search cancel

Endpoint Protection reports incomplete setup after upgrading macOS to Ventura


Article ID: 254042


Updated On:


Endpoint Protection


Apple has reported a problem with the Ventura version of the Mac Operating System which causes several possible issues for Symantec Endpoint Protection (SEP) or Endpoint Security (SES).

1) After upgrading the Mac operating system to version 13 "Ventura", you may see a cross on the SEP tray icon.
2) You launch the agent UI (e.g. through the "Fix Now" option from the tray icon), and the Setup Wizard launches and requests Full Disk Access (FDA).
3) You may see that the Full Disk Access toggle is off for "Symantec System Extension".
4) You may see that the Full Disk Access toggle is on for "Symantec System Extension" but SEP is not functioning as expected. 
5) After completing the Setup Wizard, SEP notifies you that it is missing Full Disk Access (FDA).
6) During the Setup Wizard, you may be asked to allow Network Filter profiles even if these were created already.


  • Ventura 13.0, 13.1 +
  • macOS
  • All valid SEP supported versions including 14.3 RU5 and RU6


These situations stem from the same root cause. A defect in Ventura 13.1 causes any third-party vendor using the Endpoint Security API to lose FDA authorization. Apple has not supplied a fix at the time of writing. This is detailed here:


Ignore the notification of the Network Filter prompt during the setup wizard. Complete the FDA authorization first. If you see the symptoms in #6 above, SEP automatically launches the Network Filter wizard whenever it is missing Full Disk Access. Therefore rectify the FDA authorization first and dismiss the popup.

If you notice any of the symptoms in steps 1-5 described in the Introduction section above, then:

  • If the FDA is toggled off, toggle it back on.
  • If the FDA is toggled on, toggle it off, then toggle it on again.
  • If cycling the toggle does not help, remove the "Symantec System Extension" from the FDA list (by selecting the item from the list and click on the "-" button and apply the change). The "Fix Now" message appears. Click this, add the "Symantec System Extension" back to the FDA list, and then toggle FDA on.

Additional Information

Profiles granted by MDM are not impacted by this defect.