1. Overview

Host Defenders are installed with a curl-bash script. Install Host Defender on each host that you want Prisma Cloud to protect.

Prerequisites:

  • Your system meets all minimum system requirements.

  • You have already installed Console, and it can be accessed over the network from the host where you want to install Defender.

  • Port 8084 is open on the host where Defender runs. Console and Defender communicate with each other over a web socket on port 8084 (by default the communication port is set to 8084 - however, you can specify your own custom port when deploying a Defender).

  • You have sudo access to the host where Defender will be installed.

  1. Verify that the host machine where you install Defender can connect to Console.

    $ curl -sk -D - https://<CONSOLE_IP_ADDRESS|HOSTNAME>:8083/api/v1/_ping

    If curl returns an HTTP response status code of 200, you have connectivity to Console. If you customized the setup when you installed Console, you might need to specify a different port.

  2. Log into Console.

  3. Go to Manage > Defenders > Deploy.

    1. In the first drop-down menu (2), select the way Defender connects to Console.

      A list of IP addresses and hostnames are pre-populated in the drop-down list. If none of the items are valid, go to Manage > Defenders > Names, and add a new Subject Alternative Name (SAN) to Console’s certificate. After adding a SAN, your IP address or hostname will be available in the drop-down list.

      Selecting an IP address in a evaluation setup is acceptable, but using a DNS name is more resilient. If you select Console’s IP address, and Console’s IP address changes, your Defenders will no longer be able to communicate with Console.
    2. (Optional) Set a proxy (3) for the Defender to use for the communication with the Console.

    3. (Optional) Set a custom communication port (4) for the Defender to use.

    4. In the second drop-down list (5), select Host Defender - Linux or Host Defender - Windows.

    5. In the final field, copy the install command, which is generated according to the options you selected.

  4. On the host where you want to install Defender, paste the command into a shell window, and run it.

2. Verify the install

Verify that Defender is installed and connected to Console.

In Console, go to Manage > Defenders > Manage. Your new Defender should be listed in the table, and the status box should be green and checked.