Threat prevention consists of specific strategies that determine how Jamf Protect macOS Security handles malicious activity threatening your endpoints. Threat prevention strategies are comprised of multiple engines. The custom strategy can be independently configured to suit your security needs. You can configure each engine to control how potential threats are prevented and communicated.
The managed strategy is recommended for the majority of users who do not use customized threat prevention settings. The managed strategy provides the most comprehensive protection and ensures that you are always using the latest threat definitions.
The threat prevention strategies are described below.
- Managed
- The managed strategy enables all of the threat prevention engines that are currently supported and configures them to block malicious events and activities and send an alert by default. The managed engine is always up to date because existing engines are automatically updated with the latest threat definitions and new engines are automatically added upon release.
- Custom
- The custom strategy allows you to configure only the specific threat prevention engines that you require. The engines that are enabled are updated automatically. When new engines are added, they are not automatically enabled. For more information see Configuring a Custom Threat Prevention Strategy.
- Legacy
- The legacy option is comprised of Jamf Protect's prior threat prevention capabilities (advanced threat controls, tamper prevention, endpoint threat prevention, and custom analytics). This option is recommended for users who incorporate managed exceptions, custom analytic sets, and analytic remediation using smart groups in Jamf Pro.