Configuring Bitdefender on macOS with Scalefusion
- 11 Nov 2025
- 3 Minutes to read
- Print
- PDF
Configuring Bitdefender on macOS with Scalefusion
- Updated on 11 Nov 2025
- 3 Minutes to read
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
Introduction
Bitdefender is widely adopted by enterprises and organizations around the globe as a crucial element of their cybersecurity strategies. It provides a modern and effective solution for protecting endpoints against an ever-evolving threat landscape.
Recognizing the importance of seamless integration, Scalefusion provides comprehensive guidance for IT administrators on configuring Bitdefender for their managed Mac devices. This article provides step-by-step instructions to help ensure the effective implementation of Bitdefender within Mac environments.
Step 1: Deploying the Custom Payload.
Step 2: Installing Bitdefender using the script.
Step 1: Deploying the Custom Payload.
The following Payload is designed to enforce specific security and system settings related to Bitdefender on managed macOS devices. It includes configurations for web content filtering, system extension control, privacy preferences, and system extensions.
Note:
Deploy the custom payload first before publishing the script in Step 2.
Copy the contents directly from below and add it in Custom Settings in the Device Profile or click here to download the file and import it in the Device Profile.
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>AllowUserOverrides</key> <true/> <key>AllowedSystemExtensions</key> <dict> <key>GUNFMW623Y</key> <array> <string>com.bitdefender.cst.net.dci.dci-network-extension</string> </array> </dict> <key>PayloadDescription</key> <string></string> <key>PayloadDisplayName</key> <string>System Extensions</string> <key>PayloadEnabled</key> <true/> <key>PayloadIdentifier</key> <string>C4CC343D-B6B3-42AA-BDBE-17A87938BE42</string> <key>PayloadOrganization</key> <string>Bitdefender Vendor Payload</string> <key>PayloadType</key> <string>com.apple.system-extension-policy</string> <key>PayloadUUID</key> <string>C4CC343D-B6B3-42AA-BDBE-17A87938BE42</string> <key>PayloadVersion</key> <integer>1</integer> </dict> <dict> <key>PayloadDescription</key> <string></string> <key>PayloadDisplayName</key> <string>Privacy Preferences Policy Control</string> <key>PayloadEnabled</key> <true/> <key>PayloadIdentifier</key> <string>A8D2FB69-FE19-4F76-8E9E-E0FD82F4F08F</string> <key>PayloadOrganization</key> <string>Bitdefender Vendor Payload</string> <key>PayloadType</key> <string>com.apple.TCC.configuration-profile-policy</string> <key>PayloadUUID</key> <string>A8D2FB69-FE19-4F76-8E9E-E0FD82F4F08F</string> <key>PayloadVersion</key> <integer>1</integer> <key>Services</key> <dict> <key>SystemPolicyAllFiles</key> <array> <dict> <key>Allowed</key> <integer>1</integer> <key>CodeRequirement</key> <string>anchor apple generic and identifier "com.bitdefender.epsecurity.BDLDaemonApp" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = GUNFMW623Y)</string> <key>Identifier</key> <string>com.bitdefender.epsecurity.BDLDaemonApp</string> <key>IdentifierType</key> <string>bundleID</string> <key>StaticCode</key> <integer>0</integer> </dict> <dict> <key>Allowed</key> <integer>1</integer> <key>CodeRequirement</key> <string>identifier "com.bitdefender.EndpointSecurityforMac" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = GUNFMW623Y</string> <key>Identifier</key> <string>com.bitdefender.EndpointSecurityforMac</string> <key>IdentifierType</key> <string>bundleID</string> <key>StaticCode</key> <integer>0</integer> </dict> </array> </dict> </dict> <dict> <key>FilterPacketProviderBundleIdentifier</key> <string>com.bitdefender.cst.net.dci.dci-network-extension</string> <key>FilterPacketProviderDesignatedRequirement</key> <string>anchor apple generic and identifier "com.bitdefender.cst.net.dci.dci-network-extension" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = GUNFMW623Y)</string> <key>FilterPackets</key> <true/> <key>FilterSockets</key> <false/> <key>FilterType</key> <string>Plugin</string> <key>PayloadDisplayName</key> <string>Web Content Filter Payload</string> <key>PayloadIdentifier</key> <string>CDB57D2F-44EF-4386-A2BE-530E1EAB71AE</string> <key>PayloadOrganization</key> <string>JAMF Software</string> <key>PayloadType</key> <string>com.apple.webcontent-filter</string> <key>PayloadUUID</key> <string>CDB57D2F-44EF-4386-A2BE-530E1EAB71AE</string> <key>PayloadVersion</key> <integer>1</integer> <key>PluginBundleID</key> <string>com.bitdefender.epsecurity.BDLDaemonApp</string> <key>UserDefinedName</key> <string>Bitdefender</string> <key>VendorConfig</key> <dict/> </dict> <dict> <key>PayloadDescription</key> <string>Full Disk Access configuration for Bitdefender.