Topic
This article provides a sample configuration for deploying common security software and streamlining the end-user experience for Bitdefender GravityZone.
Note that these configurations are provided as examples, and we recommend that you first consult the security tool's software documentation to ensure it is configured correctly.
Environment
- NinjaOne Mobile Device Management (MDM)
- Apple macOS
- NinjaOne Integrations
- Bitdefender
Description
Security tools and apps generally require you to apply various configurations during installation in order to function properly within a configured environment. When devices are managed by NinjaOne MDM, you can use NinjaOne to deploy these standard configurations.
Bitdefender Endpoint Security Tools for macOS
Deploy the following mobile configuration as a custom payload in your NinjaOne macOS policy to any devices that have the Bitdefender Endpoint Security Tools installed. As a reference, refer to Install security agents - Bitdefender use cases (external). For more information on MDM-enrolled macOS custom payloads, refer to NinjaOne Apple MDM Policy Settings: Custom Payloads.
This payload will configure the following:
Bitdefender GravityZone notifications are always visible.
Permissions to access All Files are automatically granted.
The system extension is automatically approved.
The web content filter is automatically configured.
Background processing is automatically approved and cannot be disabled.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>NotificationSettings</key>
<array>
<dict>
<key>BadgesEnabled</key>
<true/>
<key>BundleIdentifier</key>
<string>com.bitdefender.networkinstaller</string>
<key>CriticalAlertEnabled</key>
<true/>
<key>NotificationsEnabled</key>
<true/>
<key>ShowInCarPlay</key>
<false/>
<key>ShowInLockScreen</key>
<true/>
<key>ShowInNotificationCenter</key>
<true/>
<key>SoundsEnabled</key>
<true/>
</dict>
<dict>
<key>BadgesEnabled</key>
<true/>
<key>BundleIdentifier</key>
<string>com.bitdefender.epsecurity.BDLDaemonApp</string>
<key>CriticalAlertEnabled</key>
<true/>
<key>NotificationsEnabled</key>
<true/>
<key>ShowInCarPlay</key>
<false/>
<key>ShowInLockScreen</key>
<true/>
<key>ShowInNotificationCenter</key>
<true/>
<key>SoundsEnabled</key>
<true/>
</dict>
<dict>
<key>BadgesEnabled</key>
<true/>
<key>BundleIdentifier</key>
<string>com.bitdefender.EndpointSecurityforMac</string>
<key>CriticalAlertEnabled</key>
<true/>
<key>NotificationsEnabled</key>
<true/>
<key>ShowInCarPlay</key>
<false/>
<key>ShowInLockScreen</key>
<true/>
<key>ShowInNotificationCenter</key>
<true/>
<key>SoundsEnabled</key>
<true/>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>BitDefender Notifications</string>
<key>PayloadIdentifier</key>
<string>BitDefenderNotifications.2F7BD6A8-BB70-4815-9CD3-20738D98D9FB</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadType</key>
<string>com.apple.notificationsettings</string>
<key>PayloadUUID</key>
<string>2F7BD6A8-BB70-4815-9CD3-20738D98D9FB</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<dict>
<key>AllowUserOverrides</key>
<true/>
<key>AllowedTeamIdentifiers</key>
<array>
<string>GUNFMW623Y</string>
</array>
<key>PayloadDisplayName</key>
<string>BitDefender System Extensions</string>
<key>PayloadIdentifier</key>
<string>BitDefenderSystemExtensions.8B2ED92D-8D14-46B7-BE78-F339754917AB</string>
<key>PayloadType</key>
<string>com.apple.system-extension-policy</string>
<key>PayloadUUID</key>
<string>8B2ED92D-8D14-46B7-BE78-F339754917AB</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<dict>
<key>PayloadDisplayName</key>
<string>Privacy Preferences Policy Control</string>
<key>PayloadIdentifier</key>
<string>BitDefenderPreferences.D9C9D378-373D-4CA6-9557-CEE28F74AAB8</string>
<key>PayloadType</key>
<string>com.apple.TCC.configuration-profile-policy</string>
<key>PayloadUUID</key>
<string>D9C9D378-373D-4CA6-9557-CEE28F74AAB8</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>Services</key>
<dict>
<key>SystemPolicyAllFiles</key>
<array>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>anchor apple generic and identifier "com.bitdefender.epsecurity.BDLDaemonApp" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = GUNFMW623Y)</string>
<key>Identifier</key>
<string>com.bitdefender.epsecurity.BDLDaemonApp</string>
<key>IdentifierType</key>
<string>bundleID</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>identifier "com.bitdefender.EndpointSecurityforMac" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = GUNFMW623Y</string>
<key>Identifier</key>
<string>com.bitdefender.EndpointSecurityforMac</string>
<key>IdentifierType</key>
<string>bundleID</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>identifier BDLDaemon and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = GUNFMW623Y</string>
<key>Identifier</key>
<string>/Library/Bitdefender/AVP/BDLDaemon</string>
<key>IdentifierType</key>
<string>path</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
</array>
</dict>
</dict>
<dict>
<key>FilterPacketProviderBundleIdentifier</key>
<string>com.bitdefender.cst.net.dci.dci-network-extension</string>
<key>FilterPacketProviderDesignatedRequirement</key>
<string>anchor apple generic and identifier "com.bitdefender.cst.net.dci.dci-network-extension" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = GUNFMW623Y)</string>
<key>FilterPackets</key>
<true/>
<key>FilterSockets</key>
<false/>
<key>FilterType</key>
<string>Plugin</string>
<key>PayloadDisplayName</key>
<string>BitDefender Content Filter</string>
<key>PayloadIdentifier</key>
<string>BitDefenderContentFilter.CC9E7E68-2047-4C6E-B9ED-48A87BF86D31</string>
<key>PayloadType</key>
<string>com.apple.webcontent-filter</string>
<key>PayloadUUID</key>
<string>CC9E7E68-2047-4C6E-B9ED-48A87BF86D31</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PluginBundleID</key>
<string>com.bitdefender.epsecurity.BDLDaemonApp</string>
<key>UserDefinedName</key>
<string>Bitdefender</string>
</dict>
<dict>
<key>Rules</key>
<array>
<dict>
<key>RuleType</key>
<string>TeamIdentifier</string>
<key>RuleValue</key>
<string>GUNFMW623Y</string>
<key>Comment</key>
<string>Bitdefender Team ID</string>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>BitDefender Service Management</string>
<key>PayloadIdentifier</key>
<string>BitdefenderServiceManagement.E7E0CA13-E161-4BC0-9667-EF0523C5E9F9</string>
<key>PayloadUUID</key>
<string>E7E0CA13-E161-4BC0-9667-EF0523C5E9F9</string>
<key>PayloadType</key>
<string>com.apple.servicemanagement</string>
</dict>
</array>
<key>PayloadDescription</key>
<string>Bitdefender System Extensions, PPPC, Certificate, Notifications, and Network content filter</string>
<key>PayloadDisplayName</key>
<string>Bitdefender Settings</string>
<key>PayloadIdentifier</key>
<string>BitDefender.1205D7E4-D705-4F95-A17E-2C82BE56E27E</string>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>1205D7E4-D705-4F95-A17E-2C82BE56E27E</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>Additional Resources
Refer to the following resources to learn more about NinjaOne MDM: