macOS Agent: Configuring Zone-Based (URL) Decryption

Updated On 17 Oct 2020
1 Minute To Read

Print
Share
Dark

Light

This configuration relies on XPC Service to monitor designated folders and provides notifications to a configured host application (SecureCircle Agent). Read more about configuration source.

This script will monitor a provided path

<key>Paths</key>

recursively for files that have been downloaded (tagged) from a specific domain

<key>Zones</key>

and decrypt automatically using the SecureCircle Agent, based on their extension or matching RegEx expression

<key>Masks</key>

Required: Must provide the correct CircleID {SecureCircle_cirID} for files expected to be downloaded/decrypted.
SecureCircle Agent must be properly configured/registered with the target circle.

Begin by creating a configuration file using Terminal, like so--

Begin by creating a configuration file using Terminal, like so--
Set your working directory to the Preferences folder:

cd /Users/{current_user}/Library/Preferences

Create a configuration plist file (recommended to copy&paste as demonstrated)

defaults write com.securecircle.uspace.fhuser '<dict>
	<key>Monitoring</key>
	<dict>
		<key>Paths</key>
		<dict>
			<key>/Users/<username>/Downloads/destination_folder1</key>
			<dict>
				<key>CUUID</key>
				<string>{SecureCircle_cirID}</string>
				<key>Masks</key>
				<array>
					<string>{sample_extensions or RegEx}</string>
					<string>.*\.pptx$</string>
					<string>.*\.docx$</string>
					<string>.*\.xlsx$</string>
					<string>.*\.txt$</string>
				</array>
				<key>Zones</key>
				<array>
					<string>{sample_web_address or RegEx}</string>
					<string>.*dropbox.*</string>
					<string>.*salesforce.*</string>
				</array>
			</dict>
			<key>/Users/<username>/Downloads/destination_folder2</key>
			<dict>
				<key>CUUID</key>
				<string>{SecureCircle_cirID}</string>
				<key>Masks</key>
				<array>
					<string>{sample_extensions or RegEx}</string>
					<string>.*\.pdf$</string>
					<string>.*\.rtf$</string>
				</array>
				<key>Zones</key>
				<array>
					<string>{sample_web_address or RegEx}</string>
					<string>.*google.*</string>
					<string>.*example.*</string>
				</array>
			</dict>
		</dict>
	</dict>
</dict>'

Ensure your configuration plist was created correctly by reading the configuration and validating your set parameters

defaults read com.securecircle.uspace.fhuser
Example output from a configured system:

scvlad@Vlads-MBP Preferences % defaults read com.securecircle.uspace.fhuser
{
    Monitoring =     {
        Paths =         {
            "/Users/scvlad/Downloads/Test1" =             {
                CUUID = "{cirID_masked_for_example}";
                Masks =                 (
                    ".*\\\\.png$",
                    ".*\\\\.jpg$",
                    ".*\\\\.jpeg$",
                    ".*\\\\.plist$",
                    ".*\\\\.pdf$"
                );
                Zones =                 (
                    ".*dropbox.*",
                    ".*gofiles.*",
                    ".*dropmefiles.*",
                    ".*file-examples.*"
                );
            };
            "/Users/scvlad/Desktop/Important" =             {
                CUUID = "{cirID_masked_for_example}";
                Masks =                 (
                    ".*\\\\.pptx$",
                    ".*\\\\.docx$",
                    ".*\\\\.xlsx$",
                    ".*\\\\.pdf$"
                );
                Zones =                 (
                    ".*salesforce.*",
                    ".*onedrive.*"
                );
            };
        };
    };
}

Additional Reading

JAMF https://www.jamf.com/jamf-nation/articles/648/deploying-custom-configuration-profiles-using-jamf-pro

Was This Article Helpful?