Pairing Prisma Cloud Compute with Cortex XDR (Beta) - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Pro Administrator Guide
Product
Cortex XDR
License
Pro
Creation date
2024-02-26
Last date published
2024-04-21
Category
Administrator Guide
Abstract

Learn how to pair Prisma Cloud Compute with Cortex XDR for use with the unified cloud security agent.

Note

Pairing requires a Cortex XDR Pro per Endpoint license.

Cortex XDR and Prisma Cloud Compute are offering a unified cloud security agent for Linux. The Cloud Security Agent provides end to end prevention and vulnerability coverage on Linux cloud environments. 

The Cloud Security Agent has a single management server that is based on a Cortex XDR tenant. Policy management, data, and alerts are managed first between the Cortex XDR tenant and the Cloud Security Agent, and then runtime protection and vulnerability coverage can be provided on Prisma Cloud Compute and Cortex XDR.

Prerequisites

To enable the capabilities of the Cloud Security Agent, the Prisma Cloud Compute tenant must be paired with an existing Cortex XDR tenant. Pairing is one to one, with the two tenants being in the same region.

Pairing Prisma Cloud Compute to Cortex XDR can only be done when both Cortex XDR and Prisma Cloud Compute tenants are already active.

Pair Prisma Cloud Compute with Cortex XDR

  1. From the Prisma Cloud Compute console, copy the access pairing key.

    1. Select ManageSystem, and scroll to Pair Cortex XDR Tenant.

    2. Click the copy icon to copy the Access Key, which is the pairing key used in Cortex XDR.

  2. Paste the pairing key in Cortex XDR.

    1. Select  SettingsConfigurationsServer Settings, and scroll to Prisma Cloud Compute Tenant Pairing.

    2. Paste the Prisma Cloud pairing key and click Pair.

    After a few seconds, the Cortex XDR and Prisma Cloud Compute tenants are paired.

    A Successfully paired with <Prisma Tenant URL> message will be shown.

Unpair Prisma Cloud Compute from Cortex XDR

  1. The two paired tenants can be unpaired from either

    console.

    • In Cortex XDR, select SettingsConfigurationsServer Settings, and scroll to Prisma Cloud Compute Tenant Pairing.

    • In Prisma Cloud Compute, select ManageSystem, and scroll to Pair Cortex XDR Tenant.

  2. Click Unpair.

    Note

    Note that all Advanced Vulnerability settings (under the Agent Settings profile) will be reset and all Agent Installations created via the Prisma Cloud Compute console will be deleted.

  3. Confirm the unpairing by clicking Yes at the warning message.

    After a few seconds, the Cortex XDR and Prisma Cloud Compute tenants are unpaired.

    Note

    • When unpairing, the Active Vulnerability Analysis Module under the Agent Settings profile is reset to Disable mode.

    • If Prisma Cloud and Cortex XDR are to be paired again, the Active Vulnerability Analysis Module must be enabled manually.