Firewall Network Extension
User Consent and Network Extensions for Skyhigh Cloud Firewall
You are required to provide explicit approvals and consents during the installation and initial policy update of Client Proxy Software on the endpoints.
- A new approval for the application “ep-client” is required to load new system extension(s) related to Cloud Firewall.
NOTE: In case, the above extension is not allowed, in SCP status firewall data is shown as not configured.
- To Allow the application” ep-client”, go to System Settings > Security & Privacy.
- After allowing the application, another consent appears ep-client requests for user consent to install network content.
- After providing the user consent, New System Extension adaptors are shown in system settings.
NOTE: Until the consent is given, Client Proxy will not redirect any traffic to Cloud Firewall. If you select Don't Allow for adaptors, you need to restart Client Proxy manually to get the permission window again.
- To restart SCP, follow this command- sudo /usr/local/McAfee/Scp/bin/scpcontrol.sh restart.
- In Skyhigh Client Proxy tunnel status shows Connected after providing all the required consents.