Episode Transcript:
John:
Hello, and welcome back to PANCast™. In today's episode, we will be talking about WAAS for Prisma Cloud and we have Joy joining us to give us more info. Before we get started, Joy, please tell us a bit about yourself?
Joy:
Yes, my name is Joy, and I am TAC support engineer of Prisma Cloud team. I’ve been dealing with this product for around 2Yi Zhao is a Staff Technical Support Engineer backed by years of support proficiency in Cyber Security. She is highly enthusiastic about learning new things and happy to share the knowledge. years, and am very happy to be here discussing WAAS.
John:
Thanks Joy. Now onto WAAS. First of all, what is WAAS and why do we need it?
What is WAAS?
Joy:
Well, no problem. We're going to dive into all the details about this amazing tool and show you why it's a must-have for any organization that's serious about securing their web applications and APIs.
WAAS, or Web Application and API Security, is a function of Prisma Cloud Compute that provides comprehensive security for all your web applications and APIs. And let's be real - with the increasing use of cloud computing and web applications, security has never been more important. Luckily, WAAS is here to detect and prevent a wide range of threats, including the infamous OWASP Top 10 vulnerabilities, DDoS attacks, and even API abuse.
John:
Okay, that all sounds great, but how does WAAS actually work?
How WAAS Works
Joy:
Well, it's pretty simple, really. WAAS inspects all incoming traffic to your web applications and APIs, and applies a variety of security measures to protect against threats. These measures include SSL/TLS encryption, web application firewall (WAF) protection, and bot mitigation.
But that's not all, WAAS also includes advanced features like automated threat detection and response, real-time threat intelligence, and machine learning-based security analytics. This means that you can rest easy knowing that you're always one step ahead of the bad guys, and your web applications and APIs are always secure.
John:
So what would be the benefits of using WAAS?
Joy:
There are a lot of them! The biggest benefit, of course, is that it provides comprehensive security for your web applications and APIs. This means that you can focus on running your business, while WAAS takes care of all the complex security stuff.
Lastly - WAAS also provides real-time visibility and control over web application and API traffic. This makes it easy to monitor and enforce security policies, comply with industry regulations and best practices, and avoid costly security breaches. And because WAAS provides detailed insights into web application and API traffic, you can identify and address security issues before they become major problems.
John:
So, who can benefit from using WAAS?
Joy:
The answer is pretty much anyone who needs to secure web applications and APIs. If you're running an e-commerce website, online banking application, or government portal, you need to keep your web applications and APIs secure. And if you're moving to the cloud, WAAS provides scalable and flexible security that can grow and adapt with your needs. Basically, if you have a website or API, you need WAAS.
John:
Great, now how do we set up WAAS?
Joy:
It's easy! First, you'll need to activate WAAS in your Prisma Cloud Compute Console and select the web application or API you want to protect. Then, you can configure WAAS policies to define which security measures you want to apply to incoming traffic. You can also customize settings to meet your security requirements, like specifying which IPs are allowed to access your web application or API. And once everything is set up, you can monitor web application and API traffic in real-time using the Prisma Cloud Compute console. It's like having your own personal security guard for your website!
To go deeper, WAAS provides 2 deployment modes, and here are some suggestions on which deployment mode may be more suitable for certain scenarios:
- First, In-line mode: This mode is ideal for scenarios where you want to have more granular control over traffic flowing through your web applications and APIs. For example, if you have a complex web application that requires different types of security policies for different URLs or application paths, in-line mode may be a better fit. In-line mode is also suitable for scenarios where you have a dedicated security team that can manage the security infrastructure.
- Second, Out-of-band mode: This mode is suitable for scenarios where you want to apply security policies to traffic flowing between two different zones or networks. For example, if you have a public-facing web application that communicates with a backend database or API server, out-of-band mode may be a good fit. Out-of-band mode can also be useful if you want to minimize the impact of security infrastructure on application performance.
Ultimately, the best deployment mode for your organization will depend on your specific needs and requirements. It's a good idea to evaluate each mode and choose the one that best fits your use case.
John:
OK I have gone in and implemented WAAS. It is not working as expected. How do I troubleshoot an issue with Support?
Troubleshooting with Support
Joy:
When troubleshooting WAAS issues, it's important to collect relevant data to help identify and resolve the problem with Palo Alto Networks Support. Here are some of the key data to collect:
- First, logs: Collect logs from the Prisma Cloud Compute management console or from the WAAS sensor itself. These logs can help you identify the source of the issue and any relevant error messages.
- Second, traffic captures: Capture traffic going to and from the web application or API. This can help you identify the type of traffic that is causing the issue and potentially diagnose network-related problems.
- Third, configuration settings: Verify that the WAAS policies and settings are properly configured. This can include SSL/TLS settings, WAF rules, and bot mitigation policies.
- Fourth, system information: Collect information about the operating system, hardware, and network environment. This can help you identify any potential compatibility issues or other environmental factors that may be contributing to the problem.
- Fifth, reproduction steps: Reproduce the issue and document the steps taken to reproduce it. This can help you isolate the problem and identify any specific conditions or variables that may be contributing to the issue.
By collecting and sharing this data to Support, we can quickly identify and troubleshoot WAAS issues, ensuring that your web applications and APIs remain secure and available to your users.
John:
Well, that's all the time we have for today. We hope you learned a thing or two about WAAS and how it can keep your web applications and APIs secure. Joy, what are the key takeaways for this episode?
Episode Key Takeaways
Joy:
- What is WAAS and how WAAS works?
- How to enable and configure WAAS?
- What are the 2 deployment mode and which scenario fits best?
- What data to collect when troubleshooting WAAS with Palo Alto Networks?
If you want to learn more, be sure to check out the Palo Alto Networks TechDocs for Prisma Cloud, videos, and tutorials. And remember, if you need any help getting started, Palo Alto Networks is here to assist you every step of the way. Here’s an essential checklist that you can prepare when raising a support case with us:
- Screenshots help to describing the issue, including the current WAAS configuration, and the error or issue you are facing
- Defender log
- Console log
John:
Thanks Joy for your insights on how WAAS can help make your environment more secure
Joy:
Thank you for having me …..and hope to join you on another episode of PANCast™.
John:
Thanks again, Joy. Until next time.