-
Notifications
You must be signed in to change notification settings - Fork 108
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
AdamF1
authored and
AdamF1
committed
Jun 28, 2021
0 parents
commit 8aa5d87
Showing
59 changed files
with
11,397 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| --- | ||
| name: Add new MDM provider | ||
| about: Suggest a new platform to be added into the repository | ||
| title: "[ADD NEW MDM]" | ||
| labels: enhancement | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Name of the new MDM** | ||
|
|
||
| **Reasons for wanting it adding** | ||
| A clear and concise description of the reason for adding the MDM | ||
|
|
||
| **Which platforms are supported by the MDM** | ||
|
|
||
| **Do you already have example configurations from this MDM, for platforms which fit within the [guiding principles](https://github.com/ukncsc/Device-Security-Guidance-Configuration-Packs#guiding-principles)?** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| --- | ||
| name: Add new Platform | ||
| about: Suggest a new platform to be added into the repository | ||
| title: "[ADD NEW PLATFORM]" | ||
| labels: enhancement | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Name of the new Platform** | ||
|
|
||
| **Reasons for wanting it adding** | ||
| A clear and concise description of the reason for adding the platform | ||
|
|
||
| **Do you already have example configurations which fit within the [guiding principles](https://github.com/ukncsc/Device-Security-Guidance-Configuration-Packs#guiding-principles)?** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| --- | ||
| name: Change to configuration | ||
| about: Suggest a change to a configuration | ||
| title: "[CHANGE CONFIGURATION]" | ||
| labels: documentation | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Which platform does your requested change effect?** | ||
| Windows 10, macOS etc | ||
|
|
||
| **Which configuration setting are you requesting change to?** | ||
| A description of the configuration e.g. deviceGuardEnableSecureBootWithDMA | ||
|
|
||
| **What is the current value for that configuration and what are you suggesting it be changed to?** | ||
| False -> True | ||
|
|
||
| **Is your feature request related to a problem? Please describe.** | ||
| A clear and concise description of what the problem is. E.g. This setting stops users from [...] | ||
|
|
||
| **How does the requested change fit within the [guiding principles](https://github.com/ukncsc/Device-Security-Guidance-Configuration-Packs#guiding-principles)?** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| --- | ||
| name: Change to text | ||
| about: Suggest a change to text within this repository | ||
| title: "[CHANGE TEXT]" | ||
| labels: documentation | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Which page is the requested change to text present on?** | ||
| E.g. [Main README.md](https://github.com/ukncsc/Device-Security-Guidance-Configuration-Packs#device-security-guidance-configuration-packs) | ||
|
|
||
| **What is the change? from, to, and reason** | ||
| Could be a spelling mistake or unclear instructions. |
132 changes: 132 additions & 0 deletions
132
Apple/iOS/NCSC_example_iOS_VPN_configuration.mobileconfig
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,132 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | ||
| <plist version="1.0"> | ||
| <dict> | ||
| <key>HasRemovalPasscode</key> | ||
| <false/> | ||
| <key>PayloadContent</key> | ||
| <array> | ||
| <dict> | ||
| <key>AlwaysOn</key> | ||
| <dict> | ||
| <key>AllowCaptiveWebSheet</key> | ||
| <true/> | ||
| <key>AllowedCaptiveNetworkPlugins</key> | ||
| <array/> | ||
| <key>ServiceExceptions</key> | ||
| <array/> | ||
| <key>TunnelConfigurations</key> | ||
| <array> | ||
| <dict> | ||
