: Install a Single Host Defender
Focus
Focus

Install a Single Host Defender

Table of Contents

Install a Single Host Defender

Install Host Defender on each host that you want Prisma Cloud to protect.
Single Host Defenders can be configured in the Console UI, and then deployed with a curl-bash script. Alternatively, you can use twistcli to configure and deploy Defender directly on a host.

Install a Host Defender (Console UI)

Host Defenders are installed with a curl-bash script.
Prerequisites
:
  • Your system meets all minimum system requirements.
  • Ensure that the host machine where you installed the Defender can access the Prisma Cloud console the network.
  • You have sudo access to the host where Defender will be installed.
  1. Go to
    Compute > Manage > System > Utilities
    and copy the
    Path to Console
    .
    1. Run the following command by replacing the variable PATH-TO-CONSOLE with the copied value:
      curl -sk -D - <PATH-TO-CONSOLE>/api/v1/_ping
    2. Run the command on your host system. If curl returns an HTTP response status code of 200, you have connectivity to Console.
  2. Go to
    Compute > Manage > Defenders > Defenders: Deployed
    and select
    Manual deploy
    .
    1. Under
      Deployment method
      , select
      Single Defender
      .
    2. In
      Defender type
      , select
      Host Defender - Linux
      or
      Host Defender - Windows
      .
    3. (Optional) Set a custom communication port (4) for the Defender to use.
    4. (Optional) Set a proxy (3) for the Defender to use for the communication with the Console.
    5. (Optional) Under
      Advanced Settings
      , Enable
      Assign globally unique names to Hosts
      when you have multiple hosts that can have the same hostname (like autoscale groups, and overlapping IP addresses).
      After setting the option to
      ON
      , Prisma Cloud appends a unique identifier, such as ResourceId, to the host’s DNS name. For example, an AWS EC2 host would have the following name: Ip-171-29-1-244.ec2internal-i-04a1dcee6bd148e2d.
    6. Copy the install scripts command from the right side panel, which is generated according to the options you selected. On the host where you want to install Defender, paste the command into a shell window, and run it.

Install a single Host Defender (twistcli)

Use twistcli to install a single Host Defender on a Linux host.
Prerequisites
:
  • Your system meets all minimum system requirements.
  • Console can be accessed over the network from the host where you want to install Defender.
  • You have sudo access to the host where Defender will be installed.
  • Create a Role with Cloud Provisioning Admin permissions and without
    any
    account groups attached.
  1. Verify that the host machine where you install Defender can connect to Console.
    $ curl -sk -D - https://<CONSOLE>/api/v1/_ping
    If curl returns an HTTP response status code of 200, you have connectivity to Console. If you customized the setup when you installed Console, you might need to specify a different port.
  2. SSH to the host where you want to install Defender.
  3. Download twistcli.
    $ curl -k \ -u <USER> \ -L \ -o twistcli \ https://<CONSOLE>/api/v1/util/twistcli
  4. Make the twistcli binary executable.
    $ chmod a+x ./twistcli
  5. Install Defender.
    $ sudo ./twistcli defender install standalone host-linux \ --address https://<CONSOLE> \ --user <USER>

Verify the Install

Verify that the Defender is installed and connected to Console.
In Console, go to
Manage > Defenders > Defenders: Deployed
. Your new Defender should be listed in the table, and the status box should be green and checked.

Recommended For You