> Additional tools > Apple Mac device management > Mac management > Patch and compliance

Patch and compliance for Macintosh devices

Patch and Compliance is a complete, integrated security solution that helps you protect your Macintosh devices from a wide range of prevalent security risks. The tool allows you to manage security and patch content, scan devices, use patches, and remediate devices.

Configure Macintosh devices for security scanning and remediation

Security functionality is included as part of the standard LANDESK agent for Macintosh devices. It allows you to scan managed Macintosh devices for vulnerabilities, and perform remediation by deploying patches or software updates.

Launching the scanner for Macintosh devices

You can launch the scanner from the console or manually on the client machine.

To run a compliance scan from the LANDESK Management Console
  1. Click Tools > Security and Compliance > Patch and compliance.
  2. Click the Create a task button on the toolbar, and select Compliance scan.
  3. Type a name for the task and select Create a scheduled task or Create a policy, depending on how you want to run the scan.
  4. In the Scheduled tasks tool, select the task and click the Properties button on the toolbar.
  5. Specify the scan options. On the Custom script page you'll specify the details of the compliance scan.

For details on creating a compliance scan task, see Create a patch and compliance scan task

NOTE: When you define settings for a compliance scan, some functionality is not available for managed Macintosh devices. Point to items in each page of the dialog box; a message indicates when an item is not available for Macintosh scans.

To launch the security scanner on a Macintosh client
  1. Open the Mac OS X System Preferences on the target device and select the LANDESK Client panel.
  2. On the Overview tab, click Check Now in the Security and Patch Manager section.

Blocking applications for Macintosh devices

You can use the Management Suite Patch and Compliance tool to block applications on managed Macintosh devices. This functionality works the same way as it does for Windows devices, except that no pre-defined blocked content is available for Macintosh devices.

You can block only .app files on managed Macintosh devices. In order to block specific applications, you must create a custom definition for each blocked application. When creating the custom definition, be sure to select Apply to Mac.

 


Was this article useful?    

The topic was:

Inaccurate

Incomplete

Not what I expected

Other