Step 1. Activate Cortex XSOAR (Main Tenant) - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Cloud Documentation

Product
Cortex XSOAR
Version
8
Creation date
2024-03-07
Last date published
2025-03-13
Category
Administrator Guide
Solution
Cloud
Abstract

Learn how to activate Cortex XSOAR from the Cortex Gateway.

To set up Cortex XSOAR multi-tenant, you need to activate the main tenant in the Cortex Gateway. The Cortex Gateway is a centralized portal for activating and managing tenants, users, roles, and user groups. After activating the tenant you can then access the tenant. You will need to repeat this task for each tenant if you have multiple tenants. The activation process includes accessing the Cortex Gateway, activating the tenant, and then accessing the tenant.

Before you begin, ensure you do the following:

  • The Cortex XSOAR activation email.

  • A Customer Support Portal (CSP) account.

    You need to set up your CSP account. For more information, see How to Create Your CSP User Account.

    When you create a CSP account you can set up two-factor authentication (2FA) to log into the CSP, by using an Email, Okta Verfiy, or Google Authenticator (non-FedRAMP accounts). For more information, see How to Enable a Third Party IdP.

  • You have one of the following roles assigned:

    • The Cortex XSOAR activation email.

    • A Customer Support Portal (CSP) account.

      You need to set up your CSP account. For more information, see How to Create Your CSP User Account.

      When you create a CSP account you can set up two-factor authentication (2FA) to log into the CSP, by using an Email, Okta Verfiy, or Google Authenticator (non-FedRAMP accounts). For more information, see How to Enable a Third Party IdP.

    • You have one of the following roles assigned:

      • CSP role

        The Super User role is assigned to your CSP account. The user who creates the CSP account is granted the Super User role.

      • Cortex role

        You must have the Account Admin role.

        If you are the first user to access Cortex Gateway with the CSP Super User role, you are automatically granted Account Admin permissions for the Cortex Gateway. You can also add Account Admin users as required.

        In the Cortex Gateway, you can activate new tenants, access existing tenants, and create and manage role-based access control (RBAC) for all of your tenants.

After activating the main tenant, you can create development and child tenants according to your license.

How to activate Cortex XSOAR
  1. Log into Cortex Gateway.

    You can also access the link from the activation email.

  2. Enter your username and password or multi-factor authentication (if set up) by using your CSP account credentials to sign in.

    After you are signed in, you can view the following:

    • If you are a CSP Account Admin, you can see tenants allocated to your CSP account and ready for activation. After activation, you cannot move your tenant to a different CSP account.

    • Tenant details such as the status, license, and serial number.

    • Tenants that were activated and are now available. If you have more than one CSP account, the tenants are displayed according to the CSP account name.

  3. In the Available for Activation section, use the serial number to locate the tenant that needs activation, and then click Activate as SAAS.

  4. In the Activate XSOAR 8 dialog box, select Start Fresh.

  5. On the Tenant Activation page, define the following:

    Parameter

    Description

    Tenant Name

    Enter the name of the tenant. Use a unique name across your company account up to 59 characters long.

    Region

    Geographic location where your tenant will be hosted. For more information about supported regions, see Supported host regions.

    Tenant Subdomain

    DNS record associated with your tenant. Enter a name that will be used to access the tenant directly using the full URL:

    https://<subdomain>crtx.<region>.paloaltonetworks.com

  6. Review and agree to the terms and conditions of the Privacy policy, Terms of Use, and EULA , and then Activate your tenant.

    Note

    Activation can take about an hour and does not require that you remain on the activation page. Cortex XSOAR sends a notification to your email when the process is complete.

    The first tenant created is labeled as the Main Account.

  7. When the tenant is active, ensure you can access the tenant by clicking the Cortex XSOAR tenant name.

    When hovering over the activated tenant, you can see the tenant's status, region, serial number, and license details.

    Note

    If you want to change your tenant's name and domain name, on the right-hand side, click the ellipsis.

  8. Subject to your license, activate your development tenant.

    1. Hover over the activated tenant, and on the right-hand side, click the ellipsis and then click Migrate Dev Tenant

      dev-activation.png
    2. Define the development tenant name, region, and subdomain.

      After the development tenant is activated, you can set up the content repository. For more information, see Step 5. Set up a remote repository.

  9. Enable access to Palo Alto Network resources in your firewall. See Enable access to Palo Alto Networks resources.