Forward Decrypted SSL Traffic for Advanced WildFire Analysis

Table of Contents

Manually Upload Files to the WildFire Portal

Enable Advanced WildFire Inline Cloud Analysis

Forward Decrypted SSL Traffic for Advanced WildFire Analysis

Where Can I Use This?	What Do I Need?
Prisma Access (Managed by Strata Cloud Manager) Prisma Access (Managed by Panorama) NGFW (Managed by Strata Cloud Manager) NGFW (Managed by PAN-OS or Panorama) VM-Series CN-Series	Advanced WildFire License For Prisma Access, this is usually included with your Prisma Access license.

Enable the firewall to forward decrypted SSL traffic for Advanced WildFire analysis. Traffic that the firewall decrypts is evaluated against security policy rules; if it matches the WildFire analysis profile attached to the security rule, the decrypted traffic is forwarded for analysis before the firewall re-encrypts it. Only a super user can enable this option.

Forwarding decrypted SSL traffic for analysis is a Advanced WildFire Best Practices.

On a firewall that does not have multiple virtual systems enabled:
1. If you have not already, enable the firewall to perform decryption and Forward Files for Advanced WildFire Analysis.
2. Select DeviceSetupContent-ID.
3. Edit the Content-ID settings and Allow Forwarding of Decrypted Content.
4. Click OK to save the changes.
On a firewall with virtual systems enabled:
1. If you have not already, enable decryption and Forward Files for Advanced WildFire Analysis.
2. Select DeviceVirtual Systems, click the virtual system you want to modify, and Allow Forwarding of Decrypted Content.
For Prisma Access, this is configured as part of your WildFire and Antivirus security profile settings. For more information, refer to Forward Files for Advanced WildFire Analysis for Prisma Access.

Manually Upload Files to the WildFire Portal

Enable Advanced WildFire Inline Cloud Analysis