Welcome to Prisma Cloud Compute Edition version 21-08. The Prisma Cloud Compute Edition Administrator's Guide is for self-hosted deployment of your cloud workload protection platform (CWPP) for holistic protection for hosts, containers, and serverless infrastructure.
To understand the differences between the Prisma Cloud Compute Edition and Prisma Cloud Enterprise Edition, read this.
Prisma Cloud Compute Edition Administrator’s Guide
Version Self.Hosted 21.08 (EoL)
Last Updated:
Feb 8, 2023
Current Version:
Self.Hosted 21.08 (EoL)
- Version Prisma Cloud Enterprise Edition
- Version Self-Hosted 22.12
- Version Self-Hosted 22.06
- Version Self-Hosted 22.01
- Version Self-Hosted 21.08 (EoL)
- Version Self-Hosted 21.04 (EoL)
- Version Self-Hosted 20.12 (EoL)
- Version Self-Hosted 20.09 (EoL)
- Version Self-Hosted 20.04 (EoL)
- Version Self-Hosted 19.11 (EoL)
Table of Contents
-
- Getting started
- System requirements
- Prisma Cloud container images
- Onebox
- Kubernetes
- OpenShift
- OpenShift
- Console on Fargate
- Docker Swarm
- Amazon ECS
- Windows
- Defender types
-
- Install a single Container Defender
- Install Container Defender in a cluster
- App-Embedded Defender
- App-Embedded Defender for Fargate
- VMware Tanzu Application Service (TAS) Defender
- Serverless Defender
- Serverless Defender as a Lambda layer
- Auto-defend serverless functions
- Install a single Host Defender
- Auto-defend hosts
- Deploy Prisma Cloud Defender from the GCP Marketplace
- Decommission Defenders
-
- Support lifecycle for connected components
- Prisma Cloud’s backward compatibility and upgrade process
- Upgrade Onebox
- Kubernetes
- OpenShift
- Helm charts
- Docker Swarm
- Amazon ECS
- Manually upgrade single Container Defenders
- Manually upgrade Defender DaemonSets
- Manually upgrade Defender DaemonSets (Helm)
- Manually upgrade Docker Swarm Defenders
-
- Rule ordering and pattern matching
- Backup and restore
- Custom feeds
- Configuring Prisma Cloud proxy settings
- Custom certs for Console access
- Configure scanning
- User certificate validity period
- Enable HTTP access to Console
- Set different paths for Defender and Console (with DaemonSets)
- Authenticate to Console with certificates
- Configure custom certs from a predefined directory
- Customize terminal output
- Collections
- Tags
- Logon settings
- Reconfigure Prisma Cloud
- Subject Alternative Names
- WildFire settings
-
- Logging into Prisma Cloud
- Integrate with Active Directory
- Integrate with OpenLDAP
- Integrate Prisma Cloud with Open ID Connect
- Integrate with Okta via SAML 2.0 federation
- Integrate Google G Suite via SAML 2.0 federation
- Integrate with Azure Active Directory via SAML 2.0 federation
- Integrate with PingFederate via SAML 2.0 federation
- Integrate with Windows Server 2016 & 2012r2 Active Directory Federation Services (ADFS) via SAML 2.0 federation
- Integrate Prisma Cloud with GitHub
- Integrate Prisma Cloud with OpenShift
- Non-default UPN suffixes
- Compute user roles
- Assign roles
- Use custom certificates for authorization
- Credentials store
-
- Prisma Cloud vulnerability feed
- Vulnerability Explorer
- Vulnerability management rules
- Search CVEs
- Scan reports
- Scanning procedure
- Customize image scanning
- Configure registry scans
-
- Scan images in Alibaba Cloud Container Registry
- Amazon EC2 Container Registry (ECR)
- Azure Container Registry (ACR)
- Docker Registry v2
- Google Container Registry (GCR)
- Harbor
- IBM Cloud Container Registry
- Scan images on Artifactory Docker Registry
- OpenShift integrated Docker registry
- Trigger registry scans with webhooks
- Base images
- Configure VM image scanning
- Configure code repository scanning
- Malware scanning
- Vulnerability risk tree
- Detect vulnerabilities in unpackaged software
- CVSS scoring
- Windows container image scanning
- Serverless function scanning
- VMware Tanzu blobstore scanning
- Scan Fargate tasks
- Troubleshoot vulnerability detection
-
- Compliance Explorer
- Enforce compliance checks
- CIS Benchmarks
- Prisma Cloud Labs compliance checks
- Serverless functions compliance checks
- Windows compliance checks
- Docker Enterprise DISA STIG
- Custom compliance checks
- Trusted images
- Host scanning
- VM image scanning
- Fargate scanning
- Detect secrets
- Cloud discovery
- OSS license management
- API
