Step 1. Install Cortex XSOAR - Administrator Guide - 8.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR On-prem Documentation

Product
Cortex XSOAR
Version
8.5
Creation date
2024-03-10
Last date published
2024-11-28
Category
Administrator Guide
Solution
On-prem
Abstract

Learn how to install Cortex XSOAR On-prem, view system requirements, and add a license.

To install a Cortex XSOAR 8 tenant, you need to log into Cortex Gateway, which is a portal for downloading the relevant image file and license. If you have multiple or development tenants, you must repeat this task for each tenant.

Before you begin

  • A Customer Support Portal (CSP) account.

    You need to set up your CSP account. For more information, see How to Create Your CSP User Account.

    When you create a CSP account you can set up two-factor authentication (2FA) to log into the CSP, by using an Email, Okta Verfiy, or Google Authenticator (non-FedRAMP accounts). For more information, see How to Enable a Third Party IdP.

  • You have one of the following roles assigned:

    Role

    Details

    CSP role

    The Super User role is assigned to your CSP account. The user who creates the CSP account is granted the Super User role.

    Cortex role

    You must have the Account Admin role.

    If you are the first user to access Cortex Gateway with the CSP Super User role, you are automatically granted Account Admin permissions for the Cortex Gateway. You can also add Account Admin users as required.

  • Review the System Requirements for deployment.

  • Have a basic understanding of how to deploy OVA or VHD file formats.

  • Add DNS records that point the following host names to the cluster IP address.

    FQDN

    Details

    Cluster FQDN

    The Cortex XSOAR DNS name for accessing the UI. For example, xsoar.mycompany.com.

    API-FQDN

    The Cortex XSOAR DNS name that is mapped to the API IP address. For example, api-xsoar.mycompany.com.

    ext-FQDN

    : The Cortex XSOAR DNS name that is mapped to the external IP address. For example, ext-xsoar.mycompany.com.

Install Cortex XSOAR

  1. From the Cortex Gateway, in the Available for Activation section, use the serial number to locate the tenant to download.

  2. Click Download On Prem.

  3. If you want to use a production and a development tenant with a private remote repository, select Dev.

    If you don't select it now, you can install a development tenant later.

  4. Download one of the following image files.

    • OVA: Supported by VMWare.

    • VHD: Supported by Microsoft Hyper-V.

    You can deploy a single node (standalone) or a cluster (three or more nodes).

  5. Depending on the image file, do one of the following:

  6. After installation, add the Cortex XSOAR license.

  7. Optionally perform post-installation maintenance, including scaling up hardware resources and using your own X.509 certificate for a secure HTTP connection.

  8. If you want to install a development machine, install the image files on the Development machine.

For more information, see Cortex XSOAR Installation.