Remote installation

Before installation

ESET Endpoint Antivirus for macOS requires privileges settings that prevent it from being fully installed remotely without your device being enrolled in MDM. If your device is enrolled in MDM, you can use the MDM to distribute these settings via configuration profiles. If your device is not enrolled in MDM, these privileges settings must be allowed manually on each computer.

If you are using Jamf, you can also see our Jamf specific guide.

Setting configuration profiles for ESET Endpoint Antivirus for macOS

Before installing ESET Endpoint Antivirus for macOS, you must enable the following settings on targeted computers:

oESET system extensions
If ESET system extensions are not enabled before the installation, users will receive System extensions blocked notifications until the ESET system extensions are enabled.

oFull disk access
If full disk access is not enabled before the installation, users will receive Your computer is partially protected notifications until the full disk access is enabled.

oWeb and Email protection
You must add the Web and Email protection configuration to the system settings for Web and Email protection to function.
If the Web and Email protection configuration is missing after the ESET Endpoint Antivirus for macOS installation, users will receive "ESET Endpoint Antivirus for macOS" Would Like to Filter Network Content. When they receive this notification, click Allow. If they click Don't Allow, Web and Email protection will not work.

To enable the ESET settings above remotely, your computer must be enrolled with an MDM (Mobile Device Management) server, such as Jamf.

Enable ESET system extensions

To enable system extensions on your device remotely, perform one of the following actions before the installation:

oDownload the .plist payload. Create a configuration profile in your MDM using the .plist payload.

oCreate a configuration profile in your MDM using the following settings:

Team identifier (TeamID)	P8DQRXPVLP
Bundle identifier (BundleID)	com.eset.endpoint com.eset.network

Enable full disk access

To enable full disk access remotely, perform one of the following actions before the installation:

oDownload the .plist payload file for ESET Endpoint Antivirus for macOS. Create a configuration profile in your MDM using the .plist payload.
If your device is managed by ESET PROTECT On-Prem or ESET PROTECT, you need to enable full disk access for ESET Management Agent as well. Download the .plist payload file for ESET Management Agent.

oCreate a configuration profile using the following settings:

ESET Endpoint Antivirus
Identifier	com.eset.eea.g2
Identifier Type	bundleID
Code Requirement	identifier "com.eset.eea.g2" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
App or Service	SystemPolicyAllFiles
Access	Allow

Identifier	com.eset.endpoint
Identifier Type	bundleID
Code Requirement	identifier "com.eset.endpoint" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
App or Service	SystemPolicyAllFiles
Access	Allow

On macOS 12 Monterey and later
Identifier	com.eset.app.Uninstaller
Identifier Type	bundleID
Code Requirement	identifier "com.eset.app.Uninstaller" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
App or Service	SystemPolicyAllFiles
Access	Allow

ESET Management Agent
Identifier	com.eset.remoteadministrator.agent
Identifier Type	bundleID
Code Requirement	identifier "com.eset.remoteadministrator.agent" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
App or Service	SystemPolicyAllFiles
Access	Allow

After allowing full disk access and system extensions remotely, in System Settings > Privacy & Security, these settings might appear disabled. If ESET Endpoint Antivirus for macOS does not display any warnings, full disk access and system extensions are allowed, regardless of their status in System Settings > Privacy & Security.

Web and Email protection

To add Web and Email protection configuration to system settings remotely, perform one of the following actions before the installation:

oDownload the .plist payload file. Create a configuration profile in your MDM using the .plist payload. Your computer must be enrolled in the MDM server to deploy configuration profiles to those computers.

oTo create a configuration profile, create a VPN type configuration profile with the following settings:

VPN type	VPN
Connection type	Custom SSL
Identifier for the custom SSL VPN	com.eset.network.manager
Server	localhost
Provider Bundle Identifier	com.eset.network
User authentication	Certificate
Provider Type	App-proxy
Provider Designated Requirement	identifier "com.eset.network" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = P8DQRXPVLP
Enable VPN on Demand	✓
On Demand Rules Configuration XML	<array> <dict> <key>Action</key> <string>Connect</string> </dict> </array>
Idle Timer	Do not disconnect
Proxy Setup	None

In case you are upgrading ESET Endpoint Antivirus for macOS from version 6 to version 7, leave Enable VPN on Demand field unchecked. This will also disable section On Demand Rules Configuration XML, which is expected.

Web and Email protection configuration is removed after uninstalling ESET Endpoint Antivirus for macOS. If you need to uninstall and install ESET Endpoint Antivirus for macOS, you need to deploy the Web and Email protection configuration to the target computer after the uninstallation again.

˄˅