Security policies - Mandatory running apps

felixfx2
Here to help

Security policies - Mandatory running apps

Hi there,

 

Any folks managed to have it working?
i need to get a policy which checks for a service app (to be more accurate, one for each OS.)

 

when i set it up, it always fails 100% on all my 6.5K systems... 

 

Here's what the tooltip says

Devices must have all mandatory running proccess appear in their process list to be considered compliant. The format of apps for each device type is as follows:

OSX: QuickTime Player.app

Windows: services.exe

Wildcard matches can be made with a '*'. (e.g. service*, *vic*, and *s.exe would all match services.exe
5 Replies 5
felixfx2
Here to help

Anyone ? 

jared_f
Kind of a big deal

The processing policy never works for me. Is this a mandatory app that needs to be running? Why not just use a whitelist/blacklist to see if it is installed.

Find this helpful? Click the kudos button. Thanks!

@jared_f it never worked since day 1 for me (using meraki MDM for over a year).

Now getting asked to make it work... 

@jared_f it never worked since day 1 for me (using meraki MDM for over a year).

Now i have to make the policies compliant.

fiddles-itman
Comes here often

Felix, did you ever get this figured out? Trying to do the same as a prereq for deploying a VPN profile and despite the presence of the required apps on the test systems it isn't seeing them.

I don't know if I'm formatting the app names incorrectly or what. But here's a for instance:

Having it look for the Meraki SM app on a Mac, I can select the client and clearly see "Meraki Systems Manager Agent" on the list of installed applications.

I've tried all of these in a policy and they all show non-compliance:

OSX: Meraki Systems Manager Agent
OSX: Meraki Systems Manager Agent.app
OSX: Meraki*
OSX: m_agent (the running service name)

Same on a Windows test system when trying

Windows: Meraki*
Windows: m_agent_service
Windows: m_agent*

Wondering at this point if it's a bug and I should just contact support, but thought I'd check here before opening a case and see if I'm just doing something wrong.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels