WildFire is a cloud-based
virtual environment that analyzes and executes unknown samples (files
and email links) and determines the samples to be malicious, phishing, grayware,
or benign. With WildFire enabled, a Palo Alto Networks firewall
can forward unknown samples to WildFire for analysis. For newly-discovered
malware, WildFire generates a signature to detect the malware, which
is made available for retrieval in real-time for all firewalls with
an active WildFire subscription. This enables all Palo Alto next-generation
firewalls worldwide to detect and prevent malware found by a single firewall.
Malware signatures often match multiple variants of the same malware
family, and as such, block new malware variants that the firewall
has never seen before. The Palo Alto Networks threat research team uses
the threat intelligence gathered from malware variants to block
malicious IP addresses, domains, and URLs.