Install the DLP Agent for macOS
DLP administrators install agents to macOS endpoints manually or using deployment software. Symantec recommends that you install a subset of agents manually for testing purposes before deploying agents in your environment.
Before you begin the installation
These steps assume you have generated the agent installation package and completed installation prerequisites. See Generate the agent installation packages and Complete macOS Endpoint Agent Installation Prerequisites.
InstallUpgrade the DLP Agent for Mac manually
Install
Upgrade
the DLP Agent for Mac manuallyThis section provides steps for
installing
upgrading
the DLP Agent for Mac manually. If you do not plan to test the agent installation package, you install Mac agents using MDM software.- Locate the agent installation package ZIP (AgentInstaller_Mac64.zip), and unzip it to the Mac endpoint.Unzip the file to/tmp/MacInstaller.If you are running macOS 10.15.x and later, Symantec recommends that you unzip the file contents to the/tmp/MacInstallerfolder. macOS prevents the installation from running at locations likeDownloads,Documents, and etc.
- InstallUpgradethe Mac Agent from the command line using the Terminal application.Run the following command on the target endpoint:$ sudo sh install_agent.shReplace/tmp/MacInstallerwith the path where you unzipped the agent installation package.
- (Optional) Review information about the Mac agent installation.
Install the DLP Agent for macOS Using Deployment Software
You can use a silent installation process by using mobile device management software (MDM) to
install
DLP Agents to endpoints. You must always install the agent installation package from a local directory. If you do not install from a local directory, some functions of the DLP Agent are disabled.The steps to install the agent using MDM profiles use Jamf as an example. The steps differ if you use a different MDM tool.
- Move the macOS endpoint agent installation package to a local machine.
- Build aPKGfile using the Jamf Composer tool by completing the following steps:
- Define a location (for example,/Users/) that all endpoints that are targeted for the installation can access. When you deploy the package, the MDM software pushes the package to the location you define. The following example shows the location.PKG file on local machine

- Open the Jamf composer and drag theAgentInstaller_Mac64folder to theComposerwindow.
- Set executable permissions (model: 755) for the folder-based settings listed in the following table:Executable permissionsUserRWXOwnerEnabledEnabledEnabledGroupEnabledDisabledEnabledEveryoneEnabledDisabledEnabled
- SelectApply to All Enclosed Items.
- ClickBuild As PKGand select a location where you want to save the file.
- Configure the Jamf policy by completing the following steps:
- Log in to Jamf Pro web console.
- Go toAll Settings>Computer Managementand clickPackages.
- ClickNew. The following screen appears.New Package

- Enter a name for the package in theDisplay Namefield.
- ClickChoose File, select the PKG file that you created using the Jamf composer, and clickSave.After you save the package, it starts uploading to the cloud distribution point.
- When the package is uploaded successfully, go to thePoliciespage.
- ClickNew(in thePoliciessection) to create a deployment policy.
- Complete the following settings on theNew policypage:
- Enter a display name. For example, enterDLP agent.
- Set a trigger. For example, you can use recurrent check-in or based on the policy.
- SelectOnce per computerfor the execution frequency.
- ClickPackagesand clickConfigure. The package that you uploaded in step e displays.
- ClickAddand leave the remaining fields and selections default.The following graphic provides an example of what you see in your Jamf composer.Jamf Web Console Policies Example

- ClickFiles and Processes.
- Enter the following command in theExecute Commandfield:installer -pkg "/Users/AgentInstaller_Mac64/AgentInstall_15_8-15.8.00000.1234.pkg" -target /The path and file name are examples. Replace these values with those you defined in step 3.The following graphic provides an example of what you see in your Jamf composer.Jamf Web Console Execute Command Example

- Save the policy.The policy is triggered based on settings that you have defined. When the policy triggers, the macOS agent is installed.
- Confirm the deployment by completing the following steps:
- Go to the policy and click theLogsoption.
- Click theDetailsoption where the deployment details are listed.