WildFire: U.S. Government Cloud

The Palo Alto Networks WildFire U.S. Government cloud is a high-security malware analysis platform that is FedRAMP (Federal Risk and Authorization Management Program) authorized. This WildFire cloud environment is intended for use only by US federal agencies requiring a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The WildFire: U.S. Government cloud operates as a separate and distinct entity — Any privacy information that might be present in samples sent for analysis, such as email addresses, IP addresses, and passive DNS, will not be shared with any other WildFire cloud instance. However, it is still able to leverage threat data generated by the WildFire public cloud to maximize coverage capability as well as protections and antivirus signatures produced through file analysis.
For more detailed information about FedRAMP and the Palo Alto Network’s certification, visit: Palo Alto Networks: FedRAMP
The WildFire public cloud (the global and regional clouds) and the WildFire U.S. Government cloud has several functional differences from the public cloud. The following functionality is not available for customers connecting to the WildFire: U.S. Government cloud:
  • Bare Metal Analysis is not supported by the government cloud.
  • Script file (Bat, JS, BVS, PS1, and Shell script) analysis is currently not supported.
  • The WildFire: U.S.Government cloud cannot be accessed through the WildFire portal.
  • The WildFire: U.S Government cloud cannot be integrated with other cloud-based services.
  • Right to delete functionality is not available.

Get Started with the WildFire: U.S. Government Cloud

In order to connect to the WildFire: U.S. Government cloud, you must apply for access. Follow any internal procedural measures to determine the suitability of using the WildFire: U.S Government cloud within your network, such as, but not limited to conducting a risk analysis, evaluation of the CSP submission package, and authorization approvals. Please contact your Palo Alto Networks sales representative / WildFire: U.S. Government Cloud point of contact to discuss any operational details. After your organization issues an Authorization to Operate (ATO), only then can a request be made to access the WildFire U.S. Government cloud by submitting a support ticket.
  1. Contact your FedRAMP Program Management Office (PMO) to determine viability of the WildFire Government cloud for your security needs.
  2. Contact the Palo Alto Networks point of contact specified in the FedRAMP Marketplace.
  3. Open a Palo Alto Networks support ticket and request access to the WildFire U.S. Government Cloud.
    • Log in to the Customer Support Portal (CSP).
    • Select
      Support Cases > Create a Case
      and complete the service request details.
    • A support representative will contact you when the case is updated.
  4. After access to the WildFire U.S. Government cloud is granted, reconfigure the firewall to forward unknown files and email links for analysis using the following URL: wildfire.gov.paloaltonetworks.com. For more information, see Forward Files for Wildfire Analysis.

Related Documentation