CylancePROTECT Desktop configuration requirements for macOS and later
CylancePROTECT Desktop
configuration requirements for macOS
and laterWhen installing
CylancePROTECT Desktop
agent version 2.1 or later on devices running macOS
, note the following configuration requirements. The requirements depend on whether devices are managed by an MDM solution (for example, Jamf Pro).MDM managed devices
The information below uses Jamf Pro as the MDM solution, but it is applicable to other MDM solutions.
Requirement | Steps |
---|---|
General settings | Create a configuration profile and specify the following settings in the General tab:
|
Enable the CylancePROTECT kernel extension. (macOS 10 only) | Configure the following settings from the Approved Kernel Extensions option:
|
Enable the CylancePROTECT system extension. (macOS 11+) | Configure the following settings from the System Extensions option:
|
Enable full disk access for the CylancePROTECT agent and system extensions. | Configure the following settings from the Privacy Preferences Policy Control option. Add an App Access configuration and specify the following settings:
Add another App Access configuration and specify the following settings:
|
Notifications | In the Notifications tab of the configuration profile, the following settings are recommended:
|
Scope | Configure the following settings in the Scope tab:
|
Restart after installation. | After you complete the configuration steps above and install the CylancePROTECT Desktop agent, restart the device. |
Devices that are not MDM managed
On devices that are not MDM managed, the user receives a prompt to approve the "CylanceES System Extension" after installing the
macOS
agent on the device. Follow these instructions from the prompt to enable the system extension and allow full disk access. Users can also tap the notification from "CylanceUI" to configure its notification settings. - ClickOpen Security Preferences. This opens theSystem Preferences>Security & Privacy>Generaltab.
- If necessary, click the lock to authenticate the changes and clickAllow.
- Beside theSystem software from application 'CylanceES' was blocked from loadingmessage, clickAllowto approve the extension.
- To enable full disk access, on the device, navigate toSystem Preferences>Security & Privacy>Privacytab.
- If necessary, click the lock to authenticate the changes and clickAllow.
- Scroll down and clickFull Disk Access.
- SelectCylanceEsExtension.
- Allow notifications for the agent from theSystem Preferences>Notifications>CylanceUItab.