Deploying Coro on macOS endpoints
This guide describes the process for deploying the Coro Agent to macOS endpoints.
Prerequisites and system requirements
Before you begin, make sure your macOS device meets the following prerequisites:
- Coro Security Platform utilizes a Bitdefender Software Development Kit (SDK). To avoid conflicts that may interfere with the installation of the Coro Agent, Bitdefender and any other antivirus software based on Bitdefender must be uninstalled prior to installing the Coro Agent.
- macOS devices must meet the minimum specifications .
- You must have administrative permissions to install applications on your macOS device.
Deployment options
Install the Coro Agent through one of the processes described below:
- Self-install on single devices : An admin user provides specific users with an installer link via email. Users select the link and follow the on-screen instructions to install the software on their devices.
-
Mass deployment
: An admin user downloads the Agent installer package and deploys it across all devices using a mass deployment tool.
Coro provides a number of articles covering mass deployment scenarios. To learn more:
Note
While deploying the Coro Agent to macOS devices, end users typically receive a pop-up warning requesting confirmation to allow or not allow the Coro Agent to filter network content:
This warning is a security feature included with macOS and applies to all apps installed on the device that require such access. If you are deploying the Coro Agent via MDM tools to one or more devices and want to provide a silent installation, use the following configuration to automatically allow this component and bypass the warning:
Expand for configuration listing
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1"> <dict> <key>PayloadUUID</key> <string>7E53AC50-B88D-4132-99B6-29F7974EAA3C</string> <key>PayloadType</key> <string>Configuration</string> <key>PayloadOrganization</key> <string>Coronet Cyber Security</string> <key>PayloadIdentifier</key> <string>7E53AC50-B88D-4132-99B6-29F7974EAA3C</string> <key>PayloadDisplayName</key> <string>Coro System Extensions</string> <key>PayloadDescription</key> <string/> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadEnabled</key> <true/> <key>PayloadScope</key> <string>System</string> <key>PayloadContent</key> <array> <dict> <key>PayloadUUID</key> <string>2BA070D9-2233-4827-AFC1-1F44C8C8E527</string> <key>PayloadType</key> <string>com.apple.webcontent-filter</string> <key>PayloadOrganization</key> <string>Coronet Cyber Security</string> <key>PayloadIdentifier</key> <string>CEBF7A71-D9A1-48BD-8CCF-BD9D18EC155A</string> <key>PayloadDisplayName</key> <string>Approved Network Extension</string> <key>PayloadDescription</key> <string/> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadEnabled</key> <true/> <key>FilterType</key> <string>Plugin</string> <key>UserDefinedName</key> <string>Coro Network Extension</string> <key>PluginBundleID</key> <string>net.coro.endsec.Coro</string> <key>FilterSockets</key> <true/> <key>FilterDataProviderBundleIdentifier</key> <string>net.coro.endsec.TrafficService</string> <key>FilterDataProviderDesignatedRequirement</key> <string>identifier "net.coro.endsec.TrafficService" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = E3P52EVK39</string> </dict> </array> </dict> </plist>Save this configuration to a file on your local workstation. This file can then be used on any MDM platform that supports custom policies. Refer to your MDM platform for specific instructions on deploying custom policies.
Downloading and installing the Agent
To download and install the Coro Agent:
- Sign into the Coro console .
-
Select
Control Panel
:
- Select Devices > Agent Deployment .
-
Scroll to the
macOS
section:
-
Select
ACTIONS
:
Choose from the following actions:
-
Obtain a download link URL for the Agent installer:
-
Select
Copy link
.
A Copy Download Link dialog is displayed, which contains a URL link to the Agent installation file:
-
Select
COPY
.
The download link is copied to your clipboard.
- Paste the link into a web browser and follow the instructions to install.
note
Admin users can distribute this link to endpoint device users for direct installation of the Agent. Additionally, you can use the same link for mass deployment tools.
-
Select
Copy link
.
-
Download the installer file:
-
Select
Download
.
The Agent installation file is downloaded to your local device.
warning
Do not rename the downloaded Agent installation file.
- After the download is complete, open the installation file and follow the instructions to install.
-
Select
Download
.
-
Obtain a download link URL for the Agent installer:
After the installation is complete, depending on the security posture of your macOS device, the Agent may require additional Privacy & Security settings enabled. This is identified by the Coro Agent notification:
For example, macOS can require you to explicitly allow the Coro Endpoint Protection app to function:
Select Allow to enable the app.
In addition, macOS may block the Coro Agent from access to data on your device hard disk:
Enable Full Disk Access for the CoroService.
After the installation and security configuration is complete, the Agent may download additional updates:
After the installation and update process is complete, you can open the Agent from the macOS menu bar:
note
After the installation is complete, ensure you disable any firewall rules that may interfere with Coro Agent connectivity.