1. Teramind
  2. FAQ
  3. Teramind Agent

What features are supported on Mac?

i

At the moment, Teramind on Mac has limited functionalities and are only supported on macOS 14 (Sonoma), macOS 13 (Ventura), macOS 12 (Monterey), macOS 11 (Big Sur), macOS 10.15 (Catalina) and macOS 10.14 (Mojave).

To take advantage of all the supported features, please upgrade to the latest version of the software. More information about the latest version of the Agent and Platform can be found on the Release Notes section.

Summary

Currently, Teramind on Mac supports the following features:

  • Agent - Both the Revealed and Hidden Agents are available on Mac. Please see the Details section below.
  • Monitoring - Limited: Screen, Applications, Web Pages (Safari, Chrome, Brave, Firefox, Opera), File Transfers, Keystrokes, Printer and Network activities. Please see the Details section below.
  • Offline Recording - Available on the Hidden/Stealth Agent. Please see the Details section below.
  • Behavior Policies and Rules - Limited: Applications, Webpages (all major browsers), Keystrokes, Printing, Networking. Only the Warn, Block, Notify and Lock Out User actions are supported. Please see the Details section below.
  • OCR (Optical Character Recognition) Report
  • Alerts Reports
  • Productivity Reports
  • Computers Report- Computer actions supported: enable/disable monitoring. Please see the Details section below.
  • System Log Report
  • Audit Report
  • View Recording and Playback - Video playback is available via the Session Player.
  • Remote Desktop Control - Available via the Session Player.
  • Configurations - Departments, Schedules, Positions, Access Control, Productivity Profiles.
  • Configurations > Shared Lists - Limited: Text and Regular Expressions-based shared lists are supported in Behavior Rules and Text and Network-based shared lists are supported in Monitoring Settings.
  • Monitoring Settings - i.e., creation of monitoring profiles, privacy settings etc. Not all settings are available or applicable on Mac. Please see the Details section below.

The following features aren’t supported:

  • Console Commands Monitoring
  • Emailing Monitoring
  • Instant Messengers Monitoring
  • Social Media Monitoring
  • Camera Usage Monitoring
  • Search Monitoring 
  • Audio Recording
  • Risk Analysis
  • Geolocation

Details

Agent

mceclip6.png

  • It makes it easier for the end user to adapt if they switch from one agent to another. Please check out  the How to use the Revealed Agent to learn more.

Here are a few notes about the Mac Agent:

  1. The Agent can be installed on both Intel and M1-based Macs. Check out the How to download and install the Teramind Agent to learn more.
  2. Starting from version 230, the Agent no longer requires the Rosetta add-on. 
  3. Starting from version 238, You can uninstall the Hidden/Stealth Agent remotely from the dashboard.
  4. The Agent supports a number of installation/configuration parameters. For more information, see the Agent Installation Parameters (Mac) section on the agent installation article.
  5. The Revealed Agent supports a number of launch parameters to run the agent in autonomous mode. For more information, see the Revealed Agent Installation Parameters section on the How to use the Revealed Agent article.
  6. Starting from version 240, you can remotely enable/disable monitoring from the Dashboard (Computers screen).
  7. Starting from version 232, you can change the default process name ("System Monitoring") of the Agent to any name of your choice. For more information, please check out the release note.

Monitoring

Screen

With the Screen monitoring on, you can record user desktops and view them from the Monitoring Reports > Screen snapshots, from the Dashboards (e.g., Live Montage/Latest Snapshots widgets), and from anywhere you can launch the Session Player (by usually clicking the mceclip1.pngcamera icon). You can also conduct OCR search and remote control the user's computer.

mceclip2.png

You can toggle the Screen monitoring on/off or configure more detailed settings from the Monitoring Settings:

mceclip2.png

mceclip3.png

At the moment, the following settings under the Monitoring Settings > mceclip5.png are available:

  • RECORD LOCKED SESSIONS
  • ALLOW REMOTE CONTROL 
  • MESSAGE DURING REMOTE CONTROL
  • MESSAGE DURING INPUT FREEZE 
  • TRACKING DAYS AND TIME

Please check out the Monitoring Settings > Editing Screen Settings section on the User Guide to learn more about these settings.

Applications

You can monitor which apps are being used on reports such as BI Reports > Applications & Websites, on the Dashboards (e.g., Online Employees widget), etc.:

mceclip0.png

You can toggle the Applications monitoring on/off or configure more detailed settings from the Monitoring Settings:

mceclip0.png

mceclip1.png

At the moment, the following settings under the Monitoring Settings > mceclip5.png are available:

  • MONITOR ONLY THESE APPLICATIONS
  • SUSPEND MONITORING WHEN THESE APPLICATIONS ARE USED
  • SUSPEND KEYSTROKE MONITORING WHEN THESE APPLICATIONS ARE USED
  • TRACKING DAYS AND TIME (Also know as the Monitoring Schedule)

The first three options support Text and Regular Expressions-based Shared Lists.

Please check out the Monitoring Settings > Editing Applications Settings section on the User Guide to learn more about these settings.

Websites

You can monitor web traffic including the HTTPS/TLS traffic on all major browsers (Safari, Chrome, Brave, Firefox, Opera). You can monitor which websites the users are visiting and view their activities on reports such as BI Reports > Applications & Websites, on the Dashboards (e.g., Online Employees widget), etc.:

mceclip0.png

You can toggle the Websites monitoring on/off or configure more detailed settings from the Monitoring Settings:

At the moment, the following settings under the Monitoring Settings > mceclip5.png are available:

  • DON'T MONITOR WEB TRAFFIC FOR THESE IPS: You can use this option to exclude network traffic inspection for any IP address(es). Here are some additional notes about this option:
    • The field accepts IP addresses (e.g., 192.11.22.33) and IP masks (e.g., 212.23.48.33/24) and Network-based Shared Lists. Currently it doesn't support any domain names, regular expressions or Text-based Shared Lists.
    • When the option is used, Teramind proxy certificate ("Internet Widgits") will not be injected into the website(s) matching the IP address(es). As a result, Webpages-based rules will not work for any website(s) matching the IP address(es).
    • Website activities will be captured and appear on reports like the BI Reports > Applications & Websites.
    • Keystrokes will be captured and appear on reports like the BI Reports > Keystrokes.
  • TRACKING DAYS AND TIME: Also know as the Monitoring Schedule.

File Transfers

i

Unless you have already done so when you installed the Agent, you will have to enable a macOS permission from the Terminal to activate file transfers monitoring. To learn how to do so, please check out the following sections on the How to configure macOS permission settings article:

You will be able to view users' file transfer activities such as Access, Copy, Read, Write, etc. on the Users folder (including all the sub-folders) and external drives. You can then view the reports on the Monitoring > File Transfers, BI Reports > File Events, etc:

Here are a few things to note about the File Transfers monitoring:

  • Currently, only the Users folder (including all the sub-folders) and external drives can be monitored*.

  • You can toggle TRACK EXTERNAL DRIVES option on the Monitoring Settings > Monitoring Profile > File Transfers panel that to enable/disable monitoring of file transfers on external drives:

  • Currently, the following file events aren't monitored/supported:
    • Upload
    • Download
    • Web Upload
    • Web Download
  • Currently, the Monitoring Settings > File Transfers option on the Dashboard doesn't have any effect. You will have to enable File Transfers monitoring from the Terminal as mentioned above.
  • Currently, the FILES behavior rules aren't supported.
  • Currently, the FILE DRIVER and EXCLUDE PROCESSES FROM FILE DRIVER options on the Monitoring Settings > Advanced window aren't supported.
  • Currently, you cannot disable file transfer monitoring once enabled.
i
 *The Users folder is one of the core folders on a Mac. It contains the Home folders of multiple users along with the Shared Folder. Essentially, it has all the data of individual users. users folder.png

Printed Docs

You can monitor which documents are being printer by the users on reports such as BI Reports > Printing. You can also view captured documents:

mceclip8.png

You can toggle the Printed Docs monitoring on/off or configure more detailed settings from the Monitoring Settings:

mceclip6.png

mceclip9.png

At the moment, the following settings under the Monitoring Settings > mceclip5.png are available:

  • MAXIMUM CAPTURE DOCUMENT SIZE (PAGES)
  • EXCLUDED PRINTER NAME (REGEXP)
  • CAPTURE ACTUAL DOCUMENT
  • TRACKING DAYS AND TIME (Also know as the Monitoring Schedule)

Please check out the Monitoring Settings > Editing Printed Doc / Printer Settings section on the User Guide to learn more about these settings.

Keystrokes

You can monitor keystrokes entered by the user on any app or websites on reports such as BI Reports > Keystrokes, on the Dashboards (e.g., Keystroke Log widget), etc.:

mceclip3.png

You can toggle the Keystrokes monitoring on/off or configure more detailed settings from the Monitoring Settings:

mceclip4.png

Note that:

  • At the moment, only the TRACKING DAYS AND TIME setting under the Monitoring Settings > mceclip5.png is available.

Network

i

Unless you have already done so when you installed the Agent, you will have to enable a macOS permission from the Terminal to activate network monitoring. To learn how to do so, please check out the following sections on the How to configure macOS permission settings article:

You can monitor TCP/IPv4-based network connections on macOS 11 (Big Sur) and later. You will be able to see the users' network activities under the Monitoring > Network Monitoring report:

mceclip2.png

You can toggle the Network monitoring on/off or configure more detailed settings from the Monitoring Settings:

Here are a few things to note about the Network settings:

  1. If you turn off the entire NETWORK monitoring - no certificate will be injected, no network tracking will take place, and Network-based behavior rules will not work.
  2. If you turn off the SSL option, but leave the TRACK NETWORK CONNECTIONS option on, then packets will be intercepted back and forth, Teramind proxy certificate will not be injected.
  3. If you turn off the TRACK NETWORK CONNECTIONS option, no network activities will be tracked. However, the Teramind proxy certificate will be injected. Websites and other network-based interceptions will work. Network-based behavior rules will work too.
  4. The DON'T DISABLE TEREDO is not applicable to Mac. It's only used in Windows.
  5. TRACK ONLY THESE IPS: allows you to monitor specific IP(s) only. You can enter IP addresses (e.g., 192.168.1.22) or use Network-based Shared Lists.
  6. DO NOT TRACK THESE IPS: does the opposite of TRACK ONLY THESE IPS.
  7. TRACK ONLY THESE PORTS: allows you to track only certain ports. For example, 25, 443, etc.
  8. DO NOT TRACK THESE PORTS: does the opposite of TRACK ONLY THESE PORTS.
  9. TRACK PROCESSES - allows you to specify which network processes to track. You can use process names (e.g., com.apple.safari, com.brave.browser, etc.) or Text-based Shared Lists.
i
 Note that TRACK ONLY THESE IPS and TRACK ONLY THESE PORTS have higher priority than the DO NOT TRACK THESE IPS and DO NOT TRACK THESE PORTS settings. For example, suppose you specified the IP 162.11.23.1 in the TRACK ONLY THESE IPS field but then used a Shared List in the DO NOT TRACK THESE IPS which also had these IPs: 162.11.23.0, 162.11.23.1, 162.11.23.2, etc. In this situation, 162.11.23.1 will be monitored (and the rest of the IPs in the Shared List will not be monitored).

Offline Recording

Available on the Mac Hidden/Stealth Agent. This can be enabled/disabled from Monitoring Settings > Monitoring profile > Offline Recording or you can configure detailed settings from its Monitoring Settings:

Note that, currently, only the following activities can be recorded offline:

  • Screen
  • Applications
  • Printing (Printed Docs)
  • Keystrokes

Please check out the Monitoring Settings > Editing Offline Recording Settings section on the User Guide to learn more about these settings.

Behavior Policies & Rules

Applications

Support for the Applications Activity-based rules are now available.

You can create a Applications rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

mceclip0.png

Here are a few things to note:

  • The rule currently supports only the Application Name condition.
  • Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
  • Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Webpages and Applications and other relevant reports.

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Applications section to learn more.

Webpages

Support for the Webpages Activity-based rules is now available on macOS 10.15 (Catalina) and later.

You can create a Webpages rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

Here are a few things to note:

  • All major browsers are supported.
  • The rule currently supports Webpage Url, Webpage Title, Request type and Query argument name criteria only.
  • At the moment, the Block and Warn rule actions are supported for all the supported criteria. Lock Out User Action is supported for rules using the Webpage Title criterion. Notify action is supported for Webpage Url and Webpage Title criteria. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
  • You will be able to view the rule violation events on the BI Reports > Behavior Alerts report.

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Webpages section to learn more.

Printing

Support for the Printing Activity-based rules are now available.

You can create a Printing rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

mceclip1.png

Here are a few things to note:

  • The rule currently supports all the conditions: Number of Pages, Document Name, and Printer Name.
  • Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
  • Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Printing and other relevant reports.

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Printing section to learn more.

Keystrokes

Support for the Keystrokes Activity-based rules are now available.

You can create a Keystrokes rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

mceclip4.png

Here are a few things to note:

  • The rule currently supports the Text Typed, Word Typed, and the Application Name conditions.
  • Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
  • Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Keystrokes and other relevant reports.

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Keystrokes section to learn more.

Networking

Support for the Networking Activity-based rules is now available on macOS 11 (Big Sur) and later.

You can create a Networking rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

mceclip3.png

Here are a few things to note:

  • This feature isn't available on macOS 10.15 (Catalina) or older versions.
  • The rule currently supports Application Name, Remote Host, Remote Port, Bytes Sent and Bytes Received conditions.
  • Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
  • You will be able to view the rule violation events on the BI Reports > Behavior Alerts report.

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Networking section to learn more.

Computers

You can now enable/disable monitoring from the Computers (via the Action Menu) or from the Computer's Details screen:

To enable/disable monitoring for multiple computers:

On the Computers screen, click the check marks in front of the computer names to select computers.

Click the Select action menu on the top-left corner and select the Enable Monitoring or the Disable Monitoring option from the drop-down menu.

The Monitored column will show the current monitoring status of the computer(s).

On the Revealed Agent, the user will not be able to log in if you disable the monitoring. If they are already logged in, they will be logged out immediately.

To enable/disable monitoring for a single computer:

Click on a computer's name from the Computers screen. It will take you to the Computer's Details screen:

Click the Monitor computer toggle button on the left to turn monitoring on/off.

 

 

Was this article helpful?
10 out of 11 found this helpful