MDM Deployment
Dev Machine Guard is designed to be deployed at scale through your existing endpoint management tooling. This section covers fleet deployment patterns for each supported operating system.
For an overview of the underlying delivery model (loader script versus signed installer), see the Installation Script page.
Choose your platform
Windows — Microsoft Configuration Manager (SCCM/MEMCM), Microsoft Intune
macOS — Iru (formerly Kandji)
Picking a deployment pattern
Two distinct delivery models are available, depending on what your fleet already supports:
Signed installer (MSI, PKG, DEB/RPM)
Your MDM treats applications as first-class objects with built-in detection, version tracking, and supersedence (e.g., SCCM Applications, Intune Win32 apps, Jamf Pro policies). Recommended for production fleets.
Loader script (PowerShell, shell)
Your tooling pushes scripts but does not natively manage application lifecycle (e.g., custom EDR runbooks, lightweight MDMs, ad-hoc rollouts). Simpler to deploy; updates flow automatically through the loader.
Each platform page below shows which deployment tools are supported and links to a step-by-step guide for each one.
Last updated
Was this helpful?