Επεξεργασία

Manage system extensions using the manual methods of deployment

  • Άρθρο

This article describes the procedures involved when deploying Microsoft Defender for Endpoint manually.

Manual deployment

System Extensions

You might see the prompt that's shown in the following screenshot:

The system extensions blocked prompt screen.

  1. Select OK. You might get a second prompt as shown in the following screenshot:

    The second prompt regarding system extensions being blocked.

  2. From this second-prompt screen, select OK. You'll receive a notification message that reads Installation succeeded, as shown in the following screenshot:

    The screen displaying the installation succeeded notification message.

  3. On the screen displaying the Installation succeeded notification message, select OK. You'll return to the following screen:

    The Microsoft Defender for Endpoint menu containing the x symbol.

  4. From the menu bar, click the x symbol on the shield. You'll get the options shown in the following screenshot:

    The screen on clicking the x symbol in the shield.

  5. Select Action needed. The following screen appears:

    The Virus & threat protection screen containing the Fix button.

  6. Click Fix on the top-right corner of this screen. You'll get a prompt, as shown in the following screenshot:

    The prompt dialog box on the Virus & threat protection screen.

  7. Enter your password and select OK.

  8. Click The System Preferences icon.

    The System Preferences screen appears.

    The System Preferences screen.

  9. Click Security & Privacy. The Security & Privacy screen appears.

    The Security & Privacy screen.

  10. Select Click the lock to make changes. You'll get a prompt as shown in the following screenshot:

    The prompt on the Security & Privacy screen.

  11. Enter your password and click Unlock. The following screen appears:

    The screen that is displayed on clicking Unlock.

  12. Select Details, next to Some software system requires your attention before it can be used.

    The screen that is displayed on clicking Details.

  13. Check both the Microsoft Defender checkboxes, and select OK. You'll get two pop-up screens, as shown in the following screenshot:

    The popup that appears on checking both the checkboxes.

  14. On the "Microsoft Defender" Would like to Filter Network Content pop-up screen, click Allow.

  15. On the Microsoft Defender wants to make changes pop-up screen, enter your password and select OK.

If you run systemextensionsctl list, the following screen appears:

The resultant screen of running the systemextensionsdcl list.

Accessibility

  1. On the Security & Privacy screen, select the Privacy tab.

    The Privacy tab.

  2. Select Accessibility from the left navigation pane, and click +.

    The Accessibility menu item and the Plus icon.

  3. From the resultant screen, select Applications from the Favorites pane in the left-side of the screen; select Microsoft Defender; and then select Open at the bottom-right of the screen.

    The process of selecting Applications and Microsoft Defender.

  4. From the resultant screen, check the Microsoft Defender checkbox.

    Checking the Microsoft Defender checkbox.

Full Disk Access

  1. On the Security & Privacy screen, select the Privacy tab.

  2. Select Full Disk Access from the left navigation pane, and then click the Lock icon.

    The Full Disk Access option in the menu and the Lock icon.

  3. Confirm that the Microsoft Defender extension has full disk access; if not, check the Microsoft Defender checkbox.

    Checking the MD checkbox.

Notifications

  1. From the System Preferences home screen, select Notifications.

    The Notifications option in the System Preferences screen.

    The Notifications screen appears.

  2. Select Microsoft Defender from the left navigation pane.

  3. Enable the Allow Notifications option; select Alerts, and retain the default settings as is.

    Selecting Microsoft Defender option from the Notifications screen.

What a healthy system looks like

mdatp health output

The mdatp health output screen.

Check the system extensions

In terminal, run the following command to check the system extensions:

systemextensionsctl list

The execution of this command is shown in the following screenshot:

The command to check the system extensions.