XDR data lake and related questions

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

XDR data lake and related questions

L4 Transporter

Hello people ,

 

I have started working on PANW XDR  study and currently i am in initial stages on my study .

1)Is PANW XDR uses its native inbuild data lake ? 

I am confused with Architecture diagram which says Data lake  and Data layer . Are these two different things ?

 

2) I consider Datalake as big pool data ( flat or any other form) where all the PANW products ( firewalls /SASE/Prisma) ingest the logs . 

 

Am i right in my understanding .?

 

3)Another point is about 3rd Party external integrations ; can Cortex XDR ingest logs from any vendor like fortigate FW , Cisco router, Juniper switch , Crowdstrike edr , Armis . ?

 

4) If answer to question 3 is yes , can XDR also run response actions on these 3rd parties ? like blocking an IP on fortigate or isolating a machine having crowdstrike antivirus disabled ?

 

If Cortex XDR can ingest 3rd party data in native datalake , can we consider Cortex XDR as Open XDR ?

 

5) What is the difference between XDR and XSOAR because XDR can also provide a response action . Is the response limited or XDR has limited number of playbooks ? I studied that XSOAR is for more mature environments (SOCs) . so i am confused why customer buy XSOAR if XDR is giving all the options .

 

6) About Cortex data lake , can cortex data lake ingest logs from fortigate , etc ? or cortex data lake is only for PANW products ?  at least this is what documentation says .

 

 

1 REPLY 1

L4 Transporter

Hello People , anyone please ? 

  • 1732 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!