topic I have two queries for Cortex XDR for cloud identity engine and browser protection. in Cortex XDR Discussions https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/i-have-two-queries-for-cortex-xdr-for-cloud-identity-engine-and/m-p/428480#M986 <P>Hi,</P><P>&nbsp;</P><P>I have deployed Cortex XDR in my environment and I have two queries it features.</P><P>&nbsp;</P><P>1. I have integrated the on-premises AD with the help of a DSS agent and cert. It is connected and is synced in the cloud identity engine. So what is the purpose of the AD in Cortex XDR why it is used and can we configured the user and group base policy. if yes what is the process to configure the user and group base policy?</P><P>&nbsp;</P><P>2. Previously we were using McAfee in our environment. It has a feature to prevent our block the users to download malicious files. Does this feature is also available in cortex XDR. If yes, how can we enable it? we have tested this thing in the test machine we were able to download the malicious files after running those the cortex was blocking it but it was not blocking when it was downloading.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 23 Aug 2021 13:59:48 GMT OsamaKhan 2021-08-23T13:59:48Z I have two queries for Cortex XDR for cloud identity engine and browser protection. https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/i-have-two-queries-for-cortex-xdr-for-cloud-identity-engine-and/m-p/428480#M986 <P>Hi,</P><P>&nbsp;</P><P>I have deployed Cortex XDR in my environment and I have two queries it features.</P><P>&nbsp;</P><P>1. I have integrated the on-premises AD with the help of a DSS agent and cert. It is connected and is synced in the cloud identity engine. So what is the purpose of the AD in Cortex XDR why it is used and can we configured the user and group base policy. if yes what is the process to configure the user and group base policy?</P><P>&nbsp;</P><P>2. Previously we were using McAfee in our environment. It has a feature to prevent our block the users to download malicious files. Does this feature is also available in cortex XDR. If yes, how can we enable it? we have tested this thing in the test machine we were able to download the malicious files after running those the cortex was blocking it but it was not blocking when it was downloading.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 23 Aug 2021 13:59:48 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/i-have-two-queries-for-cortex-xdr-for-cloud-identity-engine-and/m-p/428480#M986 OsamaKhan 2021-08-23T13:59:48Z Re: I have two queries for Cortex XDR for cloud identity engine and browser protection. https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/i-have-two-queries-for-cortex-xdr-for-cloud-identity-engine-and/m-p/429503#M999 <P>&nbsp;</P><BLOCKQUOTE><HR /><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/116059">@OsamaKhan</a>&nbsp;wrote:<BR /><P>Hi,</P><P>&nbsp;</P><P>I have deployed Cortex XDR in my environment and I have two queries it features.</P><P>&nbsp;</P><P>1. I have integrated the on-premises AD with the help of a DSS agent and cert. It is connected and is synced in the cloud identity engine. So what is the purpose of the AD in Cortex XDR why it is used and can we configured the user and group base policy. if yes what is the process to configure the user and group base policy?</P><P>&nbsp;</P><P>2. Previously we were using McAfee in our environment. It has a feature to prevent our block the users to download malicious files. Does this feature is also available in cortex XDR. If yes, how can we enable it? we have tested this thing in the test machine we were able to download the malicious files after running those the cortex was blocking it but it was not blocking when it was downloading.</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><HR /></BLOCKQUOTE><P>Hello OsamaKhan,</P><P>&nbsp;</P><P>1.DSS is now rebranded as the Cloud Identity Engine, It is meant for visibility into identities and user behavior. You can find documentation and information of it's features here:</P><P><A href="https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-new-features/identity-features/cloud-identity-engine.html" target="_blank">https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-new-features/identity-features/cloud-identity-engine.html</A></P><P>&nbsp;</P><P>2. You can configure policy rules and security profiles to harden your security posture. More details on the documentation below.</P><P><A href="https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-prevent-admin/endpoint-security/endpoint-security-profiles/manage-security-profiles.html" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-prevent-admin/endpoint-security/endpoint-security-profiles/manage-security-profiles.html</A></P><P>&nbsp;</P><P>&nbsp;<A href="https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/endpoint-security/endpoint-security-profiles.html" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/endpoint-security/endpoint-security-profiles.html</A></P><P>&nbsp;</P><P>&nbsp;</P> Thu, 26 Aug 2021 17:22:27 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/i-have-two-queries-for-cortex-xdr-for-cloud-identity-engine-and/m-p/429503#M999 yalonso 2021-08-26T17:22:27Z