End user actions: macOS High Sierra (10.13) and later
With the release of macOS 10.13.2 (High Sierra), Apple introduced new security settings, which were further enhanced in 10.14 (Mojave) and 10.15 (Catalina) with new privacy options. These privacy options (by default) prevent third-party applications from interacting with the device's data without end-user authorization.
Where an application requires access, the application (Bitdefender in this case) must first receive end-user approval.
macOS High Sierra (10.13) and later requires authorization for system (kernel) extensions as well. These extensions provide additional security and ensure protection is not interfered with.
The user receives a prompt to authorize access after installation. From the User Interface in High Sierra, or through Security & Privacy settings in both High Sierra and Mojave. This setting is also configurable post-install.
In addition to the system extensions, from macOS Mojave (10.14) applications also require Full Disk Access. This controls third-party applications interaction with data held on the device.
The user may receive a prompt to authorize access to control System Events, for example, when the computer requires a reboot to remove a threat.
For Mac Agent 3.4.0 and later, if a device is enrolled in Device Management for Apple, end user notifications are reduced and all our installed applications have the required permissions. For example, a device enrolled in Device Management for Apple has Accessibility permissions enabled.
System Extension Approval
- macOS High Sierra (10.13) and later - System Prompt
- macOS High Sierra (10.13) and later - Security & Privacy
- macOS High Sierra (10.13) and later - User Interface
Full Disk Access
Transparency, Consent, and Control (TCC)
Kernel extensions do not require end-user approval if installed on the computer before it upgrades to macOS High Sierra (10.13), or if they are replacing previously approved extensions.
What do you want to do?
- Review the Managed Antivirus Quick Start Guide
- View Managed Antivirus URLs
- Enable Managed Antivirus on individual servers and workstations or on all servers and workstations at a client or site
- Configure Managed Antivirus Policies. Includes scan schedules, remediation action (default threat action), end-user interaction