There are a number of MDM solutions that can achieve basic Mac deployment & can work with DEP, but Jamf is especially strong around third party application deployments (Abode, Office etc), scripting (very important in educational environments) & day zero device compatibility.
I think you will find Meraki SM to be rather limited when it comes to macOS management. There are not many pieces that SM can handle for Macs and I've not found anyone who has pulled off a "touchless" DEP Mac deployment with SM as others have for Jamf/AirWatch.
Mac deployment with Jamf, DEP and more
@RobertWPS Meraki SM is getting some great updates to Mac management and I think you are going to be surprised. DEP enrollment with Meraki SM is fully capable and I am (and a few others here) using the beta software for deploying the agent via DEP and the improved software management. This new feature I am using in beta has been great with software deployment.
Pretty much just looking to do a deployment process including an IT dept management account for ARD, pre-load printers, turn off sharing, pre load software (browsers etc). We are a Google school so very minimal configuration, but still don't want to just hand them over out of the box without at least some TLC.
The second level of training in the IT series is the Apple Deployment and Management course, which covers how to configure, manage, and secure Apple products using mobile device management (MDM). Through an estimated 13 hours of content, users will cover developing a deployment strategy, using Apple Business Manager and Apple School Manager, and configuring devices with an MDM solution. Upon successful completion of the exam, users will receive the Apple Certified IT Professional certification.4
Apple has also partnered with the Mac Admins Foundation to ensure additional access to the new Apple exams. With underwriting from Apple, the foundation will offer vouchers to applicants with financial need. As a new 501(c)(3) organization, two key tenets of the Mac Admins Foundation are making a welcoming and accessible organization to expand the profession, and maintaining affordable access to all community resources. For more details and to apply, visit macadmins.org.
Apps must support Modern Authentication: To secure Microsoft Office apps with this Device Trust solution they must be enabled to support Modern Authentication. For more information, see the Microsoft article How modern authentication works for Office 2013 and Office 2016 client apps. Also see Office 365 Client Access Policies.
During deployment, the Okta Device Registration Task publishes logs in Jamf at three log levels (INFO, WARN, ERROR). To diagnose deployment issues, Jamf administrators can view deployment logs on a policy or individual computer basis. To generate more granular logs, use the verbose option as the Parameter Value in Jamf Pro.
Choosing the right deployment model for your institution is key. It will affect how you deploy additional devices in future, as well as how you support and manage your users and tech. At Sync, we work with you to create a deployment plan that suits your needs.
When managing a device locally with Apple Configurator or iMazing, the features above are only available if the supervising organization is properly configured in these solutions. Please refer to the documentation for more information:
If a device is supervised and the supervising organization properly configured in Apple Configurator or iMazing, pairing may be established directly when connecting the device via USB, without unlocking the device. In recent years, iOS has become even more secure thanks to the following restrictions:
? iMazing itself is not an MDM solution, but is often used in conjunction with one to manage data and backups. iMazing Configurator features dedicated tools to speed up MDM enrollment, see the Host-Assisted Enrollment section below for more info.
iMazing Configurator can help with achieving zero-touch configuration of AED devices, saving administrators precious time by taking care of installing a Wi-Fi profile, and advancing the iOS setup assistant as much as possible. Read the MDM and ADE section of the following article for more information: -blueprints#mdm-ade
It supports only Apple devices, pricing may give me second thoughts going over 10 users (we will want to retain the software but some competitor may become more interesting).It does integrate a lot of features and software that can be installed automatically on computers, however it does not support ALL the software we wish to see. It also does not include (as yet) device location tracking or some "smart" features such as automatically enforcing updates within X days for vulnerable softwares (for example some Chrome updates are "cosmetic" but some do fix security issues and it would be great to see them automatically enforced without manual action). Still... quite sure these will come in time!
The biggest issues I have encountered come with the implementation of profiles in FS and the lack of custom package deployment. The approve and assign process could definitely use some streamlining as it's a few steps to get things how I like them. The Global Profile is not useful for me as there are a lot of different subsets of devices. This is further compounded by the inability to assign multiple profiles which I would find very useful in an enterprise settings (tailoring devices by department and/or geographic location).As for the applications catalog, it's got some standards in there, but it is very limited. Without the ability deploy custom packages and now whitelist KEXT unless it's in the FS catalog, it really defeats a lot of convenience of an MDM
Comentarios:We needed to ensure our fleet of Mac computers were kept up to date with both OS and applications to meet our security certification requirements. Whilst some solutions are heavyweight, Fleetsmith is simple to set up, simple to manage and lets us be sure our computers are compliant. Zero touch deployments when combined with Apple's DEP was the icing on the cake!
Comentarios:We are a small digital healthcare company. Despite being small, we need to have a very strong security posture for our clients. Fleetsmith makes compliance with various checklists easy, and reporting and visibility comes basically for free.We are lucky that we have an all Mac fleet, but the combination of Fleetsmith and all Macs is a delightful IT deployment environment.
-Integration of Gsuite with Fleetsmith-Simple deployment, can get MDM certificate and whole account up and running within 30 mins-Get you SOC 2 compliant-Dashboard, new and really easy to see major areas of concern-Easy to use even for non-IT staff-Fantastic support team when we need assistance or would like to see upgrades and enhancements-Top notch security 2ff7e9595c
Commentaires