Bitdefender system extension blocked in macOS
This article describes how to troubleshoot Bitdefender system extension blocked in macOS after installing Bitdefender Endpoint Security Tools.
Bitdefender uses system extensions on macOS to ensure Bitdefender Endpoint Security Tools cannot be tampered with and to provide Content Control and Device Control functionality.
Until the user approves the Bitdefender system extension, BEST tamper protection, Content Control and Device Control modules do not work. Also, BEST user interface shows a critical issue.
Note
System extensions do not require approval if they are replacing previously approved extensions.
Issue
Immediately after installing BEST on macOS, the operating system shows the following warning:
"System Extension Blocked
The application "SecurityNetworkInstallerApp tried to load new system extension(s). If you want to enabled these extensions, open Privacy & Security in System Settings."
Note
You may receive one or several System Extension Blocked warnings, depending on the number of protection modules installed with Bitdefender Endpoint Security Tools.
If the endpoint user does not allow the Bitdefender system extensions to load, BEST user interface displays the "You are at risk" warning.
Solution
When you receive the System Extension Blocked warning message, follow these steps on Mac:
Click Open System Settings in the warning window, if available.
Alternatively, access system settings in the Dock or in the Apple menu.
Go to the Privacy & Security section.
Click Allow for the blocked system software from Bitdefender.
Note
In some situations, the Allow button may be disabled:
When you remotely access the computer.
When a remote connection is open or was recently open. To enable the Allow button you may need to restart the computer.
If you are using a third-party application to emulate mouse or trackpad, such as MagicPrefs, BetterTouchTool, Synergy. Close the application to enable the Allow button.
After allowing Bitdefender system extension, BEST user interface informs you that your Mac is safe.
Important
System administrators can use MDM to whitelist specific system extensions and thus suppress these warnings. For more details, please refer to these Apple resources:
https://developer.apple.com/library/content/technotes/tn2459/_index.html
System administrators can whitelist system extensions based on the Bitdefender Team ID: GUNFMW623Y. For details about using MDM tools like Jamf Pro, refer to Whitelisting Bitdefender extensions in Jamf Pro 10.x.
GravityZone console does not currently provide information about Mac endpoints with unapproved Bitdefender system extensions. It is recommended to disable Silent Mode to make sure users can view the issue if they ignore the system prompt.
Important
In macOS, BEST requires additional approvals from users besides system extensions. For details, refer to this topic.