WildFire: U.S. Government Cloud
The Palo Alto Networks WildFire U.S. Government cloud is a high-security malware analysis platform that is FedRAMP (Federal Risk and Authorization Management Program) authorized. This WildFire cloud environment is intended for use only by U.S. federal agencies requiring a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The WildFire: U.S. Government cloud operates as a separate and distinct entity — Any privacy information that might be present in samples sent for analysis, such as email addresses, IP addresses, and passive DNS, will not be shared with any other WildFire cloud instance. However, it is still able to leverage threat data generated by the WildFire public cloud to maximize coverage capability as well as protections and antivirus signatures produced through file analysis.
For more detailed information about Palo Alto Network’s WildFire FedRAMP authorization, visit: Palo Alto Networks Government Cloud Services - WildFire
The WildFire public cloud (the global and regional clouds) and the WildFire U.S. Government cloud has several functional differences from the public cloud. The following functionality is not available for customers connecting to the WildFire: U.S. Government cloud:
- Bare Metal Analysis is not supported by the U.S. Government cloud.
- Script file (Bat, JS, BVS, PS1, Shell script, and HTA) analysis is currently not supported.
- The WildFire: U.S.Government cloud cannot be accessed through the WildFire portal.
- The WildFire: U.S Government cloud cannot be integrated with other cloud-based services.
- Right to delete functionality is not available.
Get Started with the WildFire: U.S. Government Cloud
In order to connect to the WildFire: U.S. Government cloud, you must apply for access. Follow any internal procedural measures to determine the suitability of using the WildFire: U.S Government cloud within your network, such as, but not limited to conducting a risk analysis, evaluation of the CSP submission package, and authorization approvals. Please contact your Palo Alto Networks sales representative / WildFire: U.S. Government Cloud point of contact to discuss any additional operational details.
Requests to access the WildFire U.S. Government cloud begins when you have met the proper organization requirements for operating a FedRAMP authorized service. There are two entity categories who can access the WildFire U.S. government cloud: U.S. government contractors and U.S. federal agencies (and other approved governmental departments). Both entities have specific requirements for accessing the WildFire U.S. government cloud:
- U.S. federal agencies, departments, and bureaus must receive an Authority to Operate (ATO) by the Designated Approving Authority (DAA), which authorizes operation of the WildFire U.S. government cloud within an agencies operations, before access is granted.U.S. Federal Agencies
- Inform the Palo Alto Networks Point of Contact (firstname.lastname@example.org) of the intention to use the WildFire U.S. government cloud.
- Send a request to email@example.com.
- Complete the FedRAMP Package Access Request Form and submit it to firstname.lastname@example.org.The FedRAMP Program Management Office (PMO) reviews the form and typically issues a temporary 30 day access to the WildFire FedRAMP package.
- Review the FedRAMP security package for the WildFire U.S. Government cloud. Complete any internal processes required to deploy the WildFire U.S. Government cloud into your organization.
- Issue the ATO.
- Send a request to the FedRAMP PMO for permanent access to the WildFire U.S. government cloud.
- U.S. government contractors who use or access the WildFire U.S. government cloud must meet the following requirements.U.S. Government Contractors
- Must be a citizen of the United States.
- Hold an active contract (or subcontract) with a U.S. federal government agency with an occupational requirement for information exchange using the Internet, such as email correspondence, sharing of documents, and other forms of Internet communication.
- Upon termination of a contractor’s employment, the user must cease using or accessing the WildFire U.S. government cloud.
- Abide by the confidentiality provisions contained within the Palo Alto Networks EULA.
After your organization issues an Authorization to Operate (ATO) or when applicable U.S. government contractors meet all usage requirements, only then can a request be made to access the WildFire U.S. Government cloud by contacting your Palo Alto Networks Account team.
- Contact your FedRAMP Program Management Office (PMO) to determine the viability of the U.S. Government cloud for your security needs.
- Contact the Palo Alto Networks point of contact specified in the FedRAMP Marketplace. The point of contact provides additional information about the service, as well as any other operational details pertinent to your particular WildFire deployment.
- Contact the Palo Alto Networks Account Team to begin the on-boarding process. The Account Team will request the following information regarding customer details and deployment specifics.
- Contact information.
- A brief description for migrating to the WildFire U.S. Government cloud.
- A statement of organizational compliance with the confidentiality provisions outlined within the Palo Alto Networks EULA.
- Egress IP addresses of all firewall gateways (including management planes), as well as all instances of Panorama.
- After WildFire Program Management grants approval to use the WildFire U.S. Government cloud (typically in one to three business days), Palo Alto Networks Development Operations applies the appropriate controls.
- After access to the WildFire U.S. Government cloud is granted, reconfigure the firewall to forward unknown files and email links for analysis using the following URL: wildfire.gov.paloaltonetworks.com. For more information, see Forward Files for Wildfire Analysis. If you require any additional assistance, contact Palo Alto Networks Customer Support.
Recommended For You
Recommended videos not found.