Fortinet black logo

Administration Guide

Home FortiEDR/XDR 5.1.0 Administration Guide
5.1.0
6.2.0
6.0.0
5.2.1
5.2.0
5.1.0
5.0.0
4.2.0
4.1.1
4.1.0

Installing a FortiEDR Collector on a Mac Operating System

Installing a FortiEDR Collector on a Mac Operating System

To install a FortiEDR Collector on a Mac operating system that is running with Big Sur (version 11) or above:

The process described below includes a description of how to allow the following upon first FortiEDR Collector installation:

  • System Extensions
  • Network Extensions
  • Full Disk Access

IMPORTANT: Failure to add these permissions will result in incomplete protection.

Deployment can also be managed using an MDM, such as Jamf.

  1. Double-click the *.dmg file named FortiEDRCollectorInstallerOSX_4.1.x.dmg.

  2. Click Continue.

  3. Click Install. Enter the Mac password at the prompt.

  4. In the Collector Conifguration page, specify the Aggregator's address and FortiEDR registration password. Optionally, you can select a desitination Organization and Collector Group and/or installation using a system proxy.

  5. Click Apply to start the installation process.
  6. Perform the following during installation:
    1. Enable Network and System Extensions, shown below:
      1. Open Security Preferences.
      2. Click the lock at the bottom of the window in order to make changes.
      3. In the General tab, click Details.

      4. Mark both checkboxes in order to allow FortiEDR to use Netword and System Extensions.
      5. Click OK in the System Extension Blocked Window.
    2. Enable Full Disk Access by performing the following:
      1. Open Security Preferences.
      2. Click the lock at the bottom of the window in order to make changes.
      3. In the Privacy tab, select Full Disk Access from the left pane.
      4. Mark the checkboxes of both the FortiEDRCollector (FortiEDR in MacOS v11.3 and below) and the FortiEDR_EndPoint applications:
      5. If that FortiEDR application does not display on this page, click the + button.

      6. Click Applications, select FortiEDR and then click Open.

  7. In the popup window, click Later.

  8. Click Allow.

  9. Click OK.
  10. Click Close to complete the process.
  11. When prompted to allow FORTIEDRTRAY notifications, click Allow

  12. Reboot the device.
  13. You can run the following command to check the status of the Collector:
    /Applications/FortiEDR.app/fortiedr_collector.sh status
To install a FortiEDR Collector on a Mac- operating system with versions prior to Big Sur (11), such as Catalina or Mojave:
  1. Double-click the *.dmg file named FortiEDRCollectorInstallerOSX_1.3.0.xxx.dmg.

  2. Double-click the *.pkg file named FortiEDRCollectorInstallerOSX_1.3.0.xxx.pkg

  3. Click Continue
  4. Select the destination disk and click Continue

  5. Specify the installation location and click Install

  6. In the Aggregator Address field, enter the IP address of the Aggregator in the first box and the port of the Aggregator in the adjacent (Port) box.
  7. In the Registration Password field, enter the registration password as described in Launching the FortiEDR Central Manager for the First Time.
  8. Leave the Organization field empty or for a multi-tenant setup, insert the organization to which this Collector belongs (as it appears under the ADMINISTRATION > ORGANIZATIONS tab of the FortiEDR Central Manager).
  9. If you use a web proxy to filter requests in this device’s network, then check the Use System Proxy Settings checkbox. Note that the MacOS must be configured to use a proxy and that the proxy must support HTTPS before installing the Collector (System Preferences > Network > Advanced > Proxies).
  10. Click Apply.

  11. Click Close.
Previous
Next

Installing a FortiEDR Collector on a Mac Operating System

To install a FortiEDR Collector on a Mac operating system that is running with Big Sur (version 11) or above:

The process described below includes a description of how to allow the following upon first FortiEDR Collector installation:

  • System Extensions
  • Network Extensions
  • Full Disk Access

IMPORTANT: Failure to add these permissions will result in incomplete protection.

Deployment can also be managed using an MDM, such as Jamf.

  1. Double-click the *.dmg file named FortiEDRCollectorInstallerOSX_4.1.x.dmg.

  2. Click Continue.

  3. Click Install. Enter the Mac password at the prompt.

  4. In the Collector Conifguration page, specify the Aggregator's address and FortiEDR registration password. Optionally, you can select a desitination Organization and Collector Group and/or installation using a system proxy.

  5. Click Apply to start the installation process.
  6. Perform the following during installation:
    1. Enable Network and System Extensions, shown below:
      1. Open Security Preferences.
      2. Click the lock at the bottom of the window in order to make changes.
      3. In the General tab, click Details.

      4. Mark both checkboxes in order to allow FortiEDR to use Netword and System Extensions.
      5. Click OK in the System Extension Blocked Window.
    2. Enable Full Disk Access by performing the following:
      1. Open Security Preferences.
      2. Click the lock at the bottom of the window in order to make changes.
      3. In the Privacy tab, select Full Disk Access from the left pane.
      4. Mark the checkboxes of both the FortiEDRCollector (FortiEDR in MacOS v11.3 and below) and the FortiEDR_EndPoint applications:
      5. If that FortiEDR application does not display on this page, click the + button.

      6. Click Applications, select FortiEDR and then click Open.

  7. In the popup window, click Later.

  8. Click Allow.

  9. Click OK.
  10. Click Close to complete the process.
  11. When prompted to allow FORTIEDRTRAY notifications, click Allow

  12. Reboot the device.
  13. You can run the following command to check the status of the Collector:
    /Applications/FortiEDR.app/fortiedr_collector.sh status
To install a FortiEDR Collector on a Mac- operating system with versions prior to Big Sur (11), such as Catalina or Mojave:
  1. Double-click the *.dmg file named FortiEDRCollectorInstallerOSX_1.3.0.xxx.dmg.

  2. Double-click the *.pkg file named FortiEDRCollectorInstallerOSX_1.3.0.xxx.pkg

  3. Click Continue
  4. Select the destination disk and click Continue

  5. Specify the installation location and click Install

  6. In the Aggregator Address field, enter the IP address of the Aggregator in the first box and the port of the Aggregator in the adjacent (Port) box.
  7. In the Registration Password field, enter the registration password as described in Launching the FortiEDR Central Manager for the First Time.
  8. Leave the Organization field empty or for a multi-tenant setup, insert the organization to which this Collector belongs (as it appears under the ADMINISTRATION > ORGANIZATIONS tab of the FortiEDR Central Manager).
  9. If you use a web proxy to filter requests in this device’s network, then check the Use System Proxy Settings checkbox. Note that the MacOS must be configured to use a proxy and that the proxy must support HTTPS before installing the Collector (System Preferences > Network > Advanced > Proxies).
  10. Click Apply.

  11. Click Close.
Previous
Next