10. © JAMF Software, LLC Key Components of the Compliance Panel

    • Policies and Notifications • Smart Groups for Policy Scoping • Use of Patch Reporting titles (versioning) • Scripting, Extension Attributes Leveraging Jamf Pro

11. © JAMF Software, LLC Leveraging Jamf Pro • Green -

    OK • Red - NC • Yellow - ?? • Blue - Help Desk Use Policies to create a simple Status Display

12. © JAMF Software, LLC Green: Display-only policy, no actions Button

    feedback: OK i - detailed info about what this icon means Leveraging Jamf Pro

13. © JAMF Software, LLC Red: Actionable item ! Moves to

    head of list Button initiates action: FIX or Help i - details of action Leveraging Jamf Pro

14. © JAMF Software, LLC Yellow: Display or ! Actionable Button,

    i: describes the condition Leveraging Jamf Pro

15. © JAMF Software, LLC Whitespace pins to 1st position of

    list Button initiates ticket creation (Help) Leveraging Jamf Pro

16. © JAMF Software, LLC Leveraging Jamf Pro - Policies

17. © JAMF Software, LLC Leveraging Jamf Pro • Green, Red

    criteria are opposing Yes/No conditions • Yellow conditions are simple, but independent • Criteria built from existing data, Patch Title versioning, Extension Attributes Smart Groups

18. © JAMF Software, LLC Leveraging Jamf Pro - Smart Groups

19. © JAMF Software, LLC Leveraging Jamf Pro Remediation In Action

20. © JAMF Software, LLC Extending Jamf Pro • Patch Reporting

    for non-curated titles • Statuses not covered by recon • Generic master notification alert • Mass creation and editing of components Gaps We Needed To Fill

21. © JAMF Software, LLC Extending Jamf Pro • Patch Server

    for Jamf Pro - Bryson Tyrrell • Community Patch Server Patch Reporting for non-curated titles

22. © JAMF Software, LLC Extending Jamf Pro • alerter Notification

    • Adobe Flash Player.app • Symantec Health Check • ServiceNow targeted ticketing Scripting - master notification, statuses

23. © JAMF Software, LLC Extending Jamf Pro alerter - Master

    Notification Valère Jeantet 
 Eloy Durán 
 Julien Blanchard By:

24. © JAMF Software, LLC Extending Jamf Pro • Searches /Applications

    and /Applications/ Adobe* for Flash Player.app and version checks each one. If any version is not current, EA is set to “Flagged”. • Remediation script generates a report for the user identifying where each copy of the app is found and what version it is. Adobe Flash Player.app

25. © JAMF Software, LLC Extending Jamf Pro • SEP Installed

    • Last Scan < 14 days • NTP Definitions < 14 days • AV Definitions < 14 days Symantec Health Check • IPS kext • NFS kext • Internet Sec. kext • SyLink file exists Symantec Health Check EA: 11111111

26. © JAMF Software, LLC Extending Jamf Pro ServiceNow Ticketing -

    Create SNOW Ticket.sh appID=$4 errorCode=$5 Hostname=`hostname` SNOW=“https://blah.blah.blah/blah/blah/etc/etc” open -a Safari.app "$SNOW&aid=$appID&ec=$errorCode&mn=$Hostname"

27. © JAMF Software, LLC Extending Jamf Pro • Jamf Classic

    API • ruby-jss - Chris Lasell, Aurica Hayes Mass Creation, Editing of Policies and Groups

28. © JAMF Software, LLC Extending Jamf Pro • create_policies_from_list.rb -

    takes a list of Compliance Points and creates the “bones” of Green/Red/Yellow policies. • Hard-coded values: Category name, icon IDs, Jamf Pro server name and credentials Mass Creation, Editing of Policies and Groups

29. © JAMF Software, LLC Extending Jamf Pro • create_RG_smart_groups.rb -

    takes a text list of Patch Title IDs and creates Green/Red Smart Groups for scoping. • Hard-coded values: level (acceptable revisions), Jamf Pro server name and credentials, Group name format Mass Creation, Editing of Policies and Groups

30. © JAMF Software, LLC Extending Jamf Pro • patch_title_smart_group_updater.rb •

    Hard-coded values: Patch Title IDs, level (acceptable revisions), Jamf Pro server name and credentials, Group name format Mass Creation, Editing of Policies and Groups

31. © JAMF Software, LLC Future Plans • Additional Checks •

    Feedback • Webhooks How Will We Build On This Solution?

32. © JAMF Software, LLC Compliance Reporting and 
 Remediation with

    Jamf Pro Recap: • Needs for reporting and remediating compliance issues • Leveraging Jamf Pro and Self Service to report and address these issues • Extending Jamf Pro’s capabilities with scripting and third-party add-ons

33. © JAMF Software, LLC Mac Workstation Team - Thank You!

    • Brandon Peek - Mac Engineering Mgr • Maik Sanftenberg - Engineering Lead • Chad Proctor - Mac Operations Lead • Kayla Green - Senior Analyst • Hafizulla Chittoor - Support Analyst

34. © JAMF Software, LLC Questions?

35. © JAMF Software, LLC Reference URLs • Accenture Mac Enablement

    Github:
 https://accenture.github.io/mac-enablement • alerter:
 https://github.com/vjeantet/alerter • ruby-jss:
 http://pixaranimationstudios.github.io/ruby-jss/ • Patch Server for Jamf Pro
 https://marketplace.jamf.com/details/patch-server-for-jamf- pro/

36. © JAMF Software, LL THANK YOU!