1. Overview

Host Defenders are installed with a curl-bash script. Install Host Defender on each host that you want Prisma Cloud to protect.

Prerequisites:

  • Your system meets all minimum system requirements.

  • You have already installed Console, and it can be accessed over the network from the host where you want to install Defender.

  • Ports 8083 and 8084 are open on the host where Console runs. Console and Defender communicate with each other over a web socket on port 8084.

  • You have sudo access to the host where Defender will be installed.

  1. Verify that the host machine where you install Defender can connect to Console.

    $ curl -sk -D - https://<CONSOLE_IP_ADDRESS|HOSTNAME>:8083/api/v1/_ping

    If curl returns an HTTP response status code of 200, you have connectivity to Console. If you customized the setup when you installed Console, you might need to specify a different port.

  2. Log into Console.

  3. Go to Manage > Defenders > Deploy.

    1. In the first drop-down menu (1), select the way Defender connects to Console.

      A list of IP addresses and hostnames are pre-populated in the drop-down list. If none of the items are valid, go to Manage > Defenders > Names, and add a new Subject Alternative Name (SAN) to Console’s certificate. After adding a SAN, your IP address or hostname will be available in the drop-down list.

      Selecting an IP address in a evaluation setup is acceptable, but using a DNS name is more resilient. If you select Console’s IP address, and Console’s IP address changes, your Defenders will no longer be able to communicate with Console.
    2. In the second drop-down list (2), select Host Defender - Linux or Host Defender - Windows.

    3. In the final field, copy the install command, which is generated according to the options you selected.

  4. On the host where you want to install Defender, paste the command into a shell window, and run it.

2. Verify the install

Verify that Defender is installed and connected to Console.

In Console, go to Manage > Defenders > Manage. Your new Defender should be listed in the table, and the status box should be green and checked.