The WildFire public cloud can now analyze and classify Mac OS X file types as malicious, grayware, or benign. For malicious Mac OS X files, the WildFire public cloud distributes a signature to Palo Alto Networks firewalls to allow the firewalls to detect and block future instances of the file.
The following Mac OS X file types are supported for WildFire public cloud analysis:
Mach-O—With Mac OS X, Mach-O file format is used for native executable, library, and object files. Possible file extensions include .o, .dylib, and .bundle.DMG—.dmg is the file extension for Universal Disk Image Format (UDIF) files and is the native disk image format for Mac OS X.PKG—Mac OS X installer files used for Apple software packages.
—With Mac OS X, application bundles are used to deliver software and can hold executable code and related resources.
While you can manually or programmatically submit all Mac OS X supported file types to the WildFire public cloud for analysis; the firewall supports automatic forwarding only for Mach-O, DMG, and PKG files.