Configure Permissions to Enable WatchGuard Endpoint Security in Mac Devices

Applies To: WatchGuard Advanced EPDR, WatchGuard EPDR, WatchGuard EPP

This topic explains how to enable system extensions and full disk access for WatchGuard Endpoint Security on Mac devices.

WatchGuard Endpoint Security will not function properly unless you enable kernel or system extensions and Full Disk Access. Complete these instructions for your macOS version if you receive a 4500 error. For more information, go to WatchGuard Agent – Installation and Upgrade Error Messages.

When you run the app installer on your Mac device, you might get a System Extensions Blocked message that prompts you to enable services and extensions:

EndpointProtectionService (System Extensions)
Protection Agent (Full Disk Access)
NextLoader (Network Extension)
EndpointProtectionService (Login Item)

Refer to the appropriate section below.

Enable EndpointProtectionService from Login Items (macOS Ventura 13 or higher)

Open the WatchGuard Endpoint Security software.
In My Alerts, click Allow EndpointProtectionService.

In the Login Items dialog box, enable the EndpointProtectionService.app toggle.

Allow System Extension Permission (macOS Catalina 10.15 or higher)

Open your product and in My Alerts, click Open Security Preferences Panel.

Below System software from application EndpointProtectionService was blocked from loading, click Allow.

In macOS Catalina 10.15, you must click the lock icon before you can click Allow. You are prompted to enter your user password.

Enable Full Disk Access for Endpoint Protection Service (macOS Catalina 10.15 or higher)

You must also enable Full Disk Access for the endpoint protection service.

To enable Full Disk Access:

Open the WatchGuard Endpoint Security software.
In My Alerts, click Open Hard Disk Access Preferences.

Enable Protection Agent Service.

To reopen the app and apply the changes, click Quit & Reopen.

Screen shot of restart dialog box

Enable NextLoader Network Extension (macOS Catalina 10.15 or higher)

If you have macOS protection version v3.00.00 or higher, you must allow the NextLoader network extension.

Open the WatchGuard Endpoint Security software.
In My Alerts, click Open Security Preferences Panel.

Click Open System Settings.

To unblock the NextLoader network extension, click Allow.

In the Filter Network Content dialog box, click Allow.

© 2024 WatchGuard Technologies, Inc. All rights reserved. WatchGuard and the WatchGuard logo are registered trademarks or trademarks of WatchGuard Technologies in the United States and other countries. Various other trademarks are held by their respective owners.