Home » Help » Managing Mac computers

Managing Mac computers

Browser Security Plus can be used to manage computers with Mac operating Systems. Browser Security Plus has separate agents to manage Mac computers. This document will explain you on the following:

Supported macOS

Browser Security Plus currently supports the following Mac versions:

  • 10.11 El Capitan
  • 10.12 Sierra
  • 10.13 High Sierra
  • 10.14 Mojave
  • 10.15 Catalina
  • 11 Big Sur
  • 12 Monterey
  • 13 Ventura
  • 14 Sonoma

Apple Silicon processors can run apps that are compiled for the Intel chipset through a software technology known as Rosetta 2. This translation layer is automatically enabled in macOS Big Sur, and provides users with access to all features in Browser Security Plus Agent. In short, Browser Security Plus efficiently supports laptops with these new types of processors.

Configuring Mac Agent Settings

Browser Security Plus has different agents for windows and Mac computers. Mac agents will be created by default and Mac agent settings need to be configured only for adding credentials that are required for remote agent installation.

Installing Mac Agents

Mac agents can be installed manually in the computers that need to be managed. Agents can be installed manually in every computer or through SSH. To install the agent, log-in into the computer as an administrator and follow the steps mentioned below.

  1. Click on Scope of Management .
  2. Click on Download Agent link

You will have a drop down list, from which you can choose and download the appropriate agent. If the managed computers are in the same LAN, download  Mac local agent. If the managed computers are in remote locations, download agents appropriately.  Follow the steps mentioned below to install the agents manually,

  1. Login into the Mac computer as administrator and navigate to the location where the agent is downloaded.
  2. Extract the zip file and locate UEMS_MacAgent.pkg and serverinfo.plist file.
  3. Double click to install the agent.
  4. Enter administrators password when prompted to complete installation.

Installing Mac Agents Remotely

 
  • If you wanted to install agents for computers within the LAN, then you can choose the computers and invoke agent installation from the Browser Security Plus web console --> Agent tab --> Computers -->Select computers and invoke agent installation. If you wanted to install agents to computers which belongs to a different remote office, then you will have to use SSH.

Installing Mac agents to remote office computers can be done easily through SSH. Using a Mac computer you can remotely connect to other computers and install the Mac agents. To know about installing agents follow the steps mentioned below.

    1. Login into the Mac computer as administrator
    2. Download the Mac agent.
    3. Copy the downloaded Mac agent
    4. Open the terminal
    5. Navigate to the location where the agent is downloaded.
    6. Type scp UEMSMacAgent.zip adminusername@hostname: to copy the agent to the target computer.
      1. where adminusername - administrator user name of the remote computer
      2. hostname - local host name of the remote computer
      3. Agent is copied in the location ~ /Users/adminusername in target computer

    7. Install the agent in the remote computer

    8. To login into the target computer using SSH type ssh adminusername@hostname

    9. Navigate to the location where the agent is copied, Unzip the agent zip file by typing unzip -oq UEMSMacAgent.zip

    10. Install the agent using the command sudo installer-pkg UEMS_MacAgent.-target/

    11. Enter the administrator password when prompted to complete agent installation.

    12. Once the agents are installed successfully, the Mac computers will be listed in the SoM page in the Browser Security Plus web console.

Configuring MDM profile for Mac devices

In latest versions of macOS, most enterprise policy will only take effect if macOS has MDM profiles. Hence, it is mandatory to create MDM profiles for your Mac devices.

To successfully deploy browser security policies to your Mac devices, follow the pre-requisites mentioned below.

Configuring NAT settings: Open Console, navigate to NAT settings, under Server Settings in Admin tab and update FQDN/IP.

Uploading APNS certificate: Navigate to Agent > APNS certificate > Download and upload the signed certificate in the Apple server. Download the .pem file from the Apple server and upload the .pem file in the server.

  • Once completed, navigate to SOM settings under Agent tab, enable MDM profile and enable Mac devices. Proceed to Save the settings.
  • If the above two prerequisites are met, the end user will be prompted via a notification window to install the MDM profile on their device. The end user has to approve to let Browser Security Plus manage their Mac device.

Once your Mac devices are enrolled successfully, you can now deploy policies to your Mac devices.

Uninstall Mac agents

To uninstall the agents from the computers, follow the steps mentioned below.

  1. Open the uninstaller.app present in the location Library/UEMS_Agent/ in the directory where the product has been installed.
  2. Enter the OTP prompted, if uninstallation restrictions are configured. To view the OTP navigate to Agent > Scope of Management > Computers (in product console) or Menu > Scope of Management > Computers > Actions (in mobile app).
  3. Enter the administrator credentials.
  4. This will uninstall the Browser Security Plus agent.