1. Home
    2. Security Operations
    3. Cortex XDR
    4. Cortex® XDR Pro Administrator’s Guide
    5. Get Started with Cortex XDR Pro
    6. Configure Your Network Devices

    Configure Your Network Devices

    Configure your firewalls and Panorama for log forwarding to Cortex Data Lake.
    With a
    Cortex
    XDR
     Pro per TB license, if
     you use Palo Alto Networks firewalls as a traffic log source, you must configure your firewalls and Panorama log forwarding to
    Cortex
     Data Lake. Ensure you have first deployed your network devices.
    2. Configure firewalls to forward
      Cortex
      XDR
      -required logs to
      Cortex
       Data Lake.
      The
      Cortex
       Data Lake provides centralized, cloud-based log storage for firewalls, and Panorama provides an interface you can use to view the stored logs. The rich log data that firewalls forward to the
      Cortex
       Data Lake provides the
      Cortex
      XDR
       analytics engine the network visibility it requires to perform data analytics.
      To support
      Cortex
      XDR
      , firewalls must forward at least Traffic logs to the
      Cortex
       Data Lake. The complete set of log types that a firewall should forward to the
      Cortex
       Data Lake are:
      • Traffic (required)
      • Threat (spyware, anti-exploit, anti-malware, dns security, etc)
      • URL Filtering
      • User-ID
      • HIP
      • Enhanced application logs (PAN-OS 8.1.1 or later)
      Enhanced application logs are designed to increase visibility into network activity for Palo Alto Networks Cloud Services apps, and
      Cortex
      XDR
       requires these logs to support certain features.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo