From 3e2d7d3e84cc1c7a1c3418f9c4a3f99f57a3ad3d Mon Sep 17 00:00:00 2001 From: natasha-moore-elastic Date: Thu, 21 Nov 2024 15:11:49 +0000 Subject: [PATCH] Removes content not applicable to serverless --- .../deploy-endpoint-macos-cat-mont.asciidoc | 18 +++--------------- .../deploy-endpoint-macos-ven.asciidoc | 17 ++--------------- 2 files changed, 5 insertions(+), 30 deletions(-) diff --git a/docs/serverless/edr-install-config/deploy-endpoint-macos-cat-mont.asciidoc b/docs/serverless/edr-install-config/deploy-endpoint-macos-cat-mont.asciidoc index 7173b63bda..fb4eb153d2 100644 --- a/docs/serverless/edr-install-config/deploy-endpoint-macos-cat-mont.asciidoc +++ b/docs/serverless/edr-install-config/deploy-endpoint-macos-cat-mont.asciidoc @@ -47,17 +47,17 @@ After successfully loading the {elastic-endpoint} system extension, an addition [role="screenshot"] image::images/deploy-elastic-endpoint/-getting-started-install-endpoint-filter-network-content.png[] -* Click **Allow** to enable content filtering for the {elastic-endpoint} system extension. Without this approval, {elastic-endpoint} cannot receive network events and, therefore, cannot enable network-related features such as <>. +Click **Allow** to enable content filtering for the {elastic-endpoint} system extension. Without this approval, {elastic-endpoint} cannot receive network events and, therefore, cannot enable network-related features such as <>. [discrete] [[enable-fda-endpoint]] == Enable Full Disk Access for {elastic-endpoint} -{elastic-endpoint} requires Full Disk Access to subscribe to system events via the {elastic-defend} framework and to protect your network from malware and other cybersecurity threats. To enable Full Disk Access on endpoints running macOS Catalina (10.15) and later, you must manually approve {elastic-endpoint}. +{elastic-endpoint} requires Full Disk Access to subscribe to system events using the {elastic-defend} framework and to protect your network from malware and other cybersecurity threats. To enable Full Disk Access on endpoints running macOS Catalina (10.15) and later, you must manually approve {elastic-endpoint}. [NOTE] ==== -The following instructions apply only to {elastic-endpoint} version 8.0.0 and later. To see Full Disk Access requirements for the Endgame sensor, refer to Endgame's documentation. +The following instructions apply only to {elastic-endpoint} version 8.0.0 and later. Versions 7.17.0 and earlier are not supported. To see Full Disk Access requirements for the Endgame sensor, refer to Endgame's documentation. ==== // Might need to revisit this note and the section. Keep an eye on https://github.com/elastic/staging-serverless-security-docs/issues/124 @@ -78,15 +78,3 @@ image::images/deploy-elastic-endpoint/-getting-started-fda-select-fda.png[Select [role="screenshot"] image::images/deploy-elastic-endpoint/-getting-started-fda-select-endpoint-ext.png[] -If the endpoint is running {elastic-endpoint} version 7.17.0 or earlier: - -// Might need to revisit this note and the section. Keep an eye on https://github.com/elastic/staging-serverless-security-docs/issues/124 - -. In the lower-left corner of the pane, click the **Lock button**, then enter your credentials to authenticate. -. Click the **+** button to view **Finder**. -. Navigate to `/Library/Elastic/Endpoint`, then select the `elastic-endpoint` file. -. Click **Open**. -. In the **Privacy** tab, confirm that `elastic-endpoint` AND `co.elastic.systemextension` are selected to properly enable Full Disk Access. -+ -[role="screenshot"] -image::images/deploy-elastic-endpoint/-getting-started-fda-fda-7-16.png[] diff --git a/docs/serverless/edr-install-config/deploy-endpoint-macos-ven.asciidoc b/docs/serverless/edr-install-config/deploy-endpoint-macos-ven.asciidoc index f908d5e522..22b924c2ac 100644 --- a/docs/serverless/edr-install-config/deploy-endpoint-macos-ven.asciidoc +++ b/docs/serverless/edr-install-config/deploy-endpoint-macos-ven.asciidoc @@ -57,7 +57,7 @@ Click **Allow** to enable content filtering for the ElasticEndpoint system exten [[enable-fda-endpoint-ven]] == Enable Full Disk Access for {elastic-endpoint} -{elastic-endpoint} requires Full Disk Access to subscribe to system events via the {elastic-defend} framework and to protect your network from malware and other cybersecurity threats. Full Disk Access permissions is a privacy feature introduced in macOS Mojave (10.14) that prevents some applications from accessing your data. +{elastic-endpoint} requires Full Disk Access to subscribe to system events using the {elastic-defend} framework and to protect your network from malware and other cybersecurity threats. Full Disk Access permissions is a privacy feature introduced in macOS Mojave (10.14) that prevents some applications from accessing your data. If you have not granted Full Disk Access, the following notification prompt will appear. @@ -68,7 +68,7 @@ To enable Full Disk Access, you must manually approve {elastic-endpoint}. [NOTE] ==== -The following instructions apply only to {elastic-endpoint} version 8.0.0 and later. To see Full Disk Access requirements for the Endgame sensor, refer to Endgame's documentation. +The following instructions apply only to {elastic-endpoint} version 8.0.0 and later. Versions 7.17.0 and earlier are not supported. To see Full Disk Access requirements for the Endgame sensor, refer to Endgame's documentation. ==== . Open the **System Settings** application. @@ -85,16 +85,3 @@ image::images/deploy-elastic-endpoint-ven/-getting-started-install-endpoint-ven- [role="screenshot"] image::images/deploy-elastic-endpoint-ven/-getting-started-install-endpoint-ven-allow_fda_ven.png[] -If the endpoint is running {elastic-endpoint} version 7.17.0 or earlier: - -. Click the **+** button to view **Finder**. -. The system may prompt you to enter your username and password if you haven't already. -+ -[role="screenshot"] -image::images/deploy-elastic-endpoint-ven/-getting-started-install-endpoint-ven-enter_login_details_to_confirm_ven.png[] -. Navigate to `/Library/Elastic/Endpoint`, then select the `elastic-endpoint` file. -. Click **Open**. -. In the **Privacy** tab, confirm that `ElasticEndpoint` and `co.elastic.systemextension` are selected to properly enable Full Disk Access. - -[role="screenshot"] -image::images/deploy-elastic-endpoint-ven/-getting-started-install-endpoint-ven-verify_fed_granted_ven.png[Select Full Disk Access]