Increased WildFire File Fowarding Capacity

The maximum and default WildFire file forwