Advanced WildFire can detect zero-day malware across multiple protocols including web (HTTP/HTTPS), email (SMTP, IMAP, POP), FTP, and SMB traffic. Upon detection, it rapidly generates unique signatures that protect against future infections from these newly discovered threats.

Each Advanced WildFire cloud analyzes samples and generates malware signatures independently of the other Advanced WildFire clouds. With the exception of WildFire private cloud signatures, Advanced WildFire signatures are shared globally, enabling users worldwide to benefit from malware coverage regardless of the location in which the malware was first detected. Because malware evolves rapidly, the signatures that Advanced WildFire generates address multiple variants of the malware.

Firewalls with an active Advanced WildFire license can retrieve the latest Advanced WildFire signatures in real-time, as soon as they become available. If you do not have an Advanced WildFire subscription, signatures are made available within 24-48 hours as part of the antivirus update for firewalls with an active Threat Prevention license.

As soon as the firewall downloads and installs the new signature, the firewall can block the files that contain that malware (or a variant of the malware). Malware signatures do not detect malicious and phishing links; to enforce these links, you must have a PAN-DB URL Filtering license. You can then block user access to malicious and phishing sites.