This article provides information about support for Apple MacOS 10.13 by Sophos Anti-Virus / Endpoint Protection The following sections are covered:
Applies to the following Sophos products and versions Sophos Anti-Virus for Mac OS XSophos Cloud Managed Endpoint 9.6.3 (Mac)
Operating systems MacOS 10.13
The following versions of SAV support MacOS 10.13:
Due to a new security mechanism that Apple has released with MacOS 10.13, called Secure Kernel Extension Loading (SKEL), all non-Apple kernel extension (what we use to intercept files, etc) vendors must be manually added to a trusted list (Any user can add this). This allows the kernel extensions to load and is required for Sophos Anti-Virus to function properly. All 3rd party vendors are impacted by this change, and it is not possible to work around this requirement.
Note: Due to an Apple security restriction, this cannot be done via a remote desktop connection. There must be a locally logged on user. The Allow button will show, but be grayed out if it is accessed via remote desktop.
Once authorized, all future Sophos kernel extensions are allowed, even after uninstallation. This step is not needed again on a reinstall. Kernel extensions already installed during an upgrade from MacOS 10.12 are automatically authorized.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.