I am not a current XDR user, but am looking at it as a replacement for Trend Deep Security. The accepted solution implies that XDR provides a firewall for Linux endpoints, but then goes on to talk about the solution providing a better alternative to managing Windows and Mac Firewalls separately, with no mention of the Linux Firewall. It is my understanding that Cortex XDR does not provide a Linux endpoint firewall and there is no roadmap to do so. Please can someone correct me if I am wrong. I realize that this comment does not answer the question in any way, but the following might: I absolutely agree that managing the firewall using a better tool than Microsoft's GPO is desirable, however again the accepted solution implies that a GPO cannot be applied based on Active Directory Group membership. This is not strictly accurate, although I will admit it is a highly challenging undertaking. I would recommend using the Cortex XDR Firewall instead of the Windows Firewall, purely to simplify your operations.
... View more