Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiDLP Agent Deployment Guide

    Home FortiDLP Agent 12.1.0 FortiDLP Agent Deployment Guide
    12.1.0
    12.1.0
    12.0.5
    12.0.4
    12.0.2
    12.0.0
    11.5.1
    11.4.6
    11.4.5
    11.4.3
    11.4.2
    11.3.4
    11.3.3
    11.3.2
    11.2.3
    11.2.0
    11.1.2
    11.1.1
    11.0.1
    10.5.1
    10.4.0
    10.3.1

    Bulk deploying the FortiDLP Browser Extension to macOS

    Bulk deploying the FortiDLP Browser Extension to macOS

    Note

    This section provides information about the Arc, Brave, Firefox, Google Canary, Google Chrome, Microsoft Edge Chromium, and Vivaldi extensions. For details about the Safari extension, see Bulk deploying the FortiDLP Browser Extension for Safari to macOS.

    As detailed in Web monitoring, the FortiDLP Browser Extension allows the FortiDLP Agent to track users' web behavior and enforce browser-related policies—for example, to block malicious downloads.

    Refer to these instructions to install or uninstall the FortiDLP Browser Extension using Jamf Pro:

    Note

    After you install the extension, you must enable web monitoring via Agent configuration groups. For instructions, see the FortiDLP Administration Guide.
    Fortinet browser extension configuration profiles

    Our macOS accessory bundle, which you can download from the FortiDLP Console or access on a device's file system post Agent installation, includes configuration profiles that control the installation and uninstallation of the FortiDLP Browser Extension and manage optional browser settings.

    Profile

    Description

    browserInstallChromium.mobileconfig

    Provides settings for installing the Arc, Brave, Google Chrome, Google Chrome Canary, Microsoft Edge, and Vivaldi browser extensions.

    If you want to exclude specific browsers, you can modify this profile before uploading it to Jamf Pro.

    browserInstallFirefox.mobileconfig

    Provides settings for installing the Firefox browser extension.

    dnsOverHttps.mobileconfig

    Provides settings for disabling browsers' DNS-over-HTTPS (DoH) support.

    DNS lookups in a browser that supports DoH are encrypted and may not be monitored by the FortiDLP Agent. By default, DoH settings are not modified when you install the FortiDLP Browser Extension. Installing this profile explicitly disables browsers' DoH support.

    privateBrowsing.mobileconfig

    Provides settings for disabling private browsing.

    By default, private browsing is enabled when you install the FortiDLP Browser Extension. However, as private browsing activity cannot be monitored by the FortiDLP Agent, you can use this profile to disable this functionality.

    uninstallFirefoxExtension.mobileconfig

    Provides settings for uninstalling the Firefox browser extension.

    The way in which you use these profiles will depend on your existing Jamf Pro deployment setup. Below you will find general guidance for common deployment use cases. Refer to Jamf's documentation here for more information.

    Note

    We recommend signing profiles, as described in Apple's documentation here. For guidance with setting up self-signed certificates, see our article here.
    How to install the FortiDLP Browser Extension using an existing profile in Jamf Pro

    If you already use a configuration profile for managing other browser settings, such as extension installation or block lists, we recommend incorporating the relevant settings from our profiles into your existing profile, as follows.

    1. Do one of the following:
      • To download the macOS accessory bundle from the FortiDLP Console:
        1. On the left-hand sidebar, click .
        2. Under Agents, select the Agent deployment tab.
        3. In the Installers section:
          1. In the Operating system menu, select MacOS.
          2. In the Agent version menu, select the Agent version number.
          3. In the Artifact menu, select Accessory bundle.
          4. Click Download.
          5. Double-click the downloaded accessory bundle (ZIP file).
      • To access the macOS accessory bundle on the device:
        1. Go to /Library/Application Support/Ava/Reveal/.
        2. Double-click the accessory bundle (ZIP file).
        An agent-accessory directory is created in the Downloads directory.
    2. In Jamf Pro, go to Computers > Configuration Profiles.
    3. Click your existing profile.
    4. Click Edit.
    5. Copy the relevant payload information from our profiles into your own.
      Note

      You only need to copy a portion of the payload. For guidance, see macOS FortiDLP Browser Extension payload extracts.

