The virtual machine interface (vm-interface) provides external network connectivity from the sandbox virtual machines in the WF-500 appliance to enable observation of malicious behaviors in which the file being analyzed seeks network access. The following sections describe the VM interface and the steps required for configuring it. You can optionally enable the Tor feature with the VM interface, which will mask any malicious traffic sent from the WF-500 appliance through the VM interface, so the malware sites that the traffic may be sent to cannot detect your public-facing IP address.
Document:WildFire® Administrator’s Guide
Set Up the WF-500 Appliance VM Interface
Last Updated:
Wed May 06 13:22:31 PDT 2020
Current Version:
7.1 (EoL)
Table of Contents
Search the Table of Contents
-
- About the WF-500 Appliance
- Configure the WF-500 Appliance
- Set Up the WF-500 Appliance VM Interface
- Virtual Machine Interface Overview
- Configure the VM Interface on the WF-500 Appliance
- Connect the Firewall to the WF-500 Appliance VM Interface
- Enable WF-500 Appliance Analysis Features
- Set Up WF-500 Appliance Content Updates
- Enable Local Signature and URL Category Generation
- Submit Locally-Discovered Malware or Reports to the WildFire Public Cloud
- Upgrade a WF-500 Appliance
-
- WildFire Best Practices
- Forward Files for WildFire Analysis
- Forward Decrypted SSL Traffic for WildFire Analysis
- Verify WildFire Submissions
- Test a Sample Malware File
- Verify File Forwarding
- Manually Upload Files to the WildFire Portal
- Submit Malware or Reports from the WF-500 Appliance
- Firewall File Forwarding Capacity by Platform
-
- About WildFire Logs and Reporting
- Use the Firewall to Monitor Malware
- Configure WildFire Submissions Log Settings
- Monitor WildFire Submissions and Analysis Reports
- Set Up Alerts for Malware
- Use the WildFire Portal to Monitor Malware
- Configure WildFire Portal Settings
- Add WildFire Portal Users
- View Reports on the WildFire Portal
- WildFire Analysis Reports—Close Up
- WildFire Example
- Use the WildFire API
-
- WF-500 Appliance Software CLI Concepts
- WF-500 Appliance Software CLI Structure
- WF-500 Appliance Software CLI Command Conventions
- WF-500 Appliance CLI Command Messages
- WF-500 Appliance Command Option Symbols
- WF-500 Appliance Privilege Levels
- WildFire CLI Command Modes
- WF-500 Appliance CLI Configuration Mode
- WF-500 Appliance CLI Operational Mode
- Access the WF-500 Appliance CLI
- Use the WF-500 Appliance CLI
- Access WF-500 Appliance Operational and Configuration Modes
- Display WF-500 Appliance Software CLI Command Options
- Restrict WF-500 Appliance CLI Command Output
- Set the Output Format for WF-500 Appliance Configuration Commands
- WF-500 Appliance Configuration Mode Command Reference
- set deviceconfig setting wildfire
- set deviceconfig system update-schedule
- set deviceconfig system vm-interface
- WF-500 Appliance Operational Mode Command Reference
- create wildfire api-key
- delete wildfire api-key
- delete wildfire-metadata
- edit wildfire api-key
- load wildfire api-key
- request system raid
- request system wildfire-vm-image
- request wf-content
- save wildfire api-key
- set wildfire portal-admin
- show system raid
- show wildfire
- test wildfire registration
