Prisma Cloud Compute: How to set up WAAS for Windows Server 2016 IIS in Azure

• Set up a Windows IIS Server on Windows Server 2016 for Azure
• Implement WAAS

Limitations:

• Only WAAS In-line is supported for Windows Hosts. WAAS OOB is not supported.
• WAAS is not supported for Windows Containers.

• Prisma Cloud Compute Edition
• Prisma Cloud Enterprise Edition
• Windows Server 2016
• Azure

1. Create a new Azure VM using the Windows Server 2016 Datacenter - x64 Gen2 image
2. Open ports 3389 (RDP), 80, and 8080 in Azure
3. Use RDP to connect to the instance
4. Once the Windows Server application starts up, navigate to "Add Roles and Features" and install IIS
   1. Server Roles: Select "Web Server (IIS)" and in its dropdown, select IIS Management Console
   2. Leave everything else as default
5. Open Powershell and try to do "curl localhost:80". 
6. From an external host, run "curl <AZURE PUBLIC IP>:80". If both curl commands in step 5 and 6 give a 200 response, IIS was installed correctly and your ports are open.
7. Install host defender by navigating to Manage > Defenders > Manual Deploy, and select Windows Host Defender. Copy the install script into an ADMIN Powershell console in your Windows Host. 
8. In Windows Server Manager, click IIS on the left-hand side. Then, right click the server under "SERVERS" and select "Internet Information Services (IIS) Manager"
9. Expand the dropdown on the left hand side for your site until you see "Default Web Site". Right click it and select "Edit Bindings"
10. Change the port in the site bindings from 80 to 8080                    
11. Open Windows Firewall and add a new inbound rule. Select Port and do port 80.
    1. Select "Programs and Services", select "This Program", and enter C:\Program Files\Twistlock​​\defender.exe
    2. Leave everything else as default
12. Add another new inbound rule
    1. Select port 8080
    2. After making the rule, right click it and select Properties
    3. Navigate to Scope > Remote IP Addresses, and enter the Public IP for your Azure Windows Server.
13. Navigate to Defend > WAAS > Host > In-line in the Prisma Cloud console. 
    1. Add a new rule and specify your host through the collection
    2. Add an app with App port = 8080 and WAAS port = 80. Make sure to scroll down and save this app
    3. Save the WAAS rule
14. Try to run "curl -i <Public-IP>:80" from your external host. If you see the "X-Prisma-Event-Id" and navigating to Radars > Hosts > [Your Host] > WAAS shows requests after clicking refresh, you have completed the setup successfully.