Addigy provides a very flexible interface for installing software like Cylance, aka Dell Threat Defense.


Before Installing

With the advent of macOS 10.13 High Sierra, Apple introduced User Approved Kernel Extension Loading (UAKEL). This means that kernel extensions (also called kexts or security extensions) must be approved before they can be installed. To learn more about UAKEL, see some of Apple's documentation: Technical Note TN2459: User-Approved Kernel Extension Loading.


Because Cylance requires kexts to be installed, you will need to configure an MDM Profile and MDM Configuration for Kernel Extension Whitelist to bypass the user dialog that is normally required to approve a kext. For instructions on enabling these features within Addigy, see our support article: Addigy Mobile Device Management (MDM) Integration and Approved MDM Profiles.


If a valid Kernel Extension Whitelist has been deployed before installing the software, then users will not be prompted to approve any security extension and the installation will be completely silent.



Installing Cylance

Cylance requires a token passed to it during the installation that assigns the installed copy to an organization. This example will cover installing Cylance through Addigy that was sold through Dell Threat Defense.


First, download the Cylance install .pkg along with an install token.


Then, make a file called 'cyagent_install_token'. Make sure the file name is exact because it needs to be recognized by the installer. Each line of this file contains information for the installation. The first line should only contain the software token. The only lines in the file refer to specific settings with which Cylance will start. For instance, the VenueZone  setting is set to put this device into the 'Pilot Zone' which was being used in this instance for testing.



Now within Addigy, create a Custom Software item within Policies -> Catalog -> Custom Software by clicking Add Software +. You can learn more about creating Custom Software items in our Knowledgebase article Creating Custom Software.


Upload the Cylance.pkg and your cyagent_install_token, clicking on the Play button in order to generate the Installation Script as shown below.

Note: in this case, we've added redirection of standard output to /dev/null because the installation produced an error that was deemed not a problem in this 1.2.1402 version


Uninstalling

Uninstalling is quite simple as you only need execute a removal script from Addigy.  You can add this as a Predefined Command or in the Custom Software so if the machine is removed from the Addigy Policy enforcing Cylance or remove the Addigy agent from the machine, will gracefully uninstall Cylance and free up the license (obviously the Cylance vs Dell Threat Defense branded version will differ in file path):

/Applications/DellThreatDefense/Uninstall\ DellThreatDefense.app/Contents/MacOS/Uninstall\ DellThreatDefense --noui