    6. In the middle panel, select the Scope tab.
    7. Verify that the profile is properly scoped and is applied to all relevant devices.
    8. Click Save.
    9. Click Done.
    How to install the FortiDLP Browser Extension using a Fortinet profile in Jamf Pro
    1. Do one of the following:
      • To download the macOS accessory bundle from the FortiDLP Console:
        1. On the left-hand sidebar, click .
        2. Under Agents, select the Agent deployment tab.
        3. In the Installers section:
          1. In the Operating system menu, select MacOS.
          2. In the Agent version menu, select the Agent version number.
          3. In the Artifact menu, select Accessory bundle.
          4. Click Download.
          5. Double-click the downloaded accessory bundle (ZIP file).
      • To access the macOS accessory bundle on the device:
        1. Go to /Library/Application Support/Ava/Reveal/.
        2. Double-click the accessory bundle (ZIP file).
        An agent-accessory directory is created in the Downloads directory.
    2. In Jamf Pro, go to Computers > Configuration Profiles.
    3. Click Upload.
    4. Select one of the following profiles from the agent-accessory folder:
      • browserInstallChromium.mobileconfig (for Arc, Brave, Google Chrome, Google Chrome Canary, Microsoft Edge, and Vivaldi)
      • browserInstallFirefox.mobileconfig (for Firefox).
    5. Click Upload.
    6. In the middle panel, select the Scope tab.
    7. Verify that the profile is properly scoped and is applied to all relevant devices.
    8. Click Save.
    9. Click Done.
    10. Repeat as needed to install all available browser extensions.
    How to uninstall the FortiDLP Browser Extension using Jamf Pro
    1. In Jamf Pro, go to Computers > Configuration Profiles.
    2. Click the profile you used to previously install the browser extension that you now want to remove. If you uploaded our configuration profiles, their default display names are:

      • FortiDLP Agent Browser Extension Install Chromium (for Arc, Brave, Google Chrome, Google Chrome Canary, Microsoft Edge, and Vivaldi)

      • FortiDLP Agent Browser Extension Install Firefox (for Firefox).

    3. Click Delete.
    4. In the dialog box, click Delete.
    5. If you are uninstalling the Firefox browser extension, also do the following:
      1. Click Upload.
      2. Select the uninstallFirefoxExtension.mobileconfig profile from the agent-accessory folder.
      3. Click Upload.
      4. In the middle panel, select the Scope tab.
      5. Verify that the profile is properly scoped and is applied to all relevant devices.
      6. Click Save.
      7. Click Done.
    Previous
    Next

    Bulk deploying the FortiDLP Browser Extension to macOS

    Bulk deploying the FortiDLP Browser Extension to macOS

    Note

    This section provides information about the Arc, Brave, Firefox, Google Canary, Google Chrome, Microsoft Edge Chromium, and Vivaldi extensions. For details about the Safari extension, see Bulk deploying the FortiDLP Browser Extension for Safari to macOS.

    As detailed in Web monitoring, the FortiDLP Browser Extension allows the FortiDLP Agent to track users' web behavior and enforce browser-related policies—for example, to block malicious downloads.

    Refer to these instructions to install or uninstall the FortiDLP Browser Extension using Jamf Pro:

    Note

    After you install the extension, you must enable web monitoring via Agent configuration groups. For instructions, see the FortiDLP Administration Guide.
    Fortinet browser extension configuration profiles

    Our macOS accessory bundle, which you can download from the FortiDLP Console or access on a device's file system post Agent installation, includes configuration profiles that control the installation and uninstallation of the FortiDLP Browser Extension and manage optional browser settings.

    Profile

    Description

    browserInstallChromium.mobileconfig

    Provides settings for installing the Arc, Brave, Google Chrome, Google Chrome Canary, Microsoft Edge, and Vivaldi browser extensions.

    If you want to exclude specific browsers, you can modify this profile before uploading it to Jamf Pro.

    browserInstallFirefox.mobileconfig

    Provides settings for installing the Firefox browser extension.

    dnsOverHttps.mobileconfig

    Provides settings for disabling browsers' DNS-over-HTTPS (DoH) support.

    DNS lookups in a browser that supports DoH are encrypted and may not be monitored by the FortiDLP Agent. By default, DoH settings are not modified when you install the FortiDLP Browser Extension. Installing this profile explicitly disables browsers' DoH support.

    privateBrowsing.mobileconfig

    Provides settings for disabling private browsing.

