Solutions
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Extend Fleet
Integrate your favorite tools with Fleet.
Customers
Stripe + Fleet
Stripe consolidates multiple tools with Fleet.
Foursquare + Fleet
Foursquare quickly migrates to Fleet for device management.
What people are saying
Stories from the Fleet community.
More
Checks that a mobile device management (MDM) solution configures the Mac to log firewall activity.
Create or edit a configuration profile with the following information:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>EnableFirewall</key>
<true/>
<key>EnableLogging</key>
<true/>
<key>PayloadDisplayName</key>
<string>Firewall</string>
<key>PayloadIdentifier</key>
<string>com.apple.security.firewall.E91C28D7-A35F-44DF-8656-07C738F8946E</string>
<key>PayloadType</key>
<string>com.apple.security.firewall</string>
<key>PayloadUUID</key>
<string>E91C28D7-A35F-44DF-8656-07C738F8946E</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>Enable firewall logging</string>
<key>PayloadIdentifier</key>
<string>com.fleetdm.enableFirewallLogging.A97BF2B6-968B-4C9B-B02C-331595377934</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>A97BF2B6-968B-4C9B-B02C-331595377934</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
Create or edit the following script and configure it to run when the check fails:
Use the policy below to verify:
SELECT 1 FROM managed_policies WHERE domain='com.apple.security.firewall' AND name='EnableLogging' AND value='1' LIMIT 1;
PowerShell commands are currently work in progress, contributions welcome.
Bash commands are currently work in progress, contributions welcome.