Due to security and performance factors, there are limitations
to the Hosted Service.
Due to security and performance factors, the following
limitations apply to the Hosted Service:
If you are running a version of Cortex XSOAR earlier
than v6.2, you do not have direct access to add or change server
configurations (i.e. advanced features that are not available via
the Cortex XSOAR GUI). Server configurations must be requested via
support tickets. The advanced configuration page is read only. If
you are running Cortex XSOAR v6.2 or later, you can add or change
most server configurations through the Cortex XSOAR
security and compliance reasons, a limited number of server configurations are
not available through the web interface, and must be requested via
You cannot SSH into a hosted instance. You can access only
the web interface via HTTPS (port 443) and the API.
You cannot schedule or automate backups through the Cortex
XSOAR backup page.
You cannot install a customer operated agent, such as a log
collector, antivirus, anti-malware software, etc. on the servers’
You cannot disable telemetry.
When using EDL and webhook integrations, you must use the
https (instance name) option, and not the URL/port option.
Shared agents are connected via Cortex XSOAR engines and
not through the hosted server.
The hosted service does not support a remote database, a
distributed database, or live backup. All architecture design and
maintenance is done by Palo Alto Networks.
Debug mode is enabled by default for logs and cannot be changed.
Palo Alto Networks does not install engines or provide hosting
for engines. You can deploy engines on your own premises.
Penetration testing on Cortex XSOAR hosted workloads is not permitted
without prior written authorization.
Network stress-testing and application load testing on Cortex XSOAR
workloads is prohibited.