1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma Cloud Compute Edition Administrator’s Guide
    5. Install
    6. Install Defender
    7. Install a Host Defender
    End-of-Life (EoL)

    Install a Host Defender

    Host Defenders are installed with a curl-bash script. Install Host Defender on each host that you want Prisma Cloud to protect.
    Prerequisites
    :
    • Your system meets all minimum system requirements.
    • You have already installed Console, and it can be accessed over the network from the host where you want to install Defender.
    • Port 8084 is open on the host where Defender runs. Console and Defender communicate with each other over a web socket on port 8084 (by default the communication port is set to 8084 - however, you can specify your own custom port when deploying a Defender).
    • You have sudo access to the host where Defender will be installed.
    1. Verify that the host machine where you install Defender can connect to Console.
      $ curl -sk -D - https://<CONSOLE_IP_ADDRESS|HOSTNAME>:8083/api/v1/_ping
      If curl returns an HTTP response status code of 200, you have connectivity to Console. If you customized the setup when you installed Console, you might need to specify a different port.
    2. Log into Console.
    3. Go to
      Manage > Defenders > Deploy
      .
      1. In the first drop-down menu (2), select the way Defender connects to Console.
        A list of IP addresses and hostnames are pre-populated in the drop-down list. If none of the items are valid, go to
        Manage > Defenders > Names
        , and add a new Subject Alternative Name (SAN) to Console’s certificate. After adding a SAN, your IP address or hostname will be available in the drop-down list.
        Selecting an IP address in a evaluation setup is acceptable, but using a DNS name is more resilient. If you select Console’s IP address, and Console’s IP address changes, your Defenders will no longer be able to communicate with Console.
      2. (Optional) Set a proxy (3) for the Defender to use for the communication with the Console.
      3. (Optional) Set a custom communication port (4) for the Defender to use.
      4. In the second drop-down list (5), select
        Host Defender - Linux
         or
        Host Defender - Windows
        .
      5. In the final field, copy the install command, which is generated according to the options you selected.
    4. On the host where you want to install Defender, paste the command into a shell window, and run it.

    Verify the install

    Verify that Defender is installed and connected to Console.
    In Console, go to
    Manage > Defenders > Manage
    . Your new Defender should be listed in the table, and the status box should be green and checked.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo