Configuration profile for Kaspersky Endpoint Security 11 for Mac

• Kaspersky Endpoint Security 11.2.0 for Mac (version 11.2.0.185)
• Kaspersky Endpoint Security 11.1.0 for Mac (version 11.1.0.210)

The guide below is only applicable to JAMF- and macOS servers. For other servers, use this guide.

Before the remote installation of Kaspersky Endpoint Security for Mac, do the following:

• For version 11.1.0, download the KES_11_profile.zip archive. Extract and apply the configuration profile KES_11_profile.mobileconfig using the JAMF remote administration tool.
• For version 11.2.0:
  • Download the KES_11.2_ARM_profile.zip archive for devices with ARM architecture (M1). Extract and apply the configuration profile KES_11.2_ARM_profile.mobileconfig.
  • Download the KES_11_profile.zip archive for devices with 64-bit systems. Extract and apply the configuration profile KES_11_profile.mobileconfig using the JAMF remote administration tool.

  This will give the application:

  • Permission to install System Extensions and Network Extensions (Network Content Filtering) that are necessary for the successful installation of the application
  • Full Disk Access for the correct operation of File Threat Protection

  The configuration profile does not give permission to install the root certificate that is required to intercept HTTPS traffic. This permission can only be obtained locally on the device.

  The configuration profile has settings that can be performed only via User Approved Mobile Device Management (UAMDM). When you apply the configuration profile locally on the device, the following error occurs: "Profile installation failed. The profile must be a system profile. User profiles are not supported.” To avoid the error, use the remote management tool.

How to create configuration profile for Kaspersky Endpoint Security for Mac by yourself

What to do if you experience any issues