This article applies to:
- Trustwave AV (in Endpoint Protection Suite)
- macOS 10.13 High Sierra
Question:
- Why does Trustwave AV not enable On Access scan for new installations on macOS High Sierra?
- Why do I see a pop-up notification "System Extension Blocked" when Endpoint Protection first attempts to update Trustwave AV on macOS 10.13?
- How can I make Trustwave AV work on macOS 10.13?
Background:
- Apple tech notes state: "macOS High Sierra 10.13 introduces a new feature that requires user approval before loading newly-installed third-party kernel extensions (KEXTs). When a request is made to load a KEXT that the user has not yet approved, the load request is denied."
- To use Trustwave AV, you must approve the extension.
Procedure:
After Trustwave Endpoint Protection has been installed with the Trustwave AV module, the application begins the first update of AV.
- When the download of AV is complete, the application attempts to install AV including the system extension for scanning.
- You are prompted that a system extension is blocked.
- To approve the extension, click OK, and then navigate to System Preferences > Security and Privacy.
- Click Allow.
- If more than one extension is waiting for approval, you will see a list. On the list, select Bitdefender SRL, and then click OK.
Notes:
- Approval is automatically granted if you already had Trustwave AV installed before upgrading to macOS 10.13.
- You only need to approve the system extension once. Future updates will not require approval.