Macintosh Configuration Management Will Jorgensen 1.
-
Upload
cecil-berry -
Category
Documents
-
view
223 -
download
0
Transcript of Macintosh Configuration Management Will Jorgensen 1.
![Page 1: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/1.jpg)
Macintosh Configuration Management
Will Jorgensen
1
![Page 2: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/2.jpg)
2
Overview
![Page 3: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/3.jpg)
In the beginning…
3
![Page 4: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/4.jpg)
4
Imaging is our Foundation
Apple Software RestoreMac OS X Baseline ConfigurationNetwork Registration & MHP Setup
CIS Benchmark http://www.cisecurity.org/bench_osx.html
Apple Security Configuration Guide http://images.apple.com/server/macosx/docs/Leopard_Security_Config_2nd_Ed.pdf
![Page 5: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/5.jpg)
5
MHP Setup
![Page 6: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/6.jpg)
6
User takes over
Configure FileVaultInstall non-core applicationsSetup a backup strategy
![Page 7: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/7.jpg)
7
FileVault
Laptops and offsite computersSingle encryption key
/Library/Keychains/FileVaultMaster.keychain
Tightly controlled decryption key
![Page 8: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/8.jpg)
8
Installing Applications
PNNL InstallerUsers still administratorsMinimum required software
Symantec AntiVirusPNNL Configuration Tool
![Page 9: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/9.jpg)
9
Backup Policy
“Make backup copies of software, application, and data files. The frequency of the backup is based on the matter’s value, the frequency and volume of changes, and ease of restoration from loss or corruption. For example, data files that continually change should be backed up more frequently than static files or less dynamic data. For sensitive systems, backup requirements are established in computer security plans. For information on workstation backup services, see Data Backup Options on InfoSource.”
![Page 10: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/10.jpg)
10
Workstation Backup and Restore
File Share & Tri-BackupFlexibleBrowse in Finder
Time MachineEfficientFlexible
![Page 11: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/11.jpg)
11
Configuration Management
Apple Remote DesktopWorkgroup ManagerActive DirectoryMCM or the PNNL Configuration Tool
![Page 12: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/12.jpg)
12
Golden Triangle
Active Directory 2003User AccountsKerberos
Mac OS X ServerPreference ManagementWeb Services
![Page 13: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/13.jpg)
13
Apple Remote Desktop
ARD 3Help Desk ToolBack door
![Page 14: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/14.jpg)
14
Macintosh Configuration Management (MCM)
Server SideWeb server
Client SideShell scripts and applicationsChecks in every 60 minutes
![Page 15: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/15.jpg)
15
MCM Process Flow
![Page 16: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/16.jpg)
16
Challenges
Intermittent network connectionsSometimes things just don’t workAudit and EnforcementResource constraints
![Page 17: Macintosh Configuration Management Will Jorgensen 1.](https://reader035.fdocuments.in/reader035/viewer/2022062308/56649da75503460f94a92cd3/html5/thumbnails/17.jpg)
17
Enhancements
Manage Firewall SettingsStaff log in with user accountsFull disk encryptionInstaDMGConnected Backup