Enable the WF-500 appliance to automatically submit malware samples to the WildFire public cloud. The WildFire public cloud further analyzes the malware and generates a signature to identify the sample. The signature is then added to WildFire signature updates, and distributed to global users to prevent future exposure to the threat. If you do not want to forward malware samples outside of your network, you can instead choose to submit only WildFire reports for the malware discovered on your network, in order to contribute to and refine WildFire statistics and threat intelligence.
Enable the WF-500 Appliance to Submit Malware or Reports to the WildFire Public Cloud
Submit Malware to the WildFire Public Cloud. Execute the following CLI command from the WF-500 appliance to enable the appliance to automatically submit malware samples to the WildFire public cloud: admin@WF-500# set deviceconfig setting wildfire cloud-intelligence submit-sample yes If the firewall that originally submitted the sample for WildFire private cloud analysis has packet captures (PCAPs) enabled, the PCAPs for the malware will also be forwarded to the WildFire public cloud. Go to the WildFire portal to view analysis reports for malware automatically submitted to the WildFire public cloud. When malware is submitted to the WildFire public cloud, the public cloud generates a new analysis report for the sample.
Submit Analysis Reports to the WildFire Public Cloud To automatically submit malware reports to the WildFire public cloud (and not the malware sample), execute the following CLI command on the WF-500 appliance: admin@WF-500# set deviceconfig setting wildfire cloud-intelligence submit-report yes If you have enabled the WF-500 appliance to automatically submit malware to the WildFire public cloud, you do not need to enable this option—the WildFire public cloud will generate a new analysis report for the sample. Reports submitted to the WildFire public cloud cannot be viewed on the WildFire portal. The WildFire portal displays only WildFire public cloud reports.
Verify Malware and Report Submission Settings Check to confirm that cloud intelligence is enabled to either submit malware or submit reports to the WildFire public cloud by running the following command: admin@WF-500> show wildfire status Refer to the Submit sample and Submit report fields.

Related Documentation