I have two queries for Cortex XDR for cloud identity engine and browser protection.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

I have two queries for Cortex XDR for cloud identity engine and browser protection.

L2 Linker

Hi,

 

I have deployed Cortex XDR in my environment and I have two queries it features.

 

1. I have integrated the on-premises AD with the help of a DSS agent and cert. It is connected and is synced in the cloud identity engine. So what is the purpose of the AD in Cortex XDR why it is used and can we configured the user and group base policy. if yes what is the process to configure the user and group base policy?

 

2. Previously we were using McAfee in our environment. It has a feature to prevent our block the users to download malicious files. Does this feature is also available in cortex XDR. If yes, how can we enable it? we have tested this thing in the test machine we were able to download the malicious files after running those the cortex was blocking it but it was not blocking when it was downloading.

 

 

 

 

 

Thanks and Regards,
OK.
1 REPLY 1

L2 Linker

 


@OsamaKhan wrote:

Hi,

 

I have deployed Cortex XDR in my environment and I have two queries it features.

 

1. I have integrated the on-premises AD with the help of a DSS agent and cert. It is connected and is synced in the cloud identity engine. So what is the purpose of the AD in Cortex XDR why it is used and can we configured the user and group base policy. if yes what is the process to configure the user and group base policy?

 

2. Previously we were using McAfee in our environment. It has a feature to prevent our block the users to download malicious files. Does this feature is also available in cortex XDR. If yes, how can we enable it? we have tested this thing in the test machine we were able to download the malicious files after running those the cortex was blocking it but it was not blocking when it was downloading.

 

 

 

 

 


Hello OsamaKhan,

 

1.DSS is now rebranded as the Cloud Identity Engine, It is meant for visibility into identities and user behavior. You can find documentation and information of it's features here:

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-new-features/identity-features/cloud-identity-e...

 

2. You can configure policy rules and security profiles to harden your security posture. More details on the documentation below.

https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-prevent-admin/endpoint-security/endpo...

 

 https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/endpoint-security/endpoint-...

 

 

  • 2095 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!