Cisco AnyConnect (Secure Client) - VPN-клиент, который часто используется в корпоративных сетях для доступа к ресурсам организации.
В данном разделе будет показана типовая конфигурация профиля для развертывания ПО.
Профиль состоит из нескольких payload:
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1">
<dict>
<key>PayloadUUID</key>
<string>21503B7E-C942-4DE5-BC6F-36487A343088</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadOrganization</key>
<string>Shortcut</string>
<key>PayloadIdentifier</key>
<string>21503B7E-C942-4DE5-BC6F-36487A343088</string>
<key>PayloadDisplayName</key>
<string>Cisco AnyConnect</string>
<key>PayloadDescription</key>
<string/>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadUUID</key>
<string>FF0402D9-317E-4D49-B322-7009055C1AE9</string>
<key>PayloadType</key>
<string>com.apple.system-extension-policy</string>
<key>PayloadOrganization</key>
<string>Shortcut</string>
<key>PayloadIdentifier</key>
<string>FF0402D9-317E-4D49-B322-7009055C1AE9</string>
<key>PayloadDisplayName</key>
<string>System Extensions</string>
<key>PayloadDescription</key>
<string/>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>AllowUserOverrides</key>
<true/>
<key>AllowedSystemExtensions</key>
<dict>
<key>DE8Y96K9QP</key>
<array>
<string>com.cisco.anyconnect.macos.acsockext</string>
</array>
</dict>
<key>AllowedSystemExtensionTypes</key>
<dict>
<key>DE8Y96K9QP</key>
<array>
<string>NetworkExtension</string>
</array>
</dict>
</dict>
<dict>
<key>FilterDataProviderBundleIdentifier</key>
<string>com.cisco.anyconnect.macos.acsockext</string>
<key>FilterDataProviderDesignatedRequirement</key>
<string>anchor apple generic and identifier "com.cisco.anyconnect.macos.acsockext" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = DE8Y96K9QP)</string>
<key>FilterSockets</key>
<true/>
<key>FilterType</key>
<string>Plugin</string>
<key>PayloadDisplayName</key>
<string>Web Content Filter Payload</string>
<key>PayloadIdentifier</key>
<string>B894EE86-76B8-493E-8C17-124A7E774694</string>
<key>PayloadOrganization</key>
<string>Shortcut</string>
<key>PayloadType</key>
<string>com.apple.webcontent-filter</string>
<key>PayloadUUID</key>
<string>B894EE86-76B8-493E-8C17-124A7E774694</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PluginBundleID</key>
<string>com.cisco.anyconnect.macos.acsock</string>
<key>UserDefinedName</key>
<string>Cisco AnyConnect Content Filter</string>
<key>VendorConfig</key>
<dict>
<key>AutoFilterEnabled</key>
<string>false</string>
<key>FilterBrowsers</key>
<string>false</string>
<key>FilterGrade</key>
<string>firewall</string>
<key>FilterPackets</key>
<string>false</string>
<key>FilterSockets</key>
<string>true</string>
</dict>
</dict>
<dict>
<key>PayloadDisplayName</key>
<string>Notifications Payload</string>
<key>PayloadIdentifier</key>
<string>A3B0A0C9-9E52-41AF-A15F-329836CF600B</string>
<key>PayloadOrganization</key>
<string>Shortcut</string>
<key>PayloadType</key>
<string>com.apple.notificationsettings</string>
<key>PayloadUUID</key>
<string>A3B0A0C9-9E52-41AF-A15F-329836CF600B</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>NotificationSettings</key>
<array>
<dict>
<key>BundleIdentifier</key>
<string>com.cisco.anyconnect.notification</string>
</dict>
</array>
</dict>
</array>
</dict>
</plist>