Set up Overview - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Prevent Administrator Guide

Product
Cortex XDR
License
Prevent
Creation date
2023-10-31
Last date published
2024-02-14
Category
Administrator Guide
Abstract

Learn more about activating and setting up Cortex XDR Prevent.

Before you can use Cortex XDR Prevent, you must set up and activate the Cortex XDR app and set up related apps and services.

  1. Plan Your Deployment.

  2. Set up Cortex XDR

    1. Activate Cortex XDR.

    2. Assign User Roles and Permissions.

    3. Allocate Log Storage.

  3. Set up Palo Alto Networks Data Ingestion.

    You can configure Cortex XDR to stream data from other Palo Alto Networks products directly to your tenant or via Strata Logging Service. To stream data directly, you need to first deploy your network devices and then set up your Palo Alto Networks Integrations.

    Note

    Strata Logging Service licenses created as a part of existing Cortex XDR Licenses will remain intact until the end of your remaining contract.

  4. Set up Endpoint Protection.

    1. Plan your Cortex XDR agent deployment.

    2. Create Cortex XDR agent installation packages.

    3. Define endpoint groups.

    4. Deploy the Cortex XDR agent to your endpoints.

    5. Configure your endpoint security policy.

  5. (Optional) Set up Outbound Integration.

    • Integrate with Slack.

    • Integrate with a Syslog Server.

    • Integrate with Cortex XSOAR.

  6. (Optional) Set up Managed Security.

  7. Get started using Cortex XDR.