Create an Agent Installation Package
To install the Cortex XDR agent on the endpoint for the first time, you must first create an agent installation package. After you create and download an installation package, you can then install it directly on an endpoint or you can use a software deployment tool of your choice to distribute the software to multiple endpoints. To install the Cortex XDR agent, you must use a valid installation package that exists in your Cortex XDR management console. If you delete an installation package, any agents installed from this package are not able to register to Cortex XDR.
After you install the Cortex XDR agent for the first time, you can upgrade individual or batches of agents remotely from the Cortex XDR management console.
To create a new installation package:
- From Cortex XDR, select.EndpointsEndpoint ManagementAgent Installations
- Createa new installation package.
- Enter a uniqueNameand an optionalDescriptionto identify the installation package.The packageNamemust be no more than 32 characters but can contain letters, numbers, or spaces.
- Select thePackage Type.
- (Windows, macOS, and Linux only)Upgrade from ESM—Use this package to upgrade Traps agents which connect to the on-premise Traps Endpoint Security Manager to Cortex XDR.For more information, see Migrate from Traps Endpoint Security Manager to Cortex XDR.
- Select thePlatformfor which you want to create the installation package.
- (Windows, macOS, and Linux only) Select theAgent Versionfor the package.
- Createthe installation package.Cortex XDR prepares your installation package and makes it available on theAgent Installationspage.
- Download your installation package.When the status of the package showsCompleted, right-click the agent version, and clickDownload.
- For Windows endpoints, select between the architecture type.
- For macOS endpoints, download theZIPinstallation folder and upload it to the endpoint. To deploy the Cortex XDR agent usingJAMF, upload theZIPfolder toJAMF. Alternatively, to install the agent manually on the endpoint, unzip theZIPfolder and double-click thepkgfile.
- For Linux endpoints, you can download.rpmor.debinstallers (according to the endpoint Linux distribution), and deploy the installers on the endpoints using the Linux package manager. Alternatively, you can download aShellinstaller and deploy it manually on the endpoint.When you upgrade a Cortex XDR agent version without package manager, Cortex XDR will upgrade the installation process to package manager by default, according to the endpoint Linux distribution.
- For Android endpoints, Cortex XDR creates a tenant-specific download link which you can distribute to Android endpoints. When a newer agent version is available, Cortex XDR identifies older package versions as[Outdated].
- Next steps:As needed, you can return to theAgent Installationspage to manage your agent installation packages. To manage a specific package, right click the agent version, and select the desired action:
- Editthe package name or description.
- Deletethe installation package. Deleting an installation package does not uninstall the Cortex XDR agent software from any endpoints. However, if you install the Cortex XDR agent from a package after you delete it, Cortex XDR denies the registration request leaving the agent in an unprotected state. If this is undesirable, you can instead hide the installation package from the main view of theAgent Installationspage. Hiding a package can be useful to filter earlier or less relevant versions from the main view.
- Copy text to clipboardto copy the text from a specific field in the row of an installation package.
- Hideinstallation packages. Using the Hide option provides a quick method to filter out results based on a specific value in the table. You can also use the filters at the top of the page to build a filter from scratch. To create a persistent filter, save ( ) it.
Recommended For You
Recommended videos not found.