Palo Alto Networks Integrations - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Prevent Administrator Guide

Product
Cortex XDR
License
Prevent
Creation date
2023-10-31
Last date published
2024-02-14
Category
Administrator Guide
Abstract

Cortex XDR supports Palo Alto Networks data ingestion.

Cortex XDR supports streaming data directly from Prisma Access accounts and New-Generation Firewalls (NGFW) and Panorama devices to your Cortex XDR tenants using the Cortex XDR Native Data Lake.

Ensure you have deployed Panorama and NGFW, and hold Super User permissions to your Customer Support Account (CSP).

Note

You can only stream data from devices in the same region.

Once your tenant has been activated, navigate to the Collection Integrations page to configure your integrations. All devices and accounts allocated to your CSP accounts are available to integrate.

Existing integrations with Cortex Data Lake (CDL) should be migrated to Cortex Native Data Lake. You can select to migrate manually in the Collection Integrations page, or Cortex XDR will automatically migrate two weeks prior to the end of your current CDL contract.