What is a system extension on Mac?

Mac system extensions are application bundles used to extend the functionality of a macOS device. They allow developers to create apps with enhanced functionalities without giving them kernel-level access to the system. It is an alternative to Kernel extensions (KEXTs).  

Unlike Kernel extensions, system extensions run in the user space of macOS outside the kernel. System extensions work in the background to extend the functionality of your Mac. Even though it offers an opportunity to create apps with advanced functionalities, it has the potential to compromise the stability and security of the Mac. As a result, they are bound to obey the system security policies, thereby improving the stability of the system. Also, these extensions are granted high-level privileges and can perform tasks that were previously reserved for KEXTs. System extensions are replacing KEXTs as they won’t compromise the security and stability of macOS and are controlled by Mac’s security rules.  Additionally, with System Extensions, developers are free to write code in any programming language.  

System Extensions provide enhanced system stability without sacrificing power. The system extensions can be driver extensions, network extensions, and endpoint security extensions. These extensions are to be packed inside the app bundle and are installed on the system during runtime. You will have to remove the app to delete or disable the extension.   

UEM solutions like Hexnode offers policies to load applications and installers that use system extension on Mac devices and allow admins to set restrictions on loading user-approved system extensions.