Before deploying your tenant, consider your use case and what you need to optimize your tenant.
Before you start your Cortex XSOAR deployment, consider the following:
Do you need Cortex XSOAR to communicate with internal or external applications that a firewall or proxy may block?
You may need to create an engine to enable communication or load balancing.
Do you need a repository for content development?
Subject to your license, you can activate a development tenant and use either the built-in remote repository or a private remote repository (Git-based) to test and develop content before using it in a production environment.
How do you want users to access Cortex XSOAR? Do you need to set up SSO?
Do you need to restrict user roles to certain actions?
How do you want to secure requests between main and child tenants (for multi-tenant) or your content management?
Do you want to use SSL or a self-signed certificate?
How do you want to communicate with users in Cortex XSOAR?
Cortex XSOAR comes out-of-the-box with the Mail Sender integration, which enables the tenant to send notification emails to users such as updates in the system, incidents, playbooks, and tasks. Do you want to set up an alternative mail sender? Do you want to integrate a communication app, such as Slack?
What steps do you currently take in your day-to-day SOC operations? Which integrations will enable you to automate your most important and time-consuming procedures?