The basic WildFire service is included as part of the
Palo Alto Networks next generation firewall and does not require
a WildFire subscription. With the basic WildFire service, the firewall
can forward portable executable (PE) files for WildFire analysis,
and can retrieve WildFire signatures only with antivirus and/or
Threat Prevention updates which are made available every 24-48 hours.
A WildFire subscription unlocks the following WildFire features:
WildFire Five-Minute Updates
—The WildFire public
cloud and a WildFire private cloud can generate and distribute WildFire
signatures for newly-discovered malware every five minutes, and
you can set the firewall to retrieve and install these signatures
every minute (this allows the firewall to get the latest signatures
within a minute of availability). Select
to enable the
firewall to get the latest WildFire signatures (PAN-OS 8.1, 9.0, 9.1) Depending on your
WildFire deployment, you can set up one or both of the following
signature package updates:
latest signatures from the WildFire public cloud.
—Get the latest signatures from a WildFire
appliance that is configured to locally generate signatures and
URL categories (PAN-OS 8.1, 9.0, 9.1).
WildFire Advanced File Type Support
—In addition to
PEs, forward advanced file types for WildFire analysis, including
APKs, Flash files, PDFs, Microsoft Office files, Java Applets, Java
files (.jar and .class), and HTTP/HTTPS email links contained in
SMTP and POP3 email messages. (WildFire private cloud analysis does
not support APK, Mac OS X, Linux (ELF), archive (RAR/7-Zip), and
script (JS, BAT, VBS, Shell Script, PS1, and HTA) files).
—Access to the
(PAN-OS 8.1, 9.0, 9.1), which enables direct programmatic
access to the WildFire public cloud or a WildFire private cloud.
Use the WildFire API to submit files for analysis and to retrieve
the subsequent WildFire analysis reports. The WildFire API supports
up to 1,000 file submissions and up to 10,000 queries a day.
WildFire Private and Hybrid Cloud Support
Files to a WildFire Appliance
(PAN-OS 8.1, 9.0, 9.1). WildFire private
cloud and WildFire hybrid cloud deployments both require the firewall
to be able to submit samples to a WildFire appliance. Enabling a
WildFire appliance requires only a support license.
If you have purchased a WildFire subscription, you must activate it before you
can take advantage of the subscription-only WildFire features.