Users managing MacOS with Jamf seek a method to deploy the Forcepoint Endpoint through it as a means to bypass the need to permit the Endpoint kernel extension (kext) to be loaded per machine. As the Endpoint package is actually a two-in-one .zip file, this article describes a way to accomplish this.

Note These instructions will work for the DLP and Web Endpoint. Use whatever flags or context paths are needed to run in a command line installation within the script.

When using jamf, it can be helpful to know what build of the Endpoint is currently installed on the machines in order to push out upgrades only to computers that need them. Apart from pulling the information from the Endpoint Status page or a ClientInfo output, the following command can also be used:

awk -F "[<>]" '/CFBundleShortVersionString/ {getline;print $3;exit}' /Library/PreferencePanes/Forcepoint.prefPane/Contents/Info.plist

To deploy a Forcepoint Endpoint to MacOS users using Jamf, the first requirement is to prepare an Endpoint package:

1. Download the Forcepoint Package builder for the Endpoint version to be used in the environment. 
   1. Go to https://support.forcepoint.com/Downloads.
   2. Click All Downloads.
   3. Go to the Endpoint Security section and select the desired version
   4. Select the Endpoint Package Builder to be downloaded.
   5. Scroll to the bottom of the page and click Download.
2. Create the package. On the installer page where the download began, the Installation Guide contains instructions to guide through the process.

Important The steps below are not supported by Forcepoint Technical Support for case troubleshooting. For any questions regarding using Casper or Jamf, contact Jamf Nation. For any questions regarding MacOS, contact Apple. 

1. Once the package is built with the Forcepoint Package builder, upload the file using Casper admin. For information, see the Jamf Pro Administrator's Guide for the version in use.
2. Create a policy to deploy the ZIP archive, ideally with a smart or static group.
3. Make a second policy that looks for the package already installed that runs a bash script to run the installer with the sudo prefix:

sudo unzip ./FORCEPOINT-ONE-ENDPOINT-Mac.zip

sudo installer -package ./EndpointInstaller/WebsenseEndpoint.pkg -target /

Note Update the paths or file names as needed. Include the necessary HWSconfig.xml if a Web Endpoint is involved as well

WebsenseEndpoint.pkg (not WebsenseEPClassifier.pkg) contains the installer and will call on the other files from the zip, so run the command inside the directory where the zip has been extracted.


Keywords: DLP Endpoint; MACOS; JAMF; CASPER; APPLE; Forcepoint One Endpoint; Endpoint Deployment; Jamf Network Deployment; Distribution Tool Tutorial; Mac SCCM; Kernel Signing; Endpoint Install;