Where Can I Use
This? | What Do I Need? |
The WildFire appliance can generate signatures
locally based on the samples received from connected firewalls and
the WildFire API, as an alternative to sending malware to the public
cloud for signature generation. The appliance can generate the following
types of signatures for the firewalls to use to block malware and
any associated command and control traffic:
Antivirus
signatures—Detect and block malicious files. WildFire adds these
signatures to WildFire and Antivirus content updates.
DNS signatures—Detect and block callback domains for
command and control traffic associated with malware. WildFire adds
these signatures to WildFire and Antivirus content updates.
URL categories—Categorizes callback domains as malware
and updates the URL category in PAN-DB.
Configure
the firewalls to retrieve the signatures generated by the WildFire
appliance as frequently as every five minutes. You can also send
the malware sample to the WildFire public cloud, in order to enable
the signature to be distributed globally through Palo Alto Networks
content releases.