To enable the configuration deployment without requiring user approval of the network extension, create the following payload.

Procedure

  1. Set the Filter Name: 
    VMware Carbon Black Cloud Network Extension Filter.
  2. Set the Identifier: 
    com.vmware.carbonblack.cloud.se-agent
  3. Set the Socket Filter Bundle Identifier: 
    com.vmware.carbonblack.cloud.se-agent.extension
  4. Set the Socket Filter Designated Requirement: 
    identifier "com.vmware.carbonblack.cloud.se-agent.extension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "7AGZNQ2S2T"
  5. Set the Network Filter Bundle Identifier: 
    com.vmware.carbonblack.cloud.se-agent.extension
  6. Set the Network Filter Designated Requirement: 
    identifier "com.vmware.carbonblack.cloud.se-agent.extension" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "7AGZNQ2S2T"
  7. Save the configuration profile.
    Example:
    The content filter panel
    Content Filter Example displaying the socket and network filter fields