Windows 10 Analysis Environment for the WildFire Appliance
Table of Contents
10.0
Expand all | Collapse all
-
- Automatic Content Updates Through Offline Panorama
- Enhanced Authentication for Dedicated Log Collectors and WildFire Appliances
- Syslog Forwarding Using Ethernet Interfaces
- Increased Configuration Size for Panorama
- Access Domain Enhancements for Multi-Tenancy
- Enhanced Performance for Panorama Query and Reporting
- Log Query Debugging
- Configurable Key Limits in Scheduled Reports
- Multiple Plugin Support for Panorama
Windows 10 Analysis Environment for the WildFire Appliance
The WildFire
®
appliance can now analyze files
in a Windows 10 operating system. The
WildFire
®
appliance can now analyze files using the
Windows 10 operating system, which increases the threat prevention
coverage of the appliance by enabling it to detect threats that
are designed specifically for Windows 10 environments. The
virtual analysis environment has the following system attributes:
- Windows 10 x64
- Adobe Reader 11
- Flash 11
- Office 2010
The WildFire appliance can use the Windows
10 environment to analyze all files that it normally supports.
To
take advantage of the new VM, you must download the Windows 10 VM
image from the Palo Alto Networks Customer Support Portal, install
the image onto the WildFire appliance, and then configure the appliance
to use the new VM environment.
Use the Windows 10 environment
for file analysis by selecting
vm-7
when
you configure the WildFire appliance. - From the software updates page, selectWF-500 Guest VM Imagesand download theWFWin10Base_m-1.0.0-c2.10baseVM image file.
- Upload the Windows 10 VM image to the WildFire appliance.
- Import the software image from the SCP server:admin@WF-500>scp import wildfire-vm-image from <username@ip_address>/<folder_name>/<vm_image_filename>For example:admin@WF-500>scp import wildfire-vm-image from user1@10.0.3.4:/tmp/WFWin10Base_m-1.0.0-c2.10base
- To check the status of the download, use the following command:admin@WF-500>show jobs all
- Install the Windows 10 VM image.admin@WF-500>request system wildfire-vm-image upgrade install file <vm_image_filename>
- Confirm that the Windows 10 VM image has been properly installed and enable the VM image the WildFire appliance uses to perform analysis.
- View a list of available virtual machines images:admin@WF-500>show wildfire vm-imagesThe following output shows thatvm-7is the Windows 10 VM image:vm-7 Windows 10 x64, Adobe Reader 11, Flash 11, Office 2010. Support PE, PDF, Office 2010 and earlier
- Set the image to be used for analysis:admin@WF-500#set deviceconfig setting wildfire active-vm vm-7And commit the configuration:admin@WF-500#commit
- (Optional) View the active VM image by running the following command:admin@WF-500>show wildfire status