$30 off During Our Annual Pro Sale. View Details »

MDM Not Working: Was it the Proxy?

Jamf
November 13, 2019
220

MDM Not Working: Was it the Proxy?

Jamf

November 13, 2019
Tweet

Transcript

  1. © JAMF Software, LLC MDM Not Working? Was It the

    Proxy? 10:15 - 11 AM UP NEXT
  2. None
  3. © JAMF Software, LLC Daniel MacLaughlin Implementation Engineer Jamf

  4. © JAMF Software, LLC MDM Not Working? Was It the

    Proxy? Presentation agenda: What do we mean when we say “Proxy” Different “Proxy” configurations How does it impact MDM and Apple Who’s Security is better? Troubleshooting, Takeaways and Q’s maybe A’s
  5. © JAMF Software, LLC Image or video dimensions 1080 px

    525 px Whats in a Name?
  6. © JAMF Software, LLC Alice isn’t talking to Bob directly.

    Bob doesn’t see a request from Alice. The Proxy is acting like a relay. Proxy in a Tech Sense
  7. © JAMF Software, LLC Proxies and Apple

  8. © JAMF Software, LLC Proxies and Apple

  9. © JAMF Software, LLC Proxies and Apple

  10. © JAMF Software, LLC Proxies and Apple

  11. © JAMF Software, LLC So What’s the Problem? Did we

    miss something? Why are there options? Is it or Isn’t it Supported?
  12. © JAMF Software, LLC It’s Always the Proxy Well there

    is something Its called SSL inspection It’s not supported!
  13. © JAMF Software, LLC It’s Always the Proxy

  14. © JAMF Software, LLC Proxies and Apple

  15. © JAMF Software, LLC

  16. © JAMF Software, LLC Image or video dimensions 1080 px

    525 px 5223
  17. © JAMF Software, LLC Image or video dimensions 1080 px

    525 px
  18. © JAMF Software, LLC Image or video dimensions 1080 px

    525 px
  19. © JAMF Software, LLC Image or video dimensions 1080 px

    525 px https://www.apple.com
  20. © JAMF Software, LLC Image or video dimensions 1080 px

    525 px
  21. © JAMF Software, LLC Proxies and Apple

  22. © JAMF Software, LLC Proxies and Apple

  23. © JAMF Software, LLC Proxies and Apple

  24. © JAMF Software, LLC Proxies and Apple

  25. © JAMF Software, LLC

  26. © JAMF Software, LLC Proxies and Apple

  27. © JAMF Software, LLC Max image dimensions Proxies and Apple

    Ok Network admin has whitelisted Apple to bypass SSL inspection Why is it still not working? Is it always the proxy?
  28. © JAMF Software, LLC

  29. © JAMF Software, LLC Proxies and MDM What about the

    MDM My Server is On-Prem Will I still have issues?
  30. © JAMF Software, LLC Proxies and MDM

  31. © JAMF Software, LLC Proxies and MDM

  32. © JAMF Software, LLC Proxies and MDM

  33. © JAMF Software, LLC Certificate Security OCSP Stapling Cert Trust

    Anchors
  34. © JAMF Software, LLC More Certificate Security Transparent Proxies Explicit

    Proxies There’s this thing called TLS 1.3 and SNI or ESNI
  35. © JAMF Software, LLC Prove its the Proxy You have

    to get some logs Packet captures Even from the proxy server
  36. © JAMF Software, LLC For macOS we can use 3rd

    party tools like: Charles Proxy and WireShark Local Tools tcpdump For iOS: Apple Configurator 2 WireShark using rvictl tcpdump using rvictl Getting Packet Captures
  37. © JAMF Software, LLC What are we looking for

  38. © JAMF Software, LLC What are we looking for

  39. © JAMF Software, LLC Takeaways • Don’t use manual settings

    • Do use explicit over transparent • Some URLS just gotta be un-authed • Don’t inspect SSL
  40. © JAMF Software, LLC Not Getting Push: https://support.apple.com/en-us/HT203609 Use Apple

    on Enterprise Networks: https://support.apple.com/en-us/HT210060 Getting Started with ABM or ASM with MDM: https://support.apple.com/en-us/HT207516 Enterprise Firewall for WNS: https://docs.microsoft.com/en-au/windows/uwp/design/shell/ tiles-and-notifications/firewall-allowlist-config Links
  41. © JAMF Software, LLC Network Ports used by Jamf Pro

    https://www.jamf.com/jamf-nation/articles/34 Configuring the JSS to use an HTTP Proxy Server https://jamf.com/jamf-nation/articles/379 Recording a Packet Trace https://developer.apple.com/documentation/network/ recording_a_packet_trace Third Party Network Tools https://developer.apple.com/documentation/network/ taking_advantage_of_third-party_network_debugging_tools Links
  42. © JAMF Software, LLC Q & A

  43. © JAMF Software, LLC Thank you

  44. © JAMF Software, LLC Thank you for listening! Give us

    feedback by completing the 2-question session survey in the JNUC 2019 app. UP NEXT What’s in the Blue Bin? Recycled Malware 11:30 AM