Windows
Prisma Cloud can secure Windows containers running on Windows Server 2016 and Windows Server 2019 hosts.
A single instance of Prisma Cloud Console can simultaneously protect both Windows and Linux containers on both Windows and Linux hosts.
Prisma Cloud’s Intelligence Stream includes vulnerability data from Microsoft, so as new CVEs are reported, Prisma Cloud can detect them in your Windows images.
The architecture for Defender on Windows is different than Defender on Linux.
The Defender runs as a Docker container on Linux, and as a Windows service on Windows.
On Linux, it is implemented as runtime protection in the userspace, and on Windows it is implemented using Windows drivers.
This is because there is no concept of capabilities in Windows Docker containers like there is on Linux.
Defender on Windows runs as service so it can acquire the permissions it needs to secure the containers on your host.
When you deploy the Defender, it appears as a service.
The Defender type "Container Defender - Windows" means that Defender is capable of securing your containers, not that it’s deployed as a container.
To deploy Defender on Windows, you’ll copy a PowerShell script from the Prisma Cloud Console and run it on the host where you want to install Defender.
Feature matrix
The following table shows the current state of Prisma Cloud’s Windows Server support compared to Linux support:
Platform | Vulnerability | Compliance | Runtime defense | Firewalls | |||
|---|---|---|---|---|---|---|---|
>Processes | >Network | >Filesystem | >CNNF | >WAAS | |||
Linux | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Windows Server 2016 | Yes | Yes | No | No | No | No | Yes |
Windows Server 2019 (Host Defender) | Yes | Yes | No | No | |||