</string> <key>PayloadDisplayName</key> <string>Full Disk Access</string> <key>PayloadEnabled</key> <true/> <key>PayloadIdentifier</key> <string>D45B4B1C-FA9B-4B1E-90A3-AB4232F4D3CC</string> <key>PayloadOrganization</key> <string>Bitdefender Vendor Payload</string> <key>PayloadType</key> <string>com.apple.TCC.configuration-profile-policy</string> <key>PayloadUUID</key> <string>D45B4B1C-FA9B-4B1E-90A3-AB4232F4D3CC</string> <key>PayloadVersion</key> <integer>1</integer> <key>Services</key> <dict> <key>SystemPolicyAllFiles</key> <array> <dict> <key>Allowed</key> <integer>1</integer> <key>CodeRequirement</key> <string>anchor apple generic and identifier "com.bitdefender.epsecurity.BDLDaemonApp"</string> <key>Identifier</key> <string>com.bitdefender.epsecurity.BDLDaemonApp</string> <key>IdentifierType</key> <string>bundleID</string> <key>StaticCode</key> <integer>0</integer> </dict> </array> </dict> </dict> </array> <key>PayloadDescription</key> <string></string> <key>PayloadDisplayName</key> <string>BitDefender</string> <key>PayloadEnabled</key> <true/> <key>PayloadIdentifier</key> <string>8758FD71-64D2-4739-8836-7838BE671CCE</string> <key>PayloadOrganization</key> <string>Bitdefender Vendor Payload</string> <key>PayloadRemovalDisallowed</key> <true/> <key>PayloadScope</key> <string>System</string> <key>PayloadType</key> <string>Configuration</string> <key>PayloadUUID</key> <string>8758FD71-64D2-4739-8836-7838BE671CCE</string> <key>PayloadVersion</key> <integer>1</integer> </dict> </plist>Follow our guide on how to add the Custom Payload in the Device Profile & deploy it to devices.
On the device, you should see the following custom payload in the Profiles section in System Preferences.
Note:
The Payload and its contents are sourced from various albeit authenticated Apple Developer communities and forums.
Please validate them on a test machine before deploying them on all your managed devices.
Scalefusion has tested these Payloads, however, Scalefusion will not be responsible for any loss of data or system malfunction that may arise due to the incorrect usage of these payloads.
Step 2: Installing Bitdefender using the script.
The following Shell script helps IT Admins to install Bitdefender on the managed Mac devices.
Create a file on your desktop, for example, install_Bitdefender.sh and open it in a text editor like notepad++
Copy the contents below to the file or click here to download the file.
#!/bin/bash DOWNLOAD_URL="Download URL" # Please do not modify the below lines. # Temporary directory for downloading and installation BD_TEMP="/var/tmp/temp_bd" mkdir -p $BD_TEMP && cd $_ # Download the setup file curl -L -O $DOWNLOAD_URL # Mount the disk image hdiutil attach setup_downloader.dmg /Volumes/Endpoint\ for\ MAC/SetupDownloader.app/Contents/MacOS/SetupDownloader --silent # Unmount the disk image hdiutil detach /Volumes/Endpoint\ for\ MAC/ # Clean up the temporary directory rm -rf $BD_TEMPIn the script, set the values for the following properties:
Enter_Download_url: You will find the URL to download the Bitdefender app from the Bitdefender portal.
Follow our guide to upload & publish the Shell script using Scalefusion Dashboard.
While uploading the script in Enterprise store and set “Run Script as signed-in user” to NO.
Note:
Please note that to use the Shell scripts, the Scalefusion MDM Client Application must be installed on the device(s). Please follow our guide to publish and install the Scalefusion MDM Agent Application.
Note:
The scripts and their contents are sourced from various albeit authenticated Apple Developer communities and forums.
Please validate the scripts on a test machine before deploying them on all your managed devices.
Scalefusion has tested these scripts, however, Scalefusion will not be responsible for any loss of data or system malfunction that may arise due to the incorrect usage of these scripts.
Was this article helpful?
