Customizable Agent Settings

Each Agent Settings Profile provides a tailored list of settings that you can configure for the platform you select.
In addition to the customizable Agent Settings Profiles, you can also set:
The following table describes these customizable settings and indicates which platforms support the setting (a dash (—) indicates the setting is not supported).
Setting
Windows
Mac
Linux
Android
Agent Profiles
Disk Space
Customize the amount of disk space the Cortex XDR agent uses to store logs and information about events.
check-mark.png
check-mark.png
check-mark.png
User Interface
Determine whether and how end users can access the Cortex XDR console.
check-mark.png
check-mark.png
Traps Tampering Protection
Prevent users from tampering with the Cortex XDR agent components by restricting access.
check-mark.png
Uninstall Password
Change the default uninstall password to prevent unauthorized users from uninstalling the Cortex XDR agent software.
check-mark.png
check-mark.png
Windows Security Center Configuration
Configure your Windows Security Center preferences to allow registration with the Microsoft Security Center, to allow registration with automated Windows patch installation, or to disable registration.
check-mark.png
Forensics
Change forensic data collection and upload preferences.
check-mark.png
Enhanced Data Collection
Upload data collected about endpoint activity for EDR to the Cortex Data Lake for Cortex apps usage. This capability requires an Advanced Endpoint Protection XDR license and allocation of log storage in Cortex Data Lake
check-mark.png
check-mark.png
check-mark.png
Response Actions
Manual response actions that you can take on the endpoint after a malicious file, process, or behavior is detected. For example, you can terminate a malicious process, isolate the infected endpoint from the network, quarantine a malicious file, or perform additional action as necessary to remediate the endpoint.
check-mark.png
check-mark.png
check-mark.png
Content Updates
Configure how the Cortex XDR agent performs content updates on the endpoint: whether to download the content directly from Cortex XDR or from a peer agent, whether to perform immediate or delayed updates, and whether to perform automatic content updates or continue using the current content version.
check-mark.png
Agent Auto Upgrade
Enable the agent to perform automatic upgrades whenever a new agent version is released. You can choose to upgrade only to minor versions in the same line, only to major versions, or both.
check-mark.png
check-mark.png
check-mark.png
Upload Using Cellular Data
Enable Android endpoints to send unknown APK files for inspection as soon as a user connects to a cellular network.
check-mark.png
Global Agent Configurations
Global Uninstall Password
Set the uninstall password for all agents in the system.
check-mark.png
check-mark.png
check-mark.png
Content Bandwidth Management
Configure the total bandwidth to allocate for content update distribution within your organization.
check-mark.png
check-mark.png
check-mark.png
Agent Auto Upgrade
Configure the Cortex XDR agent auto upgrade scheduler and number of parallel upgrades.
check-mark.png
check-mark.png
check-mark.png
Advanced Analysis
Enable Cortex XDR to automatically upload alert data for secondary verdict verification and security policy tuning.
check-mark.png
check-mark.png
check-mark.png

Recommended For You