Step 1. Activate Cortex XSOAR (Main Tenant) - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Cloud Documentation

Product
Cortex XSOAR
Version
8
Creation date
2024-03-07
Last date published
2024-12-05
Category
Administrator Guide
Solution
Cloud
Abstract

Learn how to activate Cortex XSOAR from the Cortex Gateway.

To set up Cortex XSOAR multi-tenant, you need to activate the Main Tenant in the Cortex Gateway. The Cortex Gateway is a centralized portal for activating and managing tenants, users, roles, and user groups. After activating the tenant you can then access the tenant. You will need to repeat this task for each tenant if you have multiple tenants. The activation process includes accessing the Cortex Gateway, activating the tenant, and then accessing the tenant.

Before you begin, ensure you do the following:

  • The Cortex XSOAR activation email.

  • A Customer Support Portal (CSP) account.

    You need to set up your CSP account. For more information, see How to Create Your CSP User Account.

    When you create a CSP account you can set up two-factor authentication (2FA) to log into the CSP, by using an Email, Okta Verfiy, or Google Authenticator (non-FedRAMP accounts). For more information, see How to Enable a Third Party IdP.

  • You have one of the following roles assigned:

    • The Cortex XSOAR activation email.

    • A Customer Support Portal (CSP) account.

      You need to set up your CSP account. For more information, see How to Create Your CSP User Account.

      When you create a CSP account you can set up two-factor authentication (2FA) to log into the CSP, by using an Email, Okta Verfiy, or Google Authenticator (non-FedRAMP accounts). For more information, see How to Enable a Third Party IdP.

    • You have one of the following roles assigned:

      • CSP role

        The Super User role is assigned to your CSP account. The user who creates the CSP account is granted the Super User role.

      • Cortex role

        You must have the Account Admin role.

        If you are the first user to access Cortex Gateway with the CSP Super User role, you are automatically granted Account Admin permissions for the Cortex Gateway. You can also add Account Admin users as required.

        In the Cortex Gateway, you can activate new tenants, access existing tenants, and create and manage role-based access control (RBAC) for all of your tenants.

After activating the main tenant, you can create child tenants according to your license.

How to activate Cortex XSOAR
  1. Log into Cortex Gateway.

    You can also access the link from the activation email.

  2. Enter your username and password or multi-factor authentication (if set up) by using your CSP account credentials to sign in.

    After you are signed in, you can view the following:

    • If you are a CSP Account Admin, you can see tenants that are allocated to your CSP account and ready for activation. After activation, you cannot move your tenant to a different CSP account.

    • Tenant details such as license type, number of endpoints, indication of license type, either MT or MSSPand purchase date.

    • Tenants that were activated and are now available. If you have more than one CSP account, the tenants are displayed according to the CSP account name.

  3. In the Available for Activation section, use the serial number to locate the tenant that needs activation, and then click Activate as SAAS.

  4. In the Activate XSOAR 8 dialog box, select Start Fresh.

  5. On the Tenant Activation page, define the following:

    Parameter

    Description

    Tenant Name

    Enter the name of the tenant. Use a unique name across your company account up to 59 characters long.

    Region

    Geographic location where your tenant will be hosted. For more information about supported regions, see Supported host regions.

    Tenant Subdomain

    DNS record associated with your tenant. Enter a name that will be used to access the tenant directly using the full URL:

    https://<subdomain>crtx.<region>.paloaltonetworks.com

  6. Review and agree to the terms and conditions of the Privacy policy, Term of Use, EULA and then Activate your tenant.

    Note

    Activation can take about an hour and does not require that you remain on the activation page. Cortex XSOAR sends a notification to your email when the process is complete.

  7. After activation, from Cortex Gateway, in the Available Tenants when hovering over the activated tenant, do the following:

    • Ensure that you can successfully access the tenant by clicking the Cortex XSOAR tenant name (when the tenant is active).

    • In the dialog box, view the tenant status, region, serial number, and license details.

    • Subject to your license, set up your development tenant by clicking Activate Dev Tenant.  You need to define the development tenant name, region, and subdomain. After it is activated, you need to set up the content repository. For more information, see Step 5. Set up a remote repository.

    Note

    After activation, you can change the tenant name and domain name for your tenant including any dev/prod tenant.

    The first tenant created is labeled as the Main Account in the Cortex Gateway. Child tenants are not labeled.

  8. Enable access to Palo Alto Network resources in your firewall. See Enable access to Palo Alto Network resources.