Engine requirements - Administrator Guide - 8.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR On-prem Documentation

Product
Cortex XSOAR
Version
8.5
Creation date
2024-03-10
Last date published
2024-10-31
Category
Administrator Guide
Solution
On-prem
Abstract

Hardware, OS, and required URLs for engines.

You can install engines on all Linux machines. Docker/Podman needs to be installed before installing an engine. If you are using the shell installer for an engine, Docker/Podman is installed automatically.

Note

The Cron package is required for installing engines on a Linux machine.

Engine hardware requirements

If your hard drive is partitioned, we recommend a minimum of 50 GB for the /var partition.

Component

Dev Environment Minimum

Production Minimum

CPU

8 CPU cores

16 CPU cores

Memory

16 GB RAM

32 GB RAM

Storage

100 GB

100 GB

Note

If using Podman, we recommend reserving 150 GB for container storage, either in the /home partition or a different storage directory that you have set using the rootless_storage_path key. For more information, see Change container storage directory.

Operating system requirements

You can deploy a Cortex XSOAR engine on the following operating systems:

Operating System

Supported Versions

Ubuntu

18.04, 20.04, 22.04

RHEL

8.0, 8.1, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 8.8, 8.9, 9.0, 9.1, 9.2, 9.3

Oracle Linux

7.x

Amazon Linux

2

Note

Centos 8.x reached End of Life (EOL) on December 31, 2021, and is no longer a supported operating system.

Centos 7.x reached End of Life (EOL) on June 30, 2024, and is no longer a supported operating system.

Engine required URLs

You need to allow the following URLs for Cortex XSOAR engines to operate properly.

The endpoint URL is: wss://api-<tenant domain>/xsoar/d1ws

FUNCTION

SERVICE

PORT

DIRECTION

Integrations

Integration-specific ports

Outbound

Engine connectivity

HTTPS

443 (configurable)

Outbound

Docker

  • https://registry-1.docker.io

  • https://registry.fedoraproject.org

  • https://registry.access.redhat.com

  • https://docker.io

  • https://registry.docker.io

  • https://auth.docker.io

    This URL may change according to Docker’s discretion.

  • https://production.cloudflare.docker.com

    This URL may change according to Docker’s discretion.

443

Outbound