Focus

Advanced WildFire

Forward Decrypted SSL Traffic for Advanced WildFire Analysis

Table of Contents

Manually Upload Files to the WildFire Portal

Enable Advanced WildFire Inline Cloud Analysis

Forward Decrypted SSL Traffic for Advanced WildFire Analysis

Where Can I Use This?	What Do I Need?
PAN-OS Prisma Access	Advanced WildFire License For Prisma Access, this is usually included with your Prisma Access license.

Enable the firewall to forward decrypted SSL traffic for Advanced WildFire analysis. Traffic that the firewall decrypts is evaluated against security policy rules; if it matches the WildFire analysis profile attached to the security rule, the decrypted traffic is forwarded for analysis before the firewall re-encrypts it. Only a super user can enable this option.

Forwarding decrypted SSL traffic for analysis is a Advanced WildFire Best Practices.

On a firewall that does not have multiple virtual systems enabled:

If you have not already, enable the firewall to perform decryption and Forward Files for Advanced WildFire Analysis.

Select

Device

Setup

Content-ID

Edit the Content-ID settings and

Allow Forwarding of Decrypted Content

Click

to save the changes.

On a firewall with virtual systems enabled:

If you have not already, enable decryption and Forward Files for Advanced WildFire Analysis.

Select

Device

Virtual Systems

, click the virtual system you want to modify, and

Allow Forwarding of Decrypted Content

For Prisma Access, this is configured as part of your

WildFire and Antivirus

security profile settings. For more information, refer to Forward Files for Advanced WildFire Analysis for Prisma Access.

Manually Upload Files to the WildFire Portal

Enable Advanced WildFire Inline Cloud Analysis