Session Information Sharing

Where Can I Use This?
What Do I Need?
  • PAN-OS
  • Prisma Access
  • Advanced WildFire License
    For Prisma Access, this is usually included with your Prisma Access license.
In addition to forwarding unknown and blocked samples for analysis, the firewall also forwards information about the network session for a sample. Palo Alto Networks uses session information to learn more about the context of the suspicious network event, indicators of compromise related to the malware, affected hosts and clients, and applications used to deliver the malware.
Forward of session information is enabled by default; however, you can adjust the default settings and choose what type of session information is forwarded to one of the WildFire cloud options.

Recommended For You