Network Configuration - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Pro Administrator Guide

Product
Cortex XDR
License
Pro
Creation date
2024-07-16
Last date published
2024-12-01
Category
Administrator Guide
Retire_Doc
Retiring
Link_to_new_Doc
/r/Cortex-XDR/Cortex-XDR-Documentation
Abstract

Cortex XDR Network Configuration provides a representation of your network assets by collecting and analyzing your network resources.

Network asset visibility is a crucial investigative tool in discovering rogue devices in your network and preventing malicious activity. Understanding how many managed and unmanaged assets are part of your network provides you with vital information to better assess your security exposure and track network communication.

Cortex XDR Network Configuration provides an accurate representation of your network assets by collecting and analyzing the following network resources.

  • User-defined IP Address Ranges and Domain Names associated with your internal network

  • EDR data collected by Firewall Logs

  • Cortex XDR Agent Logs

  • ARP Cache

  • Broker VM Network Mapper

  • Pathfinder Data Collector

In addition to the network resources, Cortex XDR allows you to configure in your Windows Agent Profile a Cortex XDR agent scan of your endpoints using Ping that provides updated identifiers of your network assets, such as IP addresses and OS platforms. The scan is automatically distributed by Cortex XDR to all the agents configured in the profile and cannot be initiated by request.

With the data aggregated by Cortex XDR Network Configuration you can locate and manage your assets more effectively and reduce the amount of research required to.

  • Distinguish between assets managed and unmanaged by a Cortex XDR agent.

  • Identify assets that are part of your internal network.

  • Track network data communications from within and outside your network.