End-of-Life (EoL)

File Analysis

A Palo Alto Networks firewall configured with a WildFire analysis profile forwards samples for WildFire analysis based on file type (including email links). Additionally, the firewall decodes files that have been encoded or compressed up to four times (such as files in ZIP format); if the decoded file matches WildFire Analysis profile criteria, the firewall forwards the decoded file for WildFire analysis.
While the firewall can forward all the file types listed below, WildFire analysis support can vary depending on the WildFire cloud to which you are submitted samples. Review WildFire File Type Support to learn more.
File Types Supported for WildFire Forwarding
Android Application Package (APK) files. APK files are not supported for WildFire private cloud analysis using a WildFire appliance.
Adobe Flash applets and Flash content embedded in web pages.
Java applets (JAR/class files types).
Microsoft Office files, including documents (DOC, DOCX, RTF), workbooks (XLS, XLSX), and PowerPoint (PPT, PPTX) presentations, and Office Open XML (OOXML) 2007+ documents.
Portable Executable (PE) files. PEs include executable files, object code, DLLs, and FON (fonts). A subscription is not required to forward PE files for WildFire analysis, but is required for all other supported file types.
Portable Document Format (PDF) files.
Mach-O, DMG, and PKG files are supported with content version 599. You can also manually or programmatically submit all Mac OS X supported file types for analysis (including application bundles, for which the firewall does not support automatic forwarding).
HTTP/HTTPS links contained in SMTP and POP3 email messages. See Email Link Analysis.
Roshal Archive (RAR) and 7-Zip (7z) archive files. Password-protected and Multi-volume archives are that are split into several smaller files cannot be submitted for analysis.
Executable and Linkable Format (ELF) files.

Recommended For You