The basic WildFire service is included as part of the Palo Alto Networks next generation firewall and does not require a WildFire subscription. With the basic WildFire service, the firewall can forward portable executable (PE) files for WildFire analysis, and can retrieve WildFire signatures only with antivirus and/or Threat Prevention updates which are made available every 24-48 hours.
A WildFire subscription unlocks the following WildFire features:
- WildFire Real-Time Updates—The firewall can retrieve WildFire signatures for newly-discovered malware as soon as the WildFire public cloud can generate them beginning with PAN-OS 10.0. Signatures that are downloaded during a sample check are saved in the firewall cache, and are available for fast (local) look-ups. In addition, to maximize coverage, the firewall also automatically downloads a signature package on a regular basis when real-time signatures is enabled. These supplemental signatures are added to the firewall cache and remain available until they become stale and are refreshed or are overwritten by new signatures. Selectand enable the firewall to get the latest WildFire signatures in real-time.DeviceDynamic Updates
- WildFire Five-Minute Updates—The WildFire public cloud and a WildFire private cloud can generate and distribute WildFire signatures for newly-discovered malware every five minutes, and you can set the firewall to retrieve and install these signatures every minute (this allows the firewall to get the latest signatures within a minute of availability). Selectto enable the firewall to get the latest WildFire signatures. Depending on your WildFire deployment, you can set up one or both of the following signature package updates:DeviceDynamic Updates
- WildFire Advanced File Type Support—In addition to PEs, forward advanced file types for WildFire analysis, including APKs, Flash files, PDFs, Microsoft Office files, Java Applets, Java files (.jar and .class), and HTTP/HTTPS email links contained in SMTP and POP3 email messages. (WildFire private cloud analysis does not support APK, Mac OS X, Linux (ELF), archive (RAR/7-Zip), and script (JS, BAT, VBS, Shell Script, PS1, and HTA) files).
- WildFire API—Access to the
- WildFire Private and Hybrid Cloud Support—Forward Files to a WildFire Appliance(PAN-OS 8.1, 9.0, 9.1, 10.0). WildFire private cloud and WildFire hybrid cloud deployments both require the firewall to be able to submit samples to a WildFire appliance. Enabling a WildFire appliance requires only a support license.
Recommended For You
Recommended videos not found.