Cortex XDR - Installation Instructions

Summary

This guide provides instructions for installing Cortex XDR antivirus on Windows, macOS, and Linux operating systems.

Body

Objective

Cortex is an extended detection and response app that uses real-time detection to respond to malware and other sophisticated attacks while preventing malicious software from running on devices. This guide will detail the instructions for installing Cortex on a computer.

A detailed walk through for the update processes for Windows, macOS, and Linux endpoints can be found below:

 

Users

This guide is intended for students, faculty, and staff who have or intend to install Cortex XDR on a personal device.

If you are needing to install Cortex XDR on a University-owned device, please contact your IT support team or the Help Center at nusupport@nebraska.edu for assistance.

 

Before You Begin

Uninstalling third-party antivirus products is recommended before installing and configuring these security tools.

If you have a University-owned device, please contact your IT support team or the Help Center at nusupport@nebraska.edu.

Download Cortex XDR using the following links:

 

Steps

Windows Installation

  1. Determine whether your computer is running on a 32bit or 64bit architecture Windows.
    1. Open the About system setting by right-clicking the Start button and selecting System.
    2. Under Device Specifications, look for your version under System Type.
  2. Download the version of Cortex XDR that matches your version and architecture of Windows from the links above.
  3. After the file has been downloaded, double click to run. It will unzip the files and start the install.
  4. After the installation is complete, restart your computer.

 

macOS Installation

  1. Download the Mac version of Cortex XDR from the links above.
  2. Double click the .zip file to extract the folder.
  3. Then double click Cortex XDR.pkg to start the install. This package must remain in the same folder as the Config.xml file for the installation to complete successfully.
  4. If presented with the message: "Installer would like to access files in your Downloads folder." select "OK".

 

(macOS 10.15 or later) Approve Cortex XDR System Extensions

  1. When installing the Cortex XDR agent on a Mac running macOS 10.15.4 or later, this warning displays twice: first for the Security Extension and then for the Network Extension. However, in both warnings, the operating system displays "System Extension Blocked". Select Open Security Preferences.
    A macOS notification window noting that Cortex XDR tried to load system extensions and was blocked.
  2. In System Preferences -> Security & Privacy -> General, click Details.
    macOS Security & Privacy details window
  3. Select both Cortex XDR System Extensions and click OK to allow them. Ignore the message informing that “The system needs to be restarted before it can be used” since this step is not required.
  4. Approve Cortex XDR Web Content Filter. Click Allow to enable the Cortex XDR agent to monitor network events. (macOS 10.15.4 or later)

 

(macOS 10.15 or later) Grant full disk access

Due to changes in the security settings of macOS 10.15, you must allow the Cortex XDR agent full disk access on your endpoint to enable full protection. If you do not authorize the agent full disk access on your endpoint, the agent provides only partial protection of files in the /Applications/ directory.

macOS message stating "Cortex XDR requires full disk access".

  1. Go to System Preferences -> Security & Privacy tab, and select Full Disk Access.
  2. To make changes, click the padlock icon on the bottom left and enter your credentials, and Unlock.
  3. Check the box next to pmd and TrapsSecurityExtension.

macOS Security & Privacy window displaying privacy settings

 

Linux Installation

For more information, see Cortex XDR for Linux Requirements.

  1. Download the Linux version of Cortex XDR that matches your Linux distribution.
  2. Open a terminal window to the location where the file was downloaded
  3. Run the command tar -xzvf NU_PREVENT_PERSONAL_###_LINUX_deb.tar.gz (The pound sign (#) indicates a dynamic version number. This will change often.)
  4. Before installing the agent, copy cortex.conf into /etc/panw/ directory.
  5. Run the following commands based on your Linux distribution.
    • Debian/Ubuntu: dpkg -i cortex-#.#.#.####.deb (The pound sign (#) indicates a dynamic version number. This will change often.)
    • RedHat: rpm -i cortex-#.#.#.####.rpm
    • OpenSUSE: zypper install ./cortex-#.#.#.####.rpm -Y

Details

Details

Article ID: 276
Created
Wed 5/1/24 5:57 PM
Modified
Mon 8/19/24 3:16 PM

Related Articles

Related Articles (2)

Baseline Security
This article outlines the NU IT Risk Classifications of Low, Medium, and High. These configurations align with National Institute of Standards and Technology (NIST) frameworks (800-53, 800-171), and Center for Internet Security (CIS) Levels 1 & 2.
GlobalProtect Host Information Profile (HIP)
This article introduces the GlobalProtect Host Information Profile (HIP) and how the results of a HIP check can influence a device's access level.

Related Services / Offerings

Related Services / Offerings (3)

BYOD Security
OnGuard is a software agent that performs posture assessments while BYOD is connected to eduroam or the wired network on campus.
Endpoint Detection & Response - Cortex XDR (Anti-malware)
Palo Alto Cortex XDR is more advanced than a traditional antivirus solution. Cortex is an extended detection and response app that uses real-time detection to respond to malware and other sophisticated attacks while preventing malicious software from running on devices.
Technology Support
Desktop Support is an area whose primary role is the direct support of end users with their hardware and software needs. Our mission is to provide professional and respectable support of hardware and software needs of Students/Faculty/Staff on each campus.