    By default, private browsing is enabled when you install the FortiDLP Browser Extension. However, as private browsing activity cannot be monitored by the FortiDLP Agent, you can use this profile to disable this functionality.

    uninstallFirefoxExtension.mobileconfig

    Provides settings for uninstalling the Firefox browser extension.

    The way in which you use these profiles will depend on your existing Jamf Pro deployment setup. Below you will find general guidance for common deployment use cases. Refer to Jamf's documentation here for more information.

    Note

    We recommend signing profiles, as described in Apple's documentation here. For guidance with setting up self-signed certificates, see our article here.
    How to install the FortiDLP Browser Extension using an existing profile in Jamf Pro

    If you already use a configuration profile for managing other browser settings, such as extension installation or block lists, we recommend incorporating the relevant settings from our profiles into your existing profile, as follows.

    1. Do one of the following:
      • To download the macOS accessory bundle from the FortiDLP Console:
        1. On the left-hand sidebar, click .
        2. Under Agents, select the Agent deployment tab.
        3. In the Installers section:
          1. In the Operating system menu, select MacOS.
          2. In the Agent version menu, select the Agent version number.
          3. In the Artifact menu, select Accessory bundle.
          4. Click Download.
          5. Double-click the downloaded accessory bundle (ZIP file).
      • To access the macOS accessory bundle on the device:
        1. Go to /Library/Application Support/Ava/Reveal/.
        2. Double-click the accessory bundle (ZIP file).
        An agent-accessory directory is created in the Downloads directory.
    2. In Jamf Pro, go to Computers > Configuration Profiles.
    3. Click your existing profile.
    4. Click Edit.
    5. Copy the relevant payload information from our profiles into your own.
      Note

      You only need to copy a portion of the payload. For guidance, see macOS FortiDLP Browser Extension payload extracts.

    6. In the middle panel, select the Scope tab.
    7. Verify that the profile is properly scoped and is applied to all relevant devices.
    8. Click Save.
    9. Click Done.
    How to install the FortiDLP Browser Extension using a Fortinet profile in Jamf Pro
    1. Do one of the following:
      • To download the macOS accessory bundle from the FortiDLP Console:
        1. On the left-hand sidebar, click .
        2. Under Agents, select the Agent deployment tab.
        3. In the Installers section:
          1. In the Operating system menu, select MacOS.
          2. In the Agent version menu, select the Agent version number.
          3. In the Artifact menu, select Accessory bundle.
          4. Click Download.
          5. Double-click the downloaded accessory bundle (ZIP file).
      • To access the macOS accessory bundle on the device:
        1. Go to /Library/Application Support/Ava/Reveal/.
        2. Double-click the accessory bundle (ZIP file).
        An agent-accessory directory is created in the Downloads directory.
    2. In Jamf Pro, go to Computers > Configuration Profiles.
    3. Click Upload.
    4. Select one of the following profiles from the agent-accessory folder:
      • browserInstallChromium.mobileconfig (for Arc, Brave, Google Chrome, Google Chrome Canary, Microsoft Edge, and Vivaldi)
      • browserInstallFirefox.mobileconfig (for Firefox).
    5. Click Upload.
    6. In the middle panel, select the Scope tab.
    7. Verify that the profile is properly scoped and is applied to all relevant devices.
    8. Click Save.
    9. Click Done.
    10. Repeat as needed to install all available browser extensions.
    How to uninstall the FortiDLP Browser Extension using Jamf Pro
    1. In Jamf Pro, go to Computers > Configuration Profiles.
    2. Click the profile you used to previously install the browser extension that you now want to remove. If you uploaded our configuration profiles, their default display names are:

      • FortiDLP Agent Browser Extension Install Chromium (for Arc, Brave, Google Chrome, Google Chrome Canary, Microsoft Edge, and Vivaldi)

      • FortiDLP Agent Browser Extension Install Firefox (for Firefox).

    3. Click Delete.
    4. In the dialog box, click Delete.
    5. If you are uninstalling the Firefox browser extension, also do the following:
      1. Click Upload.
      2. Select the uninstallFirefoxExtension.mobileconfig profile from the agent-accessory folder.
      3. Click Upload.
      4. In the middle panel, select the Scope tab.
      5. Verify that the profile is properly scoped and is applied to all relevant devices.
      6. Click Save.
      7. Click Done.
    Previous
    Next