If the DLP kernel extensions are present on the Mac system before you upgrade to macOS High Sierra or later, user consent isn't needed.
Enrollment in MDM automatically disables SKEL with macOS 10.13.3 and earlier. In this case, end-user consent isn't needed to enable the DLP features. Starting with macOS 10.13.4, enrolling in MDM doesn't automatically disable SKEL. To load without end-user consent, the DLP kernel extensions have to be added in the Kernel Extension Policy payload.
For details, see the following articles:
Below are the details for use in the Kernel Extension Policy payload:
McAfee Team Identifier: GT8P3H7SPW
Bundle Identifiers:
- com.McAfee.driver.DlpUSB
- com.mcafee.DLPKext
When no MDM solution is available, it's possible to manually enable the DLP kernel extensions. See KB89728 - End-user experience when installing Endpoint Security for Mac on macOS High Sierra 10.13 and later.
