Advanced WildFire Overview

Where Can I Use This?
What Do I Need?
  • PAN-OS
  • Prisma Access
  • Advanced WildFire License
    For Prisma Access, this is usually included with your Prisma Access license.
Advanced WildFire™ provides detection and prevention of zero-day malware using a combination of dynamic / static analysis and Intelligent Run-time Memory Analysis to detect highly evasive threats and create protections to block malware.
The Advanced WildFire Analysis Environment identifies previously unknown malware and generates signatures that Palo Alto Networks NGFWs can use to then detect and block the malware. When a Palo Alto Networks firewall detects an unknown sample (a file or a link included in an email), the firewall can automatically forward the sample for Advanced WildFire analysis. Based on the properties, behaviors, and activities the sample displays when analyzed and executed in the sandbox, Advanced WildFire determines the sample to be benign, grayware, phishing, or malicious, and then generates signatures to recognize the newly-discovered malware, and makes the latest signatures globally available for retrieval in real-time. All Palo Alto Networks firewalls can then compare incoming samples against these signatures to automatically block the malware first detected by a single firewall.
To learn more about Advanced WildFire, or to get started, see the following topics:
  • Review Advanced WildFire Concepts to learn more about the types of samples you can submit for WildFire analysis, WildFire verdicts, and WildFire signatures.
  • Learn more about Advanced WildFire Deployments deployments you can set up with the firewall. You can submit samples you would like to have analyzed to a Palo Alto Networks-hosted WildFire cloud, a locally-hosted WildFire private cloud, or you can use a hybrid cloud, where the firewall submits certain samples to the public cloud and certain samples to a private cloud.
  • to define the samples that you want to submit for analysis, and to begin submitted samples to a WildFire cloud.
  • If you are deploying a WildFire appliance, refer to the WildFire Appliance Administration.

Recommended For You