The suite of skillets are design to assist with and validate the Cortex Data Lake install and then implement required configuration elements for DHCP and traffic logging specific to the IoT security service.
Various selection options based on software version and deployment type for IoT. The workflow steps through the needed skillets required by the user.
The validation skillet checks required elements for a successful Cortex Data Lake (CDL) and Cortex IoT install. Key items include firewall licensing, global CDL configuration, fetch CDL certificates, and CDL/EAL enablement in log forwarding profiles.
Cortex Data Lake Playbook
Cortex Data Lake inline validation checks and configuration using an Ansible playbook.
Cortex Data Lake Optional Configurations
CDL specific configurations needed for select IoT deployments including:
update of existing log forwarding profiles with EAL/CDL enabled
add a log forwarding profile that is EAL/CDL ready
update security policies to include a selected log forwarding profile
IoT Configuration Elements
Based on the deployment scenario and software version, the firewall configuration may required additions or modifications: