Palo Alto Networks Advanced WildFire now operates a series of cloud-based ML detection engines that provide inline analysis of PE (portable executable) files traversing your network to detect and prevent advanced malware in real-time. Advanced WildFire Inline Cloud Analysis prevents files from being downloaded and potentially spreading through your network while it performs real-time analysis of the target sample. As with other malicious content that WildFire detects, threats detected by Advanced WildFire Inline Cloud Analysis also generate a signature that is then disseminated to customers through an update package, providing a future defense for all Palo Alto Networks customers.

This real-time defense is facilitated by new cloud-based engines that enable the detection of never-before-seen malware (e.g., a Palo Alto Networks zero-day - malware previously unseen in the wild or by Palo Alto Networks) and block it from entering your network environment. Advanced WildFire Inline Cloud Analysis utilizes a lightweight forwarding mechanism on the firewall to minimize performance impact, while the process-intensive operations take place in the cloud. The cloud-based ML models are updated seamlessly, to address the ever-changing threat landscape without requiring content updates or feature release support.

Advanced WildFire Inline Cloud Analysis is enabled and configured through the WildFire Analysis profile and requires an active Advanced WildFire license.