Install Engines on Tenants in a Multi-Tenant Deployment - Multi-Tenant Guide - EoL - 6.11 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Multi-Tenant Guide

Product
Cortex XSOAR
Version
6.11
Creation date
2022-12-12
Last date published
2024-07-16
Category
Multi-Tenant Guide
End of Life > EoL
Abstract

Install engines on tenants in a Cortex XSOAR multi-tenant deployment. Configure firewall to allow communication between engine and server.

Engines created on tenants use a different encryption handshake for each tenant and connect back to the tenant through the main host server.

  1. Configure the base URL.

    1. On the tenant, go to SettingsABOUTTroubleshooting.

    2. In the Base URL (for D2 Agents and Engines) field, enter the external tenant URL address in the following format:

      <main account external address>/<tenant account name>

      For example, demisto.com:443/acc_myaccount

  2. Download and install the engine.

    1. Go to SettingsINTEGRATIONSEngines.

    2. Click Create New Engine.

    3. Select and download the appropriate installer file.

    4. Install the engine on the appropriate remote machine.

  3. Propagate the engine to tenants.

    1. Go to SettingsIntegrationsEngines, select the engine, and click Load-Balancing and Propagation.

    2. Assign one or more engine propagation labels.

    3. If you want to allow use of the engine for tenant specific integration instances, select Allow tenants to use this engine for custom integration instances. If you do not select this option, the engine can only be used with integration instances that were assigned the engine on the main account level and were propagated to tenants.

    4. Go to SettingsAccount ManagementAccounts, and Sync your selected tenant(s).

  4. Go to SettingsINTEGRATIONSEngines and verify that the engine is connected.

    In many cases the Cortex XSOAR server has a firewall because the engine is probably installed in a different network. The firewall might stop any communication between the engine machine and the Cortex XSOAR server.

    Ensure that the engine machine is able to communicate with the main host server. You can use Telnet, or any similar tool to check the engine has access to the main account before you install it. If there is a firewall you may need to allow access from the machine that hosts the engine, so that it can communicate back on port 443 (or any other port the main host may use) or set an ANY ANY rule.