Plans are comprehensive macOS security configurations that are deployed to computers as configuration profiles.
You can do the following using a plan:
Configure your threat prevention strategy for macOS
Add analytic sets to your legacy threat prevention strategy
Add a telemetry configuration
Add a removable storage control set
Enable compliance baseline reporting
Enable automatic Jamf Protect agent updates
Configure communications protocol
Configure log level
Add exception sets
Pair a plan with an action configuration
Configure computer check-in information
Do not deploy more than one plan to a single device. Doing so can cause a mismatch between the plan's bootstrap token and configuration profile. This mismatch can cause issues with communication and undesired behaviors.
In an organization with software engineering and finance departments, you can create the following plans to target specific groups:
- Engineering Plan —
Disables analytics that track and report certain commands (sudo, curl, etc.) that are commonly executed by software engineers.
- Finance Plan —
Enables analytics that track and report certain commands (sudo, curl, etc.) by finance and accounting employees.