Due to a new security mechanism that Apple has released with MacOS 10.13, called Secure Kernel Extension Loading (SKEL), all non-Apple kernel extension (what we use to intercept files, etc) vendors must be manually added to a trusted list (Any user can add this). This allows the kernel extensions to load and is required for Sophos Anti-Virus to function properly. All 3rd party vendors are impacted by this change, and it is not possible to work around this requirement.
Note: Due to an Apple security restriction, this cannot be done via a remote desktop connection. There must be a locally logged on user. The Allow button will show, but be grayed out if it is accessed via remote desktop.
After installing Sophos Anti-Virus go to Security & Privacy in the Apple System Preferences window.
Near the bottom of the window, it will list the blocked Kernel Extensions (kexts) by Sophos. Click Allow.
Once authorized, all future Sophos kernel extensions are allowed, even after uninstallation. This step is not needed again on a reinstall.
Some customers have had issues with this, and should do the troubleshooting below.
The following sections are covered:
Applies to the following Sophos products and versions Central Mac EndpointSophos Anti-Virus for Mac OS X
If the kexts do not load after the above steps, or the prompt to allow the kext does not show, here are the steps to authorize the kext manually.
There are some customers who we have seen run into this issue even after these steps. We have opened a ticket with Apple about this, and ask that you contact Sophos Support so we can add the information to the Apple investigation. Note: We do not have a fix for once it gets into this state, we are just passing it along to Apple. Please contact Apple if you wish to get assistance getting it fixed if none of the above steps worked.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.