1. Overview

Prisma Cloud support two types of Projects: Tenant projects and Scale projects. For more information refer to the guide below or access our documentation on the feature here.

Multi-tenancy is a feature of on on premise Console deployment. If you are using a SaaS Console, you may have multiple tenants provisioned through your SaaS subscription.

projects

2. Multi-tenancy - Tenant Projects

The Central Console has full visibility into the entire estate. You can then setup tenant projects which act as a self contained Console and Defender setup. Users can only see and administer their subsection of the estate.

Tenant projects are like silos. They each have their own rules and settings that are created and maintained separately from all other projects.

This is represented in the left hand side of the above diagram.

3. Scale - Scale Projects

Each Console can support 5,000 Defenders. By utilising Scale Projects, we can allocate Consoles to a Central Console. This enables an unlimited number of Defenders.

Defenders communicate to the scale project Console (5,000 Defenders per scale project Console) and the scale project Console aggregates and sends to a Central Console.

Policies and rules are inherited by the scale project from the Central Console. Users and administrators operate the Central Console which then pushes changes to the scale projects.

These are shown in the right hand side of the above diagram.

4. Configuration of Projects

Detailed setup instructions can be found here. In essence, you deploy the Console you want to become the Central Console and connect that to another Console via the User Interface. Prisma Cloud will then configure it appropriately.

projects defender

By default, the master and its supervisor Consoles communicate over port 8083. You can configure a different port by setting MANAGEMENT\_PORT\_HTTPS in twistlock.cfg at install time. All Consoles must use the same value for MANAGEMENT\_PORT\_HTTPS.