1. Home
    2. WildFire
    3. WildFire® Administrator’s Guide
    4. Submit Files for WildFire Analysis
    5. Submit Malware or Reports from the WF-500 Appliance
    Previous
    Next
    Enable the WF-500 appliance cloud intelligence feature to automatically submit malware samples discovered in the WildFire private cloud to the WildFire public cloud. The WildFire public cloud further analyzes the malware and generates a signature to identify the sample. The signature is then added to WildFire signature updates, and distributed to global users to prevent future exposure to the threat. If you do not want to forward malware samples outside of your network, you can instead choose to submit only WildFire reports for the malware discovered on your network to contribute to WildFire statistics and threat intelligence.
    Enable the WF-500 Appliance to Submit Malware or Reports to the WildFire Public Cloud
    Submit Malware to the WildFire Public Cloud Execute the following CLI command from the WF-500 appliance to enable the appliance to automatically submit malware samples to the WildFire public cloud: admin@WF-500# set deviceconfig setting wildfire cloud-intelligence submit-sample yes If the firewall that originally submitted the sample for WildFire private cloud analysis has packet captures (PCAPs) enabled, the PCAPs for the malware will also be forwarded to the WildFire public cloud.
    Submit Malware Reports to the WildFire Public Cloud If the WF-500 appliance is enabled to Submit Malware to the WildFire Public Cloud, you do not need to also enable the appliance to submit malware reports to the public cloud. When malware is submitted to the WildFire public cloud, the public cloud generates a new malware report for the sample. To enable the WF-500 appliance to automatically submit malware reports to the WildFire public cloud (and not the malware sample), execute the following CLI command on the WF-500 appliance: admin@WF-500# set deviceconfig setting wildfire cloud-intelligence submit-report yes
    Verify Cloud Intelligence Settings Check to confirm that cloud intelligence is enabled to either submit malware or submit malware reports to the WildFire public cloud by running the following command: admin@WF-500> show wildfire status Refer to the Submit sample and Submit report fields.
    Previous
    Next

    Related Documentation

    Submit Locally-Discovered Malware or Reports to the WildFire Public Cloud

    Submit Locally-Discovered Malware or Reports to the WildFire Public Cloud Enable the WF-500 appliance to automatically submit malware samples to the WildFire public cloud. The ...

    WildFire EU Cloud

    WildFire EU Cloud A new WildFire regional cloud is now available in Europe. The WildFire EU cloud is hosted in The Netherlands, and is designed ...

    Enable WF-500 Appliance Analysis Features

    Enable WF-500 Appliance Analysis Features Set Up WF-500 Appliance Content Updates Enable Local Signature and URL Category Generation Submit Locally-Discovered Malware or Reports to the ...

    About the WF-500 Appliance

    About the WF-500 Appliance The WF-500 appliance provides an on-premises WildFire private cloud, enabling you to analyze suspicious files in a sandbox environment without requiring ...

    WildFire Deployments

    WildFire Deployments You can set up a Palo Alto Networks firewall to submit unknown samples to the Palo Alto Networks-hosted WildFire global cloud, to a ...

    Get Started with WildFire

    Get Started with WildFire The following steps provide a quick workflow to get started with WildFire®. If you’d like to learn more about WildFire before ...

    set deviceconfig setting wildfire

    set deviceconfig setting wildfire Description Configure Wildfire settings on the WF-500 appliance. You can configure forwarding of malicious files, define the cloud server that receives ...

    Submit Files for WildFire Analysis

    Submit Files for WildFire Analysis The following topics describe how to submit files for WildFire® analysis. You can set up Palo Alto Networks firewalls to ...

    Use the WildFire Portal to Monitor Malware

    Use the WildFire Portal to Monitor Malware Log in to the Palo Alto Networks WildFire portal using your Palo Alto Networks support credentials or your ...

    About WildFire Logs and Reporting

    About WildFire Logs and Reporting You can Monitor WildFire Activity on the firewall, with the WildFire portal, or with the WildFire API. For each sample ...

    © 2019 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo