Projects
Prisma Cloud support two types of Projects:
Tenant projects and Scale projects. For more information refer to the
guide below or access our documentation on the feature
here.
Multi-tenancy is a feature of on on premise Console deployment. If you
are using a SaaS Console, you may have multiple tenants provisioned through
your SaaS subscription.
Multi-tenancy - Tenant Projects
The Central Console has full visibility into the entire estate. You can
then setup tenant projects which act as a self contained Console and
Defender setup. Users can only see and administer their subsection of
the estate.
Tenant projects are like silos. They each have their own rules and
settings that are created and maintained separately from all other
projects.
This is represented in the left hand side of the above diagram.
Scale - Scale Projects
Each Console can support 5,000 Defenders. By utilising Scale Projects,
we can allocate Consoles to a Central Console. This enables an unlimited
number of Defenders.
Defenders communicate to the scale project Console (5,000 Defenders per
scale project Console) and the scale project Console aggregates and
sends to a Central Console.
Policies and rules are inherited by the scale project from the Central
Console. Users and administrators operate the Central Console which then
pushes changes to the scale projects.
These are shown in the right hand side of the above diagram.
Configuration of Projects
Detailed setup instructions can be found
here.
In essence, you deploy the Console you want to become the Central
Console and connect that to another Console via the User Interface.
Prisma Cloud will then configure it appropriately.
By default, the master and its supervisor Consoles communicate over port
8083. You can configure a different port by setting
MANAGEMENT\_PORT\_HTTPS in twistlock.cfg at install time. All Consoles
must use the same value for MANAGEMENT\_PORT\_HTTPS.
