Grant the permissions required to allow the Secure Access Module to run on endpoints on macOS versions 15 or later.
 |
ImportantThe steps and screens contained in these instructions were valid as of February 2025.
|
After the Secure Access Module is deployed to a macOS endpoint, the end user must
grant a series of required permissions when opening or signing into Zero Trust
Secure Access for the first time.
Procedure
- Allow the Zero Trust Secure Access system extension to control network access:
- Sign into Zero Trust Secure Access on the end-user device.
- Click Continue on the dialog box that appears.A screen with instructions for allowing system extensions appears.
- Click Open Login Items & Extensions.A System Settings page open along with a pop-up message stating that Zero Trust Secure Access would like to use a the network extension.
- Click Open System Settings.The Network Extensions popup opens.
- Toggle on the Zero Trust Secure Access network extension and click Done.
- On the Zero Trust Secure Access Allow System Extension page, click Verify.
- Update the Certificate Trust Settings by entering your password and clicking Update.
- Grant notification permissions to be alerted when Zero Trust Secure Access blocks
network access:
- Sign into Zero Trust Secure Access on the end-user device.
- Click Options on the notification that appears.
- Click Allow.
Tip
Notifications can also be enabled later from System Settings/Notifications Zero Trust Secure Access item.
- Allow Zero Trust Secure Access to access system events to enable the collection of
device posture information.
- Sign into Zero Trust Secure Access on the end-user device..
- Click OK to allow control of system events.
Note
System event access can also be enabled later from Permission Management within Zero Trust Secure Access.
- Allow Zero Trust Secure Access to set up the required VPN:
- Open Zero Trust Secure Access on the end-user device.
- Click Allow to allow Zero Trust Secure Access to add VPN configurations.