Consent needed to enable or disable Skyhigh Client Proxy 4.0 and later on macOS 11.2 and later
Last Modified: 2023-06-08 09:25:39 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Consent needed to enable or disable Skyhigh Client Proxy 4.0 and later on macOS 11.2 and later
Technical Articles ID:
KB94092
Last Modified: 2023-06-08 09:25:39 Etc/GMT Environment
Skyhigh Client Proxy (SCP) 4.0.0 and later Apple macOS Big Sur 11.2 Summary
To improve security on Mac systems, macOS Big Sur 11.2 introduces a new feature, which replaces the Secure Kernel Extension with the Network Extension. The feature changes the user consent to load third-party system extensions installed after the installation of macOS Big Sur. This feature needed changes to be made in SCP 4.0.0.
Problem
Products that use a network extension on macOS Big Sur 11.1.x require user consent to load any third-party system extensions. SCP 4.0.0 uses a network system extension for network events. So, the network extension Transparent Proxy and a Content Filter configuration require approval before SCP can start protecting the system. Solution 1
Without Mobile Device Management (MDM): IMPORTANT: This solution requires manual intervention to configure SCP on Big Sur 11.2.
NOTE: If you've already installed ENSM Firewall on a system, user consent isn't needed. Consent would have been provided while activating ENSM Firewall. Solution 2
When installing SCP silently (without user intervention) using MDM:
Solution 3
When uninstalling SCP: When uninstalling SCP, you're prompted to enter the administrator credentials to uninstall the system extension. This statement applies to both SCP standalone and ePO-managed. It doesn't matter whether the system is MDM-managed. If the user doesn't provide credentials or provides incorrect credentials, the SCP removal doesn't continue. To uninstall SCP successfully, you must try the removal again and provide the correct credentials. Apple designed the removal of system extensions this way. User intervention can't be avoided even on MDM-managed systems. Affected ProductsLanguages:This article is available in the following languages: |
|