Skip to main content

SentinelOne (macOS)

Description

SentinelOne is a cybersecurity company that specializes in endpoint security and threat intelligence. They provide a platform for autonomous endpoint protection that uses AI and machine learning to prevent, detect, and respond to a wide range of security threats, including malware, ransomware, and other cyberattacks.

This recipe will guide on how to setup and deploy to your macOS devices.

Ingredients

Directions

As of macOS Ventura (macOS 13+), Service Management Profile is required. This profile will prevent end users from disabling

Creating the SentinelOneInstallation daemons

The PKG installer, some have created the registration token file on their MacBook using Terminal. Using the SentinelOne script they provided; the output may be pathed onto the desktop. After executing the script with the output token, copy into the Fileset along with the PKG installer to allow successful installation.

Fileset:

  1. Download and upload SentinelOne profiles.

    profiles to FileWave Central
  2. UploadCreate a new Empty Fileset
In the Fileset, create a new folder under /usr/local/etc/FileWaveInstallers/ called SentinelOne and drop the PKG in. Create a plain text file, named com.sentinelone.registration-token, and copy only your Site/Group Token

Screenshot 2025-01-15 at 11.22.14 AM.png


Import the token file into the same SentinelOne folder as the PKG

Make sure the token file ownership is set to root:staff. You can change the ownership by selecting the file > Get Info > Ownership

Screenshot 2025-01-15 at 11.50.34 AM.png


Now we need to create a script to install SentinelOne, using the token to register.

In Admin, select the SentinelOne PKGFileset installer.
and then select 'Scripts' in the toolbar ShellCreate scripta fornew installingActivation Script, and paste the following. You will need to change the name of the PKG withto registrationwhat tokenyou have uploaded.
  
echo "token" > /Library/Application\ Support/FileWaveInstalles/com.sentinelone.registration-token
sudo /usr/sbin/installer -pkg /Library/Application\ Support/usr/local/etc/FileWaveInstallers/SentinelAgent_macos_version.SentinelOne/SentinelAgent_XXXX.pkg -target /

Video: Creating the Install Script

You're all set with the Installer! Now we need to import the Profiles.

Importing Profiles

Profile Metadata shown below

    Download the profiles attached to this article: SentinelOne_Profiles.zip DeployUnzip profilesthe to allow devices to set controldownload and permissions.import the profiles
    Video: Importing Profiles After profiles have been successfully installed,
    Now deploy PKGall installerProfiles with registrationthe token.Installer and SentinelOne will install with all permissions necessary.


    Profile Metadata

    Service Management Profile

    Service Management Profile

    SentinelOne_ServiceManagementProfile.png

    Privacy Control Configuration Profile

    TCC Profile

    SentinelOne_TCCProfile01.pngSentinelOne_TCCProfile02.png

    Network System Extension Profile

    Team Identifier: 4AYE5J54KN

    Allowed System Extensions: com.sentinelone.network-monitoring

    System Extension Profile

    SentinelOne_SystemExtensionProfile.png

    Web Content Filter Profile

    Network Filter Profile

    SentinelOne_WebContentFilterProfile.png

    Related Content

    Back to top