Non-persistent VDI / agent communication issues

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Non-persistent VDI / agent communication issues

L3 Networker

First, I do not claim to be a virtual environment expert, but our organization has been running into a problem with VDI and Cortex XDR.

 

We have had problems with v7.9.1 (or whichever version was released mid-December of last year) to communicate with the management console once all of the steps are completed per Palo's documentation.

 

After almost 6 months of troubleshooting, we were finally told that, when upgrading, each layer of the environment needs to be cleaned and rid of any Cortex file fragments that are left there. If each layer is not cleaned, this will present fragments of current and previous versions causing performance and communication issues (as put by PA Support). For an organization that has a predominant virtual environment with a lot of additional applications, this is a rather extensive task to perform given the timeframes that new versions are released and held until they go EOL. We've also been told this has to be installed on the OS layer.

 

My question is what does everyone else do? Do other organizations run into this issue where the agent won't communicate with the management console after a period of time? We've had this running for 4 years and it is now presenting this issue where XDR has injected itself into the other layers and now must be cleaned EACH TIME an upgrade is to be performed.

 

I appreciate any feedback on this. After 6 months of troubleshooting, this was not really news we wanted to hear. Thank you in advance.

6 REPLIES 6

L4 Transporter

Hi @CraigV123,

 

I understand you're having issue with VDI and Cortex XDR agent connecting to the management console.  It appears that you've been in touch with support, which is great.  If you've worked with them for 6 months I'm not sure there's going to be much anyone else can do.  I do have a question though.  Are you using persistent or non persistent VDI?  

It's non-persistent. 

L4 Transporter

Hi @CraigV123,

 

So when you're talking about wiping away all parts of Cortex XDR you're only talking about cleaning the golden image.  If that's the case I would just recommend using the cleaner on the golden image when you want to upgrade. You can get the cleaner by talking with support.  You may need to open a new case.

 

I would also recommend trying to stay on the latest version of the Cortex XDR agent as this may alleviate some problems that you're having.

L3 Networker

We were on the latest version until mid-December 🙂 But no, we've tried using the 8.0 version as well and ran into similar issues. According to support, they told us each layer would need to be cleared of anything Cortex including the golden image. OS layer, app layer, etc. 

L4 Transporter

@CraigV123,

 

If that's the case I recommend getting the cleaner from support.  This completely should remove any traces of the Cortex XDR Agent installation.  From there you would create a new installation package and do a clean install.  

L3 Networker

Yeah so, the cleaner tool was also recommended but it was recommended to use on every app layer that is created within our VDI infrastructure. Since XDR installs to the OS layer or base layer, it has created "fragments" for lack of a better terms in each layer as a machine spins up. These so-called fragments are what is supposedly causing the issue in upgrading to any recent version.

 

I really wish XDR could be installed onto an app layer versus the OS layer. The support engineer who was assigned to our case told us, "We know this is an issue, but this is the way it is, at least for now." Ouch!

  • 2260 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!