Sophos Central Endpoint for Mac granting full disk access and network extension permissions using Manage engine MDM.

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.


Note:

Before following this article, make sure that your Mac devices are enrolled with manage engine MDM; if you have not enrolled your devices yet, then you can follow these instructions to Enrol your devices. https://www.manageengine.com/mobile-device-management/help/enrollment/device_enrollment.html
Also, Download a fresh Sophos endpoint Mac installer from Sophos central.

 

Step 1 - Create a custom profile

  • Login to Endpoint Central.
  • Click on Management → Profiles → Create profile → MacOS.

  • On the next screen give your profile a name, Description and then click on continue.

 

  • Now select custom configuration from the left-hand side menu.

  • On the Custom Configuration profile screen, Click on “Browse”
    • Locate the Sophos endpoint mobileconfig files by navigating to this location.
    • SophosInstall → Deployment Tools → Sophos Endpoint → <select the profile according to your OS>

 

  • After uploading the profile, click save.

Step 2 - Associate the profile

  • Go to Management → Groups & Devices → click on Groups/Devices.
  • Now select the Groups/Users to which you want to apply this profile and then click on Actions → Associate Profile.

  • On the next screen, select the profile you created in the previous step and then click on Associate.

  • After this, the profile will be pushed to the selected Groups/users.

 

If you want to verify whether the profile has reached the device, go to System Settings → General → Device management and look for the profile you created.