Enable App Scan Integration with WildFire

By enabling App Scan in AirWatch, you can leverage WildFire® threat intelligence about apps to detect malware on Android endpoints. When enabled, the AirWatch agent sends the list of apps that are installed on the Android endpoint to AirWatch. This occurs during enrollment and subsequently on any endpoint check-in. AirWatch then periodically queries WildFire for verdicts and can take compliance action on the endpoint based on the verdict.
  1. Before you begin, obtain a WildFire API key. If you do not already have an API key, contact Support.
  2. From AirWatch, select Groups & SettingsAll SettingsAppsApp ScanThird Party Integration.
  3. Select Current Setting: Override.
  4. Select Enable Third Party App Scan Analysis to enable communication between AirWatch and WildFire.
  5. Select Palo Alto Networks WildFire from the Choose App Scan Vendor drop-down.
  6. Enter your WildFire API key.
  7. Click Test Connection to ensure that AirWatch can communicate with WildFire. If the test is not successful, verify connectivity to the internet, re-enter the API key, and then try again.
    airwatch-wildfire-integration.png
  8. Save your changes. AirWatch schedules a synchronization task to communicate with WildFire to obtain the latest verdicts for application hashes and runs the task at regular intervals. Click Sync Now to initiate a manual sync with WildFire.

Related Documentation