Step 1: Activate Cortex XDR - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Documentation

Product
Cortex XDR
Creation date
2024-03-06
Last date published
2024-10-01
Category
Administrator Guide
Abstract

Learn how to activate your tenant.

Watch the video here.

For more information about setting up 2FA in the Customer Support Portal, see Two Factor Authentication (2FA) Overview. You can also add an IdP, which is recommended. See How to Enable a Third Party IdP.

To activate a Cortex XDR tenant, you need to log into Cortex Gateway, which is a centralized portal for activating and managing tenants, users, roles, and user groups. After activating the tenant you can then access the tenant. If you have multiple Cortex XDR tenants, you will need to repeat this task for each tenant. The activation process includes accessing Cortex Gateway, activating the tenant, and then accessing the tenant.

Danger

Before you begin, make sure you have the following:

  • Cortex XDR activation email.

  • Customer Support Portal Super User role is assigned to your account.

    Before activating your Cortex XDR tenant, you need to set up your Customer Support Portal account. See How to Create Your Customer Support Portal User Account. When you create a Customer Support Portal account you can set up two-factor authentication (2FA) to log into the Customer Support Portal, by using one of the following:

    • Email

    • Okta Verify

    • Google Authenticator (non-FedRAMP accounts)

    Users who create the Customer Support Portal account are granted the Super User role. If you are the first user to access Cortex Gateway with the Customer Support Portal Super User role, you are automatically granted Account Admin permissions for the gateway.

    You can activate Cortex XDR new tenants, access existing tenants, and create and manage role-based access control (RBAC) for all of your tenants.

How to activate Cortex XDR
  1. Enable and verify access to  Cortex XDR communication servers, storage buckets, and various resources in your firewall configuration. For more information, see Enable access to required PANW resources.

  2. Go to Cortex Gateway .

    You can also access the link from the activation email.

  3. Enter your username and password or multi-factor authentication (if set up) by using your Customer Support Portal account credentials to sign in.

    Once signed in, you can view the following:

    • Tenants that are allocated to your Customer Support Portal account and ready for activation. After activation, you cannot move your tenant to a different Customer Support Portal account.

    • Tenant details such as license type, number of endpoints, and purchase date.

    • Tenants that were activated and are now available. If you have more than one Customer Support Portal account, the tenants are displayed according to the Customer Support Portal account name.

  4. In the Available for Activation section, use the serial number to locate the tenant that needs activation, and then click Activate.

  5. On the Tenant Activation page, define the following:

    • Tenant Name: Enter a name for the tenant. Use a name that is unique across your company account and up to 59 characters long.

    • Region: Geographic location where your tenant will be hosted. For more information, see Cortex XDR supported regions.

    • Tenant Subdomain: DNS record associated with your tenant. Enter a name that will be used to access the tenant directly using the full URL:

      https://<xdr-tenant>.xdr.<region>.paloaltonetworks.com

  6. Select I agree to the terms and conditions of the Privacy policy.

  7. Click Activate.

    The activation process can take about an hour and does not require that you remain on the activation page. Cortex XDR sends a notification to your email when the process is complete.

  8. After activation, from Cortex Gateway, in the Available Tenants when hovering over the activated tenant, do the following:

    • Ensure that you can successfully access the tenant by clicking the Cortex XDR tenant name (when the tenant is active).

    • In the dialog box, view the tenant status, region, serial number, and license details.