Hardware, OS, and required URLs for engines.
You can install engines on all Linux and Windows machines. Although engines are intended for Linux operating systems, they can be used on Windows, but Windows machines must be configured to run Linux containers. Docker/Podman needs to be installed before installing an engine. If you are using the shell installer for an engine, Docker/Podman is installed automatically.
If your hard drive is partitioned, we recommend a minimum of 50 GB for the /var partition.
Component | Dev Environment Minimum | Production Minimum |
|---|---|---|
CPU | 8 CPU cores | 16 CPU cores |
Memory | 16 GB RAM | 32 GB RAM |
Storage | 100 GB | 100 GB |
You can deploy a Cortex XSIAM engine on the following operating systems:
Operating System | Supported Versions |
|---|---|
CentOS | 7.x |
Ubuntu | 18.04, 20.04, 22.04 |
RHEL | 8.0, 8.1, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 8.8, 8.9, 9.0, 9.1, 9.2, 9.3 |
Oracle Linux | 7.x |
Amazon Linux | 2 |
Note
Centos 8.x reached End of Life (EOL) on December 31, 2021, and is no longer a supported operating system.
You need to allow the following in the URLs for Cortex XSIAM engines to operate properly.
The endpoint URL is: wss://api-<tenant domain>.xdr.<region>.paloaltonetworks.com/xsoar/d1ws. For example, wss://api-my-tenant.xdr.us.paloaltonetworks.com/xsoar/d1ws
FUNCTION | SERVICE | PORT | DIRECTION |
|---|---|---|---|
Integrations | Integration-specific ports | Outbound | |
Engine connectivity | HTTPS | 443 (configurable) | Outbound |
Docker |
| 443 | Outbound |