- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-27-2020 03:31 AM
Hello, everybody,
I have not found any information in the FAQ (about Cortex migration).
The "Traps-Management-Service Application" already implies
ssl and web-browsing.
For some clients that are not allowed to access the internet, I have only allowed this application to run traps. This works fine too.
But the new "Cortex-XDR Application" requires ssl and web-browsing. This is unfavorable for my set of rules.
Is there any effort to develop a "Cortex-Management-Service" that works similar to the "Traps-Management-Service"?
04-01-2020 08:45 AM
Hello! The FAQ addresses questions asked by customers during our Cortex XDR 2.0 Upgrade webinar. It does not provide detailed instructions on the Cortex migration. If you are looking for instructions to enable your endpoint agents to access the cloud-based Cortex XDR application, please see: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr...
03-31-2020 09:07 AM
Hello Hodor,
We are looking into our schedule to create a "Cortex-management-service". In the meantime, please review the instructions to enable access from agents to the cloud-based Cortex XDR application at: https://docs.paloaltonetworks.
You can also consider deploying the Broker VM to route communications from endpoints to the Cortex XDR application. See: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr...
Best regards,
Kasey
03-31-2020 06:42 PM
Hi there - are you referencing ESM (on-premise) or Traps Management Service, which is cloud-based? I'm not 100% that I understand the question, but would like to help you find the answer.
04-01-2020 01:13 AM
Hi,
we`re using 100% Traps Management Service (Cloudservice).
04-01-2020 06:35 AM
Hi there - the equivalent of Traps Management Services is available within Cortex XDR. The features previously available in TMS are now under Endpoints dropdown menu in Cortex XDR. You will also find additional features not available in TMS under the Security dropdown menu, such as device control.
04-01-2020 08:45 AM
Hello! The FAQ addresses questions asked by customers during our Cortex XDR 2.0 Upgrade webinar. It does not provide detailed instructions on the Cortex migration. If you are looking for instructions to enable your endpoint agents to access the cloud-based Cortex XDR application, please see: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/get-started-with-cortex-xdr...
04-02-2020 02:18 AM
Hey, thanks for the tip.
With the manual I created a rule for the devices that are not allowed to be on the internet.
I don't understand why there is no equivalent development of the traps management service for Cortex-XDR by PaloAlto. I just had to add another app without having to build a new set of rules..
Our Cloud Traps Management Service will be migrated to Cortex 2.0 this weekend. I hope that my clients will work after the migration using the new rule..
04-02-2020 06:51 AM
Sounds good. Since you have devices that cannot be on the internet, I would look into standing up an on-prem broker after you are migrated. You can find the instructions on page 50 of the admin guide here: https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin
After you are migrated, you can download the broker VM by clicking on the settings icon at the top right of the screen, select Settings > Broker VM.
04-11-2020 01:22 AM
So folks thank you for your support - especially Kcross
It took me some time to build my ruleset using the instructions (only for access for Cortex). But it works for computers that have an internet regulation!
I have therefore marked the article as a suggested workaround.
It's a pity that I have the feeling to be the only one who notices / disturbs this in the form.
An explanation of Palo Alto why there is no new development of a Cortex-Service-Application exactly like the Traps-Management-Service is missing ...
Well, thank you so far.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!