1. Overview

Radar is the primary interface for monitoring and understanding your environment. It is the default view when you first log into Console. It is designed to let you visualize and navigate through all of Prisma Cloud’s data. For example, you can visualize connectivity between microservices, then instantly drill into the per-layer vulnerability analysis tool, assess compliance, and investigate incidents, all without leaving the Radar canvas.

radar

Radar makes it easy to conceptualize the architecture and connectivity of large environments, identify risks, and zoom in on incidents that require response. Radar provides a visual depiction of inter- and intra-network connections between containers, apps, and cluster services across your environment. It shows the ports associated with each connection, the direction of traffic flow, and internet accessibility. When Cloud Native Network Firewall is enabled, Prisma Cloud automatically generates the mesh shown in Radar based on what it has learned about your environment.

Radar’s principal pivot is the container view and host view. In the container view, each image with running containers is depicted as a node in the graph. In the host view, each systemd service, or app, is depicted as a node in the graph. Clicking on a node pops up an overlay that shows vulnerability, compliance, and runtime issues.

Radar refreshes its view every 24 hours. The Refresh button has a red marker when new data is available to be displayed. In order to get full visibility into your environment, Defender should be installed on every host in your environment.

2. Cluster pivot

Radar segments your environment by cluster. The main view lists all clusters in your environment. Clicking a card open the image pivot, which shows you all the namespaces and containers in the cluster.

cluster pivot

Defenders report which resources belong to which cluster. For managed clusters, Prisma Cloud automatically retrieves the name from the cloud provider. As a fallback, Prisma Cloud can retrieve the name from your kubeconfig file. Finally, you can manually specify the cluster name.

The cluster pivot is currently supported for Kubernetes and OpenShift clusters only. All other running containers in your environment are collected in the Non-Cluster Containers view.

3. Image pivot

Radar lays out nodes on the canvas to promote easy analysis of your containerized apps. Interconnected nodes are laid out so network traffic flows from left to right. Traffic sources are weighted to the left, while destinations are weighted to the right. Single, unconnected nodes are arranged in rows at the bottom of the canvas.

Nodes are color-coded based on the highest severity vulnerability or compliance issue they contain, and reflect the currently defined vulnerability and compliance policies. Color coding lets you quickly spot trouble areas in your deployment.

  • Dark Red — High risk. One or more critical severity vulnerabilities detected.

  • Red — High severity vulnerabilities detected.

  • Orange — Medium vulnerabilities detected.

  • Green — Denotes no vulnerabilities detected.