Shipments of Mac endpoints are up, so it’s no wonder that Mac devices are more common among workers. I mainly find that Mac endpoints in a corporate setting are widely issued as corporate-owned devices or as a bring your own device.

With Citrix Endpoint Management, organizations can quickly deploy and support Mac at scale. Here are a few tips that will help you get the most out of your macOS deployment with Citrix Endpoint Management.

Integration and Setup

Deployment and management of macOS devices are similar to iOS. If you’re already using Citrix Endpoint Management to deploy and manage iOS devices, you likely have everything in place to manage and deploy macOS.

Identity Management

Did you know that you can integrate macOS management with Azure Active Directory to help manage identities and other corporate data?

Use Apple Business Manager/Apple School Manager

Apple has device enrollment programs for business and education accounts. These accounts require that you enroll in the Apple Deployment Program to use the Apple Business Manager (ABM) or Apple School Manager (ASM) for device enrollment, management, and app deployment within Citrix Endpoint Management. Once enrolled with Apple, you can integrate these services with Citrix Endpoint Management to begin deployment.

Deployment and Provisioning

Enrollment in Citrix Endpoint Management can sometimes be challenging when considering device refresh cycles or getting started. Independent of the ownership model, organizations can deploy Mac devices using Automatic Device Enrollment.

Automatic Enrollment Devices (Bulk Device enrollment)

As with iOS, organizations can use bulk enrollment (formerly known as Apple Device Enrollment Program or DEP) to enroll macOS devices. Automatic enrollment applies to devices purchased directly by the organization from Apple or a participating Apple authorized reseller. For help with bulk device enrollment, check out our documentation on bulk enrollment of Apple devices. The guidance there applies to Apple School Manager, as well.

Device Enrollment

Are you looking for something other than bulk enrollment? Check out our two enrollment types — enrollment invitation and manual enrollment. These two enrollment types help end-users make the enrollment process easy and on demand. See our documentation on enrolling macOS devices for more information.

Configuration Management

Admins can configure a series of policies tied to delivery groups to help ensure the endpoint’s configuration fits the organization’s standards. These macOS policies can be used in a user- or device-specific setting. You will want to review a list of our available policies. Our most common policies include:

Admins also have the option to import device configuration XML files for macOS devices into Citrix Endpoint Management. The file contains device security policies and restrictions that you can prepare with the Apple Configurator 2 or Profile Creator. See our import iOS & macOS Profile device policy documentation.

Application Distribution

To deploy your macOS apps, Citrix Endpoint Management provides two methods.

  • Enterprise App delivery (.pkg) — Admins can upload any line-of-business (enterprise) app to Citrix Endpoint Management. These enterprise apps reside on Citrix Endpoint Management servers and are delivered to your end user via our secure content delivery network (CDN). Point-of-presence locations are available worldwide, helping you provide the best download experience no matter where the user is located.
  • Volume purchase — This is where admins can take advantage of the benefits of ABM/ASM and deploy applications via the Apple Deployment Program.

Security

Citrix Endpoint Management can also help to keep corporate data secure through:

  • FileVault 2 disk encryption policies. These policies can help in the event your organization is required to deploy disk-based encryption, help users with key recovery, and even help with implement key rotation.
  • Password protection
  • Remote wipe
  • Firewall (Consider also deploying the available firewall policies available for macOS to help with firewall-specific settings.)

Day-to-Day Management

Monitor and Support

Citrix Endpoint Management has a built-in reporting structure to ensure users maintain the appropriate set of applications and settings.

The following pre-defined reports enable you to analyze your app and device deployments:

  • Total Apps Deployment Attempts
  • Apps by Platform
  • Apps by Type
  • Device Enrollment
  • Devices and Apps
  • Inactive Devices

Manage Software Updates

Citrix Endpoint Management also offers policies to help deploy operating system and application updates for macOS to help you keep devices up to date. See my other blog post on macOS updates, and check out our Distribute Apple apps documentation.

While I can’t cover everything we do for macOS, I hope this blog post will help with your deployment of macOS devices with Citrix Endpoint Management. Make sure to stay up to date with all things Citrix Endpoint Management on our What’s New page.