Prisma Cloud software consists of two components: Console and Defender. Palo Alto Networks hosts Console for you. To secure your environment, deploy Defender to your environment.
Console is Prisma Cloud’s management interface. It lets you define policy and monitor your environment.
Defender protects your environment according to the policies set in Console. There are a number of Defender types, each designed to protect a specific resource type.
The primary concern for most customers getting started with Prisma Cloud is securing their container environment. To do this, install Container Defender on every host that runs containers. Container orchestrators typically provide native capabilities for deploying an agent, such as Defender, to every node in the cluster. Prisma Cloud leverages these capabilities to install Defender. For example, Kubernetes and OpenShift, offer DaemonSets, which guarantee that an agent runs on every node in the cluster. Prisma Cloud Defender, therefore, is deployed in Kubernetes and OpenShift clusters as a DaemonSet.
In this section, you’ll find dedicated install guides for all popular container platforms. Each guide shows how to install Prisma Cloud for that given platform.
As you adopt other cloud-native technologies, Prisma Cloud can be extended to protect those environments too. Deploy the Defender type best suited for the job. For example, today you might use Amazon EKS (Kubernetes) clusters to run your apps. This part of your environment would be protected by Container Defender. Later you might adopt AWS Lambda functions. This part of your environment would be secured by Serverless Defender. Extending Prisma Cloud to protect other types of cloud-native technologies calls for deploying the right Defender type.