macOS High Sierra introduced two new features:
- Apple File System (APFS)
- User-approved kernel extension loading
Apple File System (APFS)
Upgrading to macOS High Sierra converts flash storage-based systems from HFS+ to APFS automatically. Systems with hard disk drives (HDD) and Fusion drives are not converted to APFS, but will support macOS High Sierra on HFS+ file systems. Apple File Protocol (AFP) is no longer supported from APFS volumes. SMB or NFS are supported file sharing solutions. See Prepare for APFS in macOS High Sierra for more information.
- FileVault — volumes are automatically converted from HFS+ to APFS.
- APFS — HFS+ volumes greater than macOS 10.12.6 can read and write to APFS volumes.
- Boot Camp — is supported when upgrading to macOS High Sierra, unless the Boot Camp volume is greater than 3 TB and resides on a Fusion Drive.
- Directory Services — only Windows Server Active Directory functional level domains 2008 or newer are supported by macOS High Sierra.
- System Integrity Protection (SIP) — macOS High Sierra protects the /var/db/ConfigurationProfiles directory. The profiles (1) command can be used to modify this directory.
- Security — macOS High Sierra, iOS 11 and tvOS 11 remove support for TLS connections using SHA-1 certificates (use SHA-2 instead), RSA key sizes smaller than 2048 bits (across TLS) and uses TLS 1.2 as the default for EAP-TLS negotiation.
- Content Caching — virtual machines are disallowed for content caching.
User-approved kernel extension loading
Administrator or standard user approval is required before loading new third-party kernel extensions. Kernel extensions that are installed at the time of upgrade to macOS 10.13 do not need to be approved. A future version of macOS High Sierra will be able to use MDM to enable or disable User Approved Kernel Extension Loading. See Prepare for changes to kernel extensions in macOS High Sierra for more information.