The firewall forwards unknown samples, as well as blocked files that match antivirus signatures, for WildFire analysis based on the configured WildFire Analysis profile settings (
). In addition to detecting links included in emails, files that are attached to emails, and browser-based file downloads, the firewall leverages the Palo Alto Networks App-ID feature to detect file transfers within applications. For samples that the firewall detects, the firewall analyzes the structure and content of the sample and compares it against existing signatures. If the sample matches a signature, the firewall applies the default action defined for the signature (allow, alert, or block). If the sample matches an antivirus signature or if the sample remains unknown after comparing it against WildFire signatures, the firewall forwards it for WildFire analysis.
By default, the firewall also forwards information about the session in which an unknown sample was detected. To manage the session information that the firewall forwards, select
and edit Session Information Settings.
Forward Files for WildFire Analysis
Forward Files for WildFire Analysis Configure Palo Alto Networks firewalls to forward unknown files or email links and blocked files that match existing antivirus signatures ...
Enable Basic WildFire Forwarding
Enable Basic WildFire Forwarding WildFire is a cloud-based virtual environment that analyzes and executes unknown samples (files and email links) and determines the samples to ...
WildFire Analysis of Blocked Files
WildFire Analysis of Blocked Files If you enabled WildFire forwarding on your firewall, the firewall now submits blocked files that match antivirus signatures for WildFire ...
Get Started with WildFire
Get Started with WildFire The following steps provide a quick workflow to get started with WildFire™. If you’d like to learn more about WildFire before ...
WildFire Concepts Samples Firewall Forwarding Session Information Sharing Analysis Environment Verdicts File Analysis Email Link Analysis Compressed and Encoded File Analysis WildFire Signatures ...
WildFire Submissions Logs
WildFire Submissions Logs The firewall forwards samples (files and emails links) to the WildFire cloud for analysis based on WildFire Analysis profiles settings ( Objects ...
About WildFire The WildFire Analysis Environment identifies previously unknown malware and generates signatures that Palo Alto Networks firewalls can use to then detect and block ...
Submit Files for WildFire Analysis
Submit Files for WildFire Analysis The following topics describe how to submit files for WildFire™ analysis. You can set up Palo Alto Networks firewalls to ...
Verdict Checks with the WildFire Global Cloud
Verdict Checks with the WildFire Global Cloud The WildFire appliance can now leverage WildFire global cloud intelligence to deliver quick verdicts for known samples. This ...