First, I do not claim to be a virtual environment expert, but our organization has been running into a problem with VDI and Cortex XDR.
We have had problems with v7.9.1 (or whichever version was released mid-December of last year) to communicate with the management console once all of the steps are completed per Palo's documentation.
After almost 6 months of troubleshooting, we were finally told that, when upgrading, each layer of the environment needs to be cleaned and rid of any Cortex file fragments that are left there. If each layer is not cleaned, this will present fragments of current and previous versions causing performance and communication issues (as put by PA Support). For an organization that has a predominant virtual environment with a lot of additional applications, this is a rather extensive task to perform given the timeframes that new versions are released and held until they go EOL. We've also been told this has to be installed on the OS layer.
My question is what does everyone else do? Do other organizations run into this issue where the agent won't communicate with the management console after a period of time? We've had this running for 4 years and it is now presenting this issue where XDR has injected itself into the other layers and now must be cleaned EACH TIME an upgrade is to be performed.
I appreciate any feedback on this. After 6 months of troubleshooting, this was not really news we wanted to hear. Thank you in advance.
... View more