Zu den Hauptinhalten
Abmelden

Willkommen bei Dell

Mein Konto
  • Bestellungen schnell und einfach aufgeben
  • Bestellungen anzeigen und den Versandstatus verfolgen
  • Erstellen Sie eine Liste Ihrer Produkte, auf die Sie jederzeit zugreifen können.
Anmelden Konto erstellen Premier-Anmeldung Anmeldung beim Partnerprogramm
Kontakt

Ihr Warenkorb bei Dell.com

How to Allow Dell Data Security Kernel Extensions on macOS

Zusammenfassung: Learn how to allow kernel extensions for Dell Endpoint Security Suite Enterprise for Mac, Dell Threat Defense, Dell Encryption Enterprise for Mac, CrowdStrike Falcon Sensor, or VMware Carbon Black Cloud Endpoint. ...

Dieser Artikel gilt für Dieser Artikel gilt nicht für Dieser Artikel ist nicht an ein bestimmtes Produkt gebunden. In diesem Artikel werden nicht alle Produktversionen aufgeführt.
Andere Ressourcen ansehen

Weisungen

Note:
  • As of February 2021, Dell Encryption Enterprise for Mac has reached End of Maintenance. This product and its articles are no longer updated by Dell.
  • As of May 2022, Dell Endpoint Security Suite Enterprise has reached End of Maintenance. This product and its articles are no longer updated by Dell.
  • As of May 2022, Dell Threat Defense has reached End of Maintenance. This product and its articles are no longer updated by Dell.
  • For more information, reference Product Life Cycle (End of Support and End of Life) Policy for Dell Data Security. If you have any questions on alternative articles, either reach out to your sales team or contact endpointsecurity@dell.com.
  • Reference Endpoint Security for additional information about current products.

System Integrity Protection (SIP) was hardened in macOS High Sierra (10.13) to require users to approve new third-party kernel extensions (KEXTs). This article explains how to allow Dell Data Security kernel extensions for the macOS High Sierra and later.

Affected Products:

  • Dell Endpoint Security Suite Enterprise for Mac
  • Dell Threat Defense
  • Dell Encryption Enterprise for Mac
  • CrowdStrike Falcon Sensor
  • VMware Carbon Black Cloud Endpoint

Affected Operating Systems:

  • macOS High Sierra (10.13) and Later

Users encounter this security feature if:

  • Performing a new install of:
    • Dell Threat Defense
    • Dell Endpoint Security Suite Enterprise
    • Dell Encryption Enterprise for Mac
    • CrowdStrike Falcon Sensor
    • VMware Carbon Black Cloud Endpoint
  • SIP is enabled.

Users do not encounter this security feature if:

  • Performing an upgrade of:
    • Dell Threat Defense
    • Dell Endpoint Security Suite Enterprise
    • Dell Encryption Enterprise for Mac
    • CrowdStrike Falcon Sensor
    • VMware Carbon Black Cloud Endpoint
  • SIP is disabled.
Note: For information about managing SIP, reference How to Disable System Integrity Protection for Dell Data Security Mac Products.

Allowing kernel extensions differs between User Experience and Enterprise Deployments. Select the appropriate option for more information.

User Experience

If SIP is enabled on macOS High Sierra or later, the operating system experiences an extension block alert post install of Dell Endpoint Security Suite Enterprise, Dell Threat Defense, Dell Encryption Enterprise for Mac, CrowdStrike Falcon Sensor, or VMware Carbon Black Cloud Endpoint. This may read as, "System Extension Blocked - A program tried to load new system extension(s) signed by "[NAME]". If you want to enable these extensions, go to the Security & Privacy System Preferences pane."

System Extension Blocked error

Note: Dell Encryption Enterprise for Mac may have up to two extension block alerts from:
  • Dell Inc, formerly Credant Technologies
  • Credant Technologies
  • Benjamin Fleischer (if Encryption External Media policy is enabled)

Approving the extension differs depending on the version of macOS installed. For more information, click either v11.X (Big Sur) or v10.13.X to 10.15.X (High Sierra, Mojave, and Catalina).

v11.X (Big Sur)

With the advent of system extensions in macOS Big Sur, there are instances when Kernel Extensions may not be properly loaded on new installations of applications. Applications that were installed before the upgrade to macOS Big Sur should have the kernel extensions pre-imported.

If applications are failing to properly start, the TeamID for the application may be manually entered outside of the operating system.

  1. Start up the affected Mac in recovery mode.
    Note: For more information, reference About macOS Recovery on Intel-based Mac Computers: https://support.apple.com/102518This hyperlink is taking you to a website outside of Dell Technologies..
  2. Click the Utilities menu and then select Terminal.
  3. In Terminal, type /usr/sbin/spctl kext-consent add [TEAMID] and then press Enter.
    Note:
    • [TEAMID] = The Apple TeamID for the product being installed
    • Apple TeamIDs:
      • Dell Endpoint Security Suite Enterprise: 6ENJ69K633
      • Dell Threat Defense: 6ENJ69K633
      • Dell Encryption Enterprise: VR2659AZ37
        • Dell Encryption External Media: 3T5GSNBU6W (v10.1.0 and earlier)
        • Dell Encryption External Media: VR2659AZ37 (v10.5.0 and later)
      • CrowdStrike Falcon Sensor: X9E956P446
      • VMware Carbon Black Cloud Endpoint: 7AGZNQ2S2T
    • For example, if VMware Carbon Black Cloud Endpoint must be manually added, type /usr/sbin/spctl kext-consent add 7AGZNQ2S2T and then press Enter.
  4. Close the Terminal app and restart into macOS.

v10.13.X to 10.15.X (High Sierra, Mojave, and Catalina)

  1. Log in to the affected Mac.
  2. In the Apple Dock, click System Preferences.
    System Preferences
  3. Double-click Security & Privacy.
    Security & Privacy
  4. Under the General tab, click Allow to load the KEXT.
    Allowing the KEXT
    Note: The Allow button is only available for 30 minutes post installation. Until the user approves the KEXT, future load attempts cause the approval UI to reappear, but do not cause another user alert.

Enterprise Deployments

An Apple management solution (such as Workspace One, Jamf) can use an Apple TeamID to suppress user approval of a KEXT.

Warning: Allowlisting an Apple TeamID automatically approves any application that is signed by that ID. Use extreme caution when allowlisting an Apple TeamID.
Note:
  • Apple TeamIDs:
    • Dell Endpoint Security Suite Enterprise: 6ENJ69K633
    • Dell Threat Defense: 6ENJ69K633
    • Dell Encryption Enterprise: VR2659AZ37
      • Dell Encryption External Media: 3T5GSNBU6W (v10.1.0 and earlier)
      • Dell Encryption External Media: VR2659AZ37 (v10.5.0 and later)
    • CrowdStrike Falcon Sensor: X9E956P446
    • VMware Carbon Black Cloud Endpoint: 7AGZNQ2S2T

To verify an endpoint’s allowlisted Apple TeamIDs:

  1. On the endpoint, open Terminal.
  2. Type sudo kextstat | grep -v com.apple and then press Enter.
  3. Populate the superuser Password and then press Enter.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Weitere Informationen

 

Videos

 

Betroffene Produkte

CrowdStrike, Dell Threat Defense, Dell Endpoint Security Suite Pro, Dell Endpoint Security Suite Enterprise, VMware Carbon Black
Artikeleigenschaften
Artikelnummer: 000129477
Artikeltyp: How To
Zuletzt geändert: 17 Feb. 2025
Version:  16
Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen
Support Services
Prüfen Sie, ob Ihr Gerät durch Support Services abgedeckt ist.