Will there be a Cortex-management-service?

Reply
Highlighted
L1 Bithead

Will there be a Cortex-management-service?

Hello, everybody,
I have not found any information in the FAQ (about Cortex migration).


The "Traps-Management-Service Application" already implies
ssl and web-browsing.

For some clients that are not allowed to access the internet, I have only allowed this application to run traps. This works fine too.

 

But the new "Cortex-XDR Application" requires ssl and web-browsing. This is unfavorable for my set of rules.

Is there any effort to develop a "Cortex-Management-Service" that works similar to the "Traps-Management-Service"?


Accepted Solutions
Highlighted
L4 Transporter

Hello! The FAQ addresses questions asked by customers during our Cortex XDR 2.0 Upgrade webinar. It does not provide detailed instructions on the Cortex migration. If you are looking for instructions to enable your endpoint agents to access the cloud-based Cortex XDR application, please see: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr...

 

 

 

 

View solution in original post


All Replies
Highlighted
L4 Transporter

Hello Hodor,


We are looking into our schedule to create a "Cortex-management-service". In the meantime, please review the instructions to enable access from agents to the cloud-based Cortex XDR application at: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr... 

 

You can also consider deploying the Broker VM to route communications from endpoints to the Cortex XDR application.  See: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr...

 

Best regards,
Kasey

Highlighted
L4 Transporter

Hi there - are you referencing ESM (on-premise) or Traps Management Service, which is cloud-based?  I'm not 100% that I understand the question, but would like to help you find the answer.


David Falcon 
MDR Systems Engineer, Cortex
Palo AltoNetworks® 
Highlighted
L1 Bithead

Hi,
we`re using 100% Traps Management Service (Cloudservice).

Highlighted
L4 Transporter

Hi there - the equivalent of Traps Management Services is available within Cortex XDR.  The features previously available in TMS are now under Endpoints dropdown menu in Cortex XDR.  You will also find additional features not available in TMS under the Security dropdown menu, such as device control.  


Screenshot22.png 


David Falcon 
MDR Systems Engineer, Cortex
Palo AltoNetworks® 
Highlighted
L4 Transporter

Hello! The FAQ addresses questions asked by customers during our Cortex XDR 2.0 Upgrade webinar. It does not provide detailed instructions on the Cortex migration. If you are looking for instructions to enable your endpoint agents to access the cloud-based Cortex XDR application, please see: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr...

 

 

 

 

View solution in original post

Highlighted
L1 Bithead

Hey, thanks for the tip.
With the manual I created a rule for the devices that are not allowed to be on the internet.

 

I don't understand why there is no equivalent development of the traps management service for Cortex-XDR by PaloAlto. I just had to add another app without having to build a new set of rules..

Our Cloud Traps Management Service will be migrated to Cortex 2.0 this weekend. I hope that my clients will work after the migration using the new rule..

Highlighted
L4 Transporter

Sounds good.  Since you have devices that cannot be on the internet, I would look into standing up an on-prem broker after you are migrated.  You can find the instructions on page 50 of the admin guide here:  https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin

 

After you are migrated, you can download the broker VM by clicking on the settings icon at the top right of the screen, select Settings > Broker VM.

 

 


David Falcon 
MDR Systems Engineer, Cortex
Palo AltoNetworks® 
Highlighted
L1 Bithead

So folks thank you for your support - especially   Kcross 

It took me some time to build my ruleset using the instructions (only for access for Cortex). But it works for computers that have an internet regulation!

I have therefore marked the article as a suggested workaround.

It's a pity that I have the feeling to be the only one who notices / disturbs this in the form.

An explanation of Palo Alto why there is no new development of a Cortex-Service-Application exactly like the Traps-Management-Service is missing ...

Well, thank you so far.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!