| <key>AuthenticationMethod</key> | ||
| <string>Certificate</string> | ||
| <key>CertificateType</key> | ||
| <string>ECDSA256</string> | ||
| <key>ChildSecurityAssociationParameters</key> | ||
| <dict> | ||
| <key>DiffieHellmanGroup</key> | ||
| <integer>19</integer> | ||
| <key>EncryptionAlgorithm</key> | ||
| <string>AES-128-GCM</string> | ||
| <key>IntegrityAlgorithm</key> | ||
| <string>SHA2-256</string> | ||
| <key>LifeTimeInMinutes</key> | ||
| <integer>1440</integer> | ||
| </dict> | ||
| <key>DeadPeerDetectionRate</key> | ||
| <string>High</string> | ||
| <key>DisableMOBIKE</key> | ||
| <integer>0</integer> | ||
| <key>DisableRedirect</key> | ||
| <integer>0</integer> | ||
| <key>EnableCertificateRevocationCheck</key> | ||
| <true/> | ||
| <key>EnableFallback</key> | ||
| <false/> | ||
| <key>EnablePFS</key> | ||
| <true/> | ||
| <key>IKESecurityAssociationParameters</key> | ||
| <dict> | ||
| <key>DiffieHellmanGroup</key> | ||
| <integer>19</integer> | ||
| <key>EncryptionAlgorithm</key> | ||
| <string>AES-128-GCM</string> | ||
| <key>IntegrityAlgorithm</key> | ||
| <string>SHA2-256</string> | ||
| <key>LifeTimeInMinutes</key> | ||
| <integer>1440</integer> | ||
| </dict> | ||
| <key>Interfaces</key> | ||
| <array> | ||
| <string>Cellular</string> | ||
| <string>WiFi</string> | ||
| </array> | ||
| <key>LocalIdentifier</key> | ||
| <string>device.example.com</string> | ||
| <key>NATKeepAliveInterval</key> | ||
| <integer>60</integer> | ||
| <key>NATKeepAliveOffloadEnable</key> | ||
| <integer>1</integer> | ||
| <key>ProtocolType</key> | ||
| <string>IKEv2</string> | ||
| <key>RemoteAddress</key> | ||
| <string>vpn.example.com</string> | ||
| <key>RemoteIdentifier</key> | ||
| <string>vpn.example.com</string> | ||
| <key>UseConfigurationAttributeInternalIPSubnet</key> | ||
| <integer>0</integer> | ||
| </dict> | ||
| </array> | ||
| <key>UIToggleEnabled</key> | ||
| <true/> | ||
| </dict> | ||
| <key>IPv4</key> | ||
| <dict> | ||
| <key>OverridePrimary</key> | ||
| <integer>0</integer> | ||
| </dict> | ||
| <key>PayloadDescription</key> | ||
| <string>Configures VPN settings</string> | ||
| <key>PayloadDisplayName</key> | ||
| <string>VPN</string> | ||
| <key>PayloadIdentifier</key> | ||
| <string>com.apple.vpn.managed.C4180FAE-F129-408D-8F83-943BF92F94DA</string> | ||
| <key>PayloadType</key> | ||
| <string>com.apple.vpn.managed</string> | ||
| <key>PayloadUUID</key> | ||
| <string>C4180FAE-F129-408D-8F83-943BF92F94DA</string> | ||
| <key>PayloadVersion</key> | ||
| <integer>1</integer> | ||
| <key>Proxies</key> | ||
| <dict> | ||
| <key>HTTPEnable</key> | ||
| <integer>0</integer> | ||
| <key>HTTPSEnable</key> | ||
| <integer>0</integer> | ||
| </dict> | ||
| <key>UserDefinedName</key> | ||
| <string>NCSC Example VPN configuration</string> | ||
| <key>VPNType</key> | ||
| <string>AlwaysOn</string> | ||
| <key>VendorConfig</key> | ||
| <dict/> | ||
| </dict> | ||
| </array> | ||
| <key>PayloadDescription</key> | ||
| <string>This configuration profile contains an example VPN configuration that can be used as a starting point for your own configuration. Configuration options included in this profile should be customised to your particular requirements.</string> | ||
| <key>PayloadDisplayName</key> | ||
| <string>NCSC Example VPN configuration</string> | ||
| <key>PayloadIdentifier</key> | ||
| <string>uk.gov.ncsc.ios.vpn.example</string> | ||
| <key>PayloadOrganization</key> | ||
| <string>Your Organisation Here</string> | ||
| <key>PayloadRemovalDisallowed</key> | ||
| <true/> | ||
| <key>PayloadType</key> | ||
| <string>Configuration</string> | ||
| <key>PayloadUUID</key> | ||
| <string>0B910B86-01FB-4859-83D3-916E31F772A1</string> | ||
| <key>PayloadVersion</key> | ||
| <integer>1</integer> | ||
| </dict> | ||
| </plist> |
Oops, something went wrong.