To enable the configuration deployment without requiring user approval of the network extension, configure the custom settings payload.
Procedure
- Enter custom in the search text box of the device configuration profile.
- Select Custom Settings and click Configure.
- Copy and paste the following custom XML for the sensor's network extension.
This setup grants System Extensions the ability to Filter Network Content by using a Web Content Filter configuration profile.Example of a custom settings XML.
<dict> <key>FilterDataProviderBundleIdentifier</key> <string>com.vmware.carbonblack.cloud.se-agent.extension</string> <key>FilterDataProviderDesignatedRequirement</key> <string>identifier "com.vmware.carbonblack.cloud.se-agent.extension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "7AGZNQ2S2T"</string> <key>FilterPacketProviderBundleIdentifier</key> <string>com.vmware.carbonblack.cloud.se-agent.extension</string> <key>FilterPacketProviderDesignatedRequirement</key> <string>identifier "com.vmware.carbonblack.cloud.se-agent.extension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "7AGZNQ2S2T"</string> <key>FilterPackets</key> <true/> <key>FilterSockets</key> <true/> <key>FilterType</key> <string>Plugin</string> <key>PayloadDisplayName</key> <string>Web Content Filter</string> <key>PayloadIdentifier</key> <string>com.apple.webcontent-filter.71C289AC-7ACF-44BC-AB5E-580736C634DF</string> <key>PayloadType</key> <string>com.apple.webcontent-filter</string> <key>PayloadUUID</key> <string>71C289AC-7ACF-44BC-AB5E-580736C634DF</string> <key>PayloadVersion</key> <integer>1</integer> <key>PluginBundleID</key> <string>com.vmware.carbonblack.cloud.se-agent</string> <key>UserDefinedName</key> <string>Carbon Black Network Extension Filter</string> </dict> - Save the configuration profile.
