>
    Submit Malware or Reports from the WildFire Appliance
    Focus
    Download PDF
    Focus
    1. Home
    2. Advanced WildFire Powered by Precision AI™
    3. Set Up and Manage a WildFire Appliance
    4. Submit Malware or Reports from the WildFire Appliance
    Download PDF
    Advanced WildFire Powered by Precision AI™

    Submit Malware or Reports from the WildFire Appliance

    Table of Contents

    Submit Malware or Reports from the WildFire Appliance

    Where Can I Use This?What Do I Need?
    • WildFire Appliance
    • WildFire License
    Enable the WildFire appliance cloud intelligence feature to automatically submit malware samples discovered in the WildFire private cloud to the WildFire public cloud. The WildFire public cloud further analyzes the malware and generates a signature to identify the sample. The signature is then added to WildFire signature updates, and distributed to global users to prevent future exposure to the threat. If you do not want to forward malware samples outside of your network, you can instead choose to submit only WildFire reports for the malware discovered on your network to contribute to WildFire statistics and threat intelligence.
    • Submit Malware to the WildFire Public Cloud
      Execute the following CLI command from the WildFire appliance to enable the appliance to automatically submit malware samples to the WildFire public cloud:
      admin@WF-500admin@WF-500# set deviceconfig setting wildfire cloud-intelligence submit-sample yes
      If the firewall that originally submitted the sample for WildFire private cloud analysis has packet captures (PCAPs) enabled, the PCAPs for the malware will also be forwarded to the WildFire public cloud.
    • Submit Malware Reports to the WildFire Public Cloud
      If the WildFire appliance is enabled to Submit Malware to the WildFire Public Cloud, you do not need to also enable the appliance to submit malware reports to the public cloud. When malware is submitted to the WildFire public cloud, the public cloud generates a new malware report for the sample.
      To enable the WildFire appliance to automatically submit malware reports to the WildFire public cloud (and not the malware sample), execute the following CLI command on the WildFire appliance:
      admin@WF-500# set deviceconfig setting wildfire cloud-intelligence submit-report yes
    • Verify Cloud Intelligence Settings
      Check to confirm that cloud intelligence is enabled to either submit malware or submit malware reports to the WildFire public cloud by running the following command:
      admin@WF-500> show wildfire status
      Refer to the Submit sample and Submitreport fields.

    © 2024 Palo Alto Networks, Inc. All rights reserved.