Updated Management of Firewall Payloads

 ㅤ   Two keys in the Firewall payload have changed:

• Ensure Firewall is configured to log; and

• Ensure detailed firewall logging.

Prior to macOS 12, these keys were set by the Kandji Agent. In macOS 12, these keys are set via MDM; on this version and later, on this version and later, the Kandji Agent is not able to set them due to security improvements within macOS.

With this change, if a device running macOS 11 or earlier has this profile and is then updated to macOS 12, Kandji will re-push the profile and include the new keys that are set by MDM; the keys will no longer be managed by the Kandji Agent. Administrators will notice an activity log entry for this action when Kandji automatically pushes down the Firewall profile.