Enable App Scan Integration with WildFire

By enabling App Scan in AirWatch, you can leverage WildFire® threat intelligence about apps to detect malware on Android endpoints. When enabled, the AirWatch agent sends the list of apps that are installed on the Android endpoint to AirWatch. This occurs during enrollment and subsequently on any endpoint check-in. AirWatch then periodically queries WildFire for verdicts and can take compliance action on the endpoint based on the verdict.
  1. Before you begin, obtain a WildFire API key. If you do not already have an API key, contact Support.
  2. From AirWatch, select
    Groups & Settings
    All Settings
    Apps
    App Scan
    Third Party Integration
    .
  3. Select
    Current Setting: Override
    .
  4. Select
    Enable Third Party App Scan Analysis
    to enable communication between AirWatch and WildFire.
  5. Select
    Palo Alto Networks WildFire
    from the
    Choose App Scan Vendor
    drop-down.
  6. Enter your WildFire API key.
  7. Click
    Test Connection
    to ensure that AirWatch can communicate with WildFire. If the test is not successful, verify connectivity to the internet, re-enter the API key, and then try again.
    airwatch-wildfire-integration.png
  8. Save
    your changes. AirWatch schedules a synchronization task to communicate with WildFire to obtain the latest verdicts for application hashes and runs the task at regular intervals. Click
    Sync Now
    to initiate a manual sync with WildFire.

Related Documentation