Skip to main content

Hexnode Setup (macOS)

Learn how to create and enforce Hexnode policies for macOS devices so ComplyJet can evaluate compliance across enrolled devices.

Upendra Varma avatar
Written by Upendra Varma
Updated this week

To sync macOS device compliance data from Hexnode into ComplyJet, you’ll first need to create the right policies inside your Hexnode account. These policies help us detect and validate whether your devices meet security requirements.

Note: Without these policies, even if you manually enable settings like screen lock or disk encryption on your machine, the compliance checks will not pass. This is because there’s no way to confirm that the setting is consistently enforced across all devices. Always create a policy in Hexnode and enforce it on all devices to ensure compliance.

Required Policies

ComplyJet checks for three specific things ( via policies & installed apps) in Hexnode (macOS):

  1. Disk Encryption (FileVault)

  2. Screensaver / Auto-Lock

  3. Antivirus (via apps)

Each of these policies must be created and assigned to devices.

1. Disk Encryption (FileVault)

This policy ensures macOS devices are encrypted with FileVault.

Steps:

  1. Log in to your Hexnode admin account.

  2. Go to Policies → New Policy → New Blank Policy.

  3. Enter a name and description

  4. In the macOS section, navigate to Security → FileVault.

  5. Click Configure.

  6. Make sure Enable FileVault and Show Personal Recovery Key to user are checked.

  7. Under Policy Targets, click Add Device and assign to all macOS devices.

  8. Save the policy.

2. Screensaver / Auto-Lock

This policy ensures inactive macOS devices automatically lock after a set period.

Steps:

  1. Go to Policies → New Policy → New Blank Policy.

  2. Enter a name and description

  3. In the macOS section, navigate to Screensaver → Configure.

  4. Enable the following options:

    • Enable Screensaver

    • Require Password to unlock screen

  5. Set the following recommended values:

    • Login window screensaver idle time: 1 minute

    • Screensaver idle time: 1 minute

    • Set delay for password prompt: Immediately

  6. Assign devices under Policy Targets.

  7. Save the policy.

3. Antivirus

ComplyJet detects antivirus on macOS by checking the list of installed applications reported by Hexnode. If a known antivirus app (list shown below) is present, the device will be marked as having antivirus installed.

Here are the standard antivirus apps that we support as of today for MacOS.

  • XProtect

  • Avast Antivirus

  • Avira Antivirus

  • Bitdefender Endpoint Security for Mac

  • Bitdefender Virus Scanner

  • Carbon Black

  • Coro

  • CrowdStrike Falcon

  • Cylance Endpoint Security

  • CylancePROTECT

  • ESET Antivirus

  • Intego

  • Jamf Protect

  • Huntress

  • Kandji EDR

  • Malwarebytes

  • McAfee Endpoint Security for Mac

  • Microsoft Defender

  • SentinelOne

  • Sophos Antivirus

  • Sophos Endpoint

  • Sophos Home Antivirus

  • Symantec Endpoint Protection

Next Steps

Once these policies are created and applied to devices in Hexnode, you’re ready to connect Hexnode to ComplyJet and start syncing compliance data.

ComplyJet will evaluate all the policies attached to each macOS device pulled from Hexnode and display the compliance status directly in your dashboard. This ensures you have a clear, centralized view of which devices are compliant and which need attention.

Related Articles
Managing Employee Devices with MDM
Hexnode Setup (Windows)
Did this answer your question?