For Prisma Access, this is usually included
with your Prisma Access license.
Configure Palo Alto Networks firewalls to forward
unknown files or email links and blocked files that match existing
antivirus signatures for analysis. Use the
to define files to forward to one of the Advanced WildFire public
cloud options and then attach the profile to a security rule to
trigger inspection for zero-day malware.
Specify traffic to
be forwarded for analysis based on the application in use, the file
type detected, links contained in email messages, or the transmission
direction of the sample (upload, download, or both). For example,
you can set up the firewall to forward Portable Executables (PEs)
or any files that users attempt to download during a web-browsing
session. In addition to unknown samples, the firewall forwards blocked
files that match existing antivirus signatures. This provides Palo
Alto Networks a valuable source of threat intelligence based on
malware variants that signatures successfully prevented but has
not been seen before.
If you are using a WildFire appliance
to host a WildFire private cloud, you can extend WildFire analysis
resources to a WildFire hybrid cloud,
by configuring the firewall to continue to forward sensitive files
to your WildFire private cloud for local analysis, and forward less
sensitive or unsupported file types to the WildFire public cloud.
For more information about using and configuring the WildFire appliance,
refer to the WildFire Appliance Administration.
If a firewall
resides between the firewall you are configuring to forward files
and the Advanced WildFire cloud, make sure that the firewall in
the middle allows the following ports: