Step 4. Set up an engine - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Cloud Documentation

Product
Cortex XSOAR
Version
8
Creation date
2024-03-07
Last date published
2024-12-05
Category
Administrator Guide
Solution
Cloud
Abstract

Install engines on tenants in a Cortex XSOAR multi-tenant deployment. Configure firewall to allow communication between engine and tenant.

Engines created on child tenants use a different encryption handshake for each child tenant and connect back to the child tenant through the Main Tenant.

  1. Download and install the engine.

    1. On the Main Tenant, go to Settings & InfoSettingsIntegrationsEngines.

    2. Create New Engine.

    3. Select and download the appropriate installer file.

    4. Install the engine on the appropriate remote machine.

    For detailed engine installation instructions, see Install an engine.

  2. Propagate the engine to tenants.

    1. On the Main Tenant, go to Settings & InfoSettingsIntegrationsEngines, and select the engine.

    2. Click Load-Balancing and Propagation.

    3. Assign one or more engine propagation labels.

    4. If you want to allow the use of the engine for tenant-specific integration instances, select Allow tenants to use this engine for custom integration instances.

      If you do not select this option, the engine can only be used with integration instances that were assigned to the engine on the main tenant level and were propagated to tenants.

    5. Go to Settings & InfoSettingsTenant Management, and Sync your selected tenant(s).

  3. Verify that the engine is connected, by going to Settings & InfoSettingsIntegrationsEngines.

    Ensure that the engine machine can communicate with the Main Tenant. You can use Telnet, or any similar tool to check the engine has access to the Main Tenant before you install it. If there is a firewall you may need to allow access from the machine that hosts the engine, so that it can communicate back on port 443 (or any other port the main host may use) or set an ANY ANY rule.