Deploying WAAS out of band

Out-of-band WAAS rules inspect HTTP requests and responses via a mirror of the traffic to provide WAAS detections. It is possible to mirror traffic for out of band inspection using Prisma Cloud Compute Defenders without requiring any additional configuration or using AWS traffic mirroring. In out of band mode, WAAS does not proxy traffic to or from the protected application and all the detections are applied on a read-only copy of the traffic. As a result, there is no risk of interfering with the application flow.

Create a WAAS rule for Out of band network traffic

To deploy WAAS for an out of band network traffic, create a new rule, define application endpoints, and select protections.
  1. Open Console, and go to
    Defend > WAAS
  2. Select the
    Out of band
  3. Click
    Add rule
  4. Enter a
    Rule Name
    (Optional) for describing the rule.
  5. Choose the rule
    by specifying the resource collection(s) to which it applies.