Hardware, OS, and required URLs for engines.
You can install engines on all Linux environments. Docker/Podman needs to be installed before installing an engine. If you are using the shell installer for an engine, Docker/Podman is installed automatically.
Note
The Cron package is required to install engines on a Linux machine.
If your hard drive is partitioned, we recommend a minimum of 50 GB for the /var partition.
Component | Dev Environment Minimum | Production Minimum |
|---|---|---|
CPU | 8 CPU cores | 16 CPU cores |
CPU architecture | x86_64 only | x86_64 only |
Memory | 16 GB RAM | 32 GB RAM |
Storage | 100 GB | 100 GB |
You can deploy a Cortex Cloud engine on the following operating systems:
Operating System | Supported Versions |
|---|---|
Ubuntu | 18.04, 20.04, 22.04, 24.04 |
RHEL | 8.x, 9.x, 10.x Includes all minor versions. |
Oracle Linux | 7.x, 8.9, 9.3, 9.4 |
Amazon Linux | 2, Amazon Linux 2023 |
Rocky Linux | 9.5, 9.6 |
Note
CentOS 8.x reached End of Life (EOL) on December 31, 2021, and is no longer supported as an operating system.
CentOS 7.x reached End of Life (EOL) on June 30, 2024, and is no longer supported as an operating system.
You need to allow the following in the URLs for Cortex Cloud engines to operate properly. The URLs are needed to pull container images from public Docker registries.
The endpoint URL is: wss://api-<tenant domain>.xdr.<region>.paloaltonetworks.com/xsoar/d1ws. For example,
Note
If you have configured a range of Approved IP Ranges under Allowed Sessions on the Security Settings page, the engine must communicate through one of the approved IPs.
FUNCTION | SERVICE | PORT | DIRECTION |
|---|---|---|---|
Integrations | Integration-specific ports | Outbound | |
Engine connectivity | HTTPS | 443 (configurable) | Outbound |
Docker |
| 443 | Outbound |