Activate the Traps Management Service

After you purchase Traps licenses, you will receive an email with an Auth code that you can use to activate your Traps management service tenant. The Directory Sync Service and Cortex Data Lake are also available to you.
activation-process.png
While Directory Sync Service does not require you to register the service separately, you must perform additional configuration to begin using the service.
By default, Traps management service includes 100GB of log storage when you activate Traps management service. With the Traps Included Storage option, you do not need to activate the Cortex Data Lake separately. However, if you plan to use the same Cortex Data Lake instance for both firewall logs and Traps management service logs, you must first activate the Cortex Data Lake from the Customer Support Portal instead of activating the Cortex Data Lake from the Cortex Hub and then associate it with Traps management service during activation. This sequence allows you to associate the Auth code with Panorama and later associate the same Cortex Data Lake instance with Traps management service.
Use the following workflow to activate and set up a Traps management service tenant:
  1. Before you begin:
  2. Sign In to the Cloud Services Portal (https://apps.paloaltonetworks.com/).
    Anyone with a Palo Alto Networks Customer Services account that is assigned the appropriate roles can log in to the portal but you can't access an app or service from the portal until you activate it.
    cloud-services-portal-initial.png
  3. (Optional) Set Up Directory Sync Service.
    The Directory Sync Service reads Active Directory (AD) information on your network and sends it to the Palo Alto Networks cloud. This enables you to configure rules in your Traps management service tenant that apply to AD objects such as users and groups. Before you can begin assigning policy to AD objects, you must set up the service.
  4. Set up Cortex Data Lake if you intend to use the same Cortex Data Lake instance to store logs from Palo Alto Networks firewalls. If you plan to use only the Traps Included Storage, skip to the next step to activate Traps management service. If you are unsure how much log storage you need, use the Cortex Data Lake Calculator.
    You must activate the Cortex Data Lake from the Customer Support Portal and retrieve the license on Panorama (see License and Install the Cloud Service Plugin) if you want to store Traps logs and firewall logs to the same Logging Service instance.
  5. Activate Traps management service.
    Before you can log in to Traps management service, you must activate the app.
    1. Log in to the Cortex Hub and Activate New App.
    2. Enter the Auth Code you received to activate Traps management service and Continue.
      The Cortex Hub prompts you for information to activate your Traps management service tenant.
      activate-tms.png
    3. Enter an Instance Name to identify your tenant in the Cortex Hub and provide an optional Description.
    4. Select the Region in which you want to host Traps management service tenant: US East (N. Virginia) or EU (Frankfurt).
      The region you choose determines the location of the Logging Service and optionally the Directory Sync Service as well as the privacy regulations applied to your Traps management service tenant.
      The Traps agents can communicate with a Traps management service deployed in any region.
    5. Enter the Subdomain that you want to use for your tenant of Traps management service.
      For example, if you enter mycompany as the subdomain, Palo Alto Networks will create your tenant of the Traps management service as mycompany.traps.paloaltonetworks.com.
    6. Choose a Cortex Data Lake instance to store logs.
      The Cortex Hub displays the list of Logging Service instances available in your Region. If you did not already purchase and activate Cortex Data Lake, the Traps management service includes 100GB of logging storage.
    7. If you Set Up Directory Sync Service, select your Directory Sync Service instance.
    8. Review the terms of the End User License Agreement (EULA) and Agree and Activate.
    9. Click Done.
  6. Manage Logging Storage for Traps.
    Before you can begin storing logs, you must set quota allocation preferences for Traps management service.
  7. Enable Access to the Traps Management Service.
  8. Verify the status of your Traps management service tenant.
    1. From the Cortex Hub, click the gear icon next to your name.
    2. In the Traps area, review the STATUS for Traps management service tenant you just activated.
      cloud-services-portal-tenant-status.png
      When Traps management service tenant is available, the status changes to the green check mark.
  9. Access your Traps management service tenant for the first time.
    There are two ways to access your Traps management service tenant: Return to the Cortex Hub (https://apps.paloaltonetworks.com/) and select your tenant from Traps management service tile; or go directly to the web address for your tenant (https://<subdomain>.traps.paloaltonetworks.com).
  10. Use the Traps Management Service Dashboard.

Related Documentation