Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Agentless Scanning - Relative Costs for Scanning Instances

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Agentless Scanning - Relative Costs for Scanning Instances

L0 Member

We are considering agentless scanning with Prisma Cloud Compute.

Temporary scanning instances are spun up to perform the scans, whether the agentless scanning is configured to scan hosts in the same cloud account or from a dedicated hub cloud account.

Can anyone share insight/experience regarding the additional runtime costs (in relative terms) incurred by these scanning instances, especially on AWS?

We are trying to get rough idea if extra charges for scanning instances would be significant if we enable this feature.

1 accepted solution

Accepted Solutions

L1 Bithead

Hi JSchneider1,

 

Licensing wise, the agentless  cost is the same way as agent-based as each module depending on the resource protected.
Example: A linux host (non Docker) is 1 credit. A host with containers will be 7 credits

 

Overhead cost wise: If you're referring to overhead cloud resource charges, the agentless scanner instance is spun up within your cloud environment to perform the scanning and then torn down. That can incur some extremely minimal resource charges.

 

When ‘auto-scale scanners' is enabled, an additional scanner is spun up for every ‘n’ running instances in the region (Ohio, etc) in the cloud account, up to 40 scanners (where ‘n’ is the number of snapshots that provider supports to be attached per instance)
The limit is placed so we don't spin up too many instances charging customers.
Customers can choose to have more by manually adding the number of scanners.

 

Note: Although auto-scaling scan your workload much faster, it can also increase your associated overhead charges. So keep that in mind if enabling auto-scaling


For more details: https://docs.paloaltonetworks.com/prisma/prisma-cloud/22-06/prisma-cloud-compute-edition-admin/vulne...

View solution in original post

1 REPLY 1

L1 Bithead

Hi JSchneider1,

 

Licensing wise, the agentless  cost is the same way as agent-based as each module depending on the resource protected.
Example: A linux host (non Docker) is 1 credit. A host with containers will be 7 credits

 

Overhead cost wise: If you're referring to overhead cloud resource charges, the agentless scanner instance is spun up within your cloud environment to perform the scanning and then torn down. That can incur some extremely minimal resource charges.

 

When ‘auto-scale scanners' is enabled, an additional scanner is spun up for every ‘n’ running instances in the region (Ohio, etc) in the cloud account, up to 40 scanners (where ‘n’ is the number of snapshots that provider supports to be attached per instance)
The limit is placed so we don't spin up too many instances charging customers.
Customers can choose to have more by manually adding the number of scanners.

 

Note: Although auto-scaling scan your workload much faster, it can also increase your associated overhead charges. So keep that in mind if enabling auto-scaling


For more details: https://docs.paloaltonetworks.com/prisma/prisma-cloud/22-06/prisma-cloud-compute-edition-admin/vulne...

  • 1 accepted solution
  • 3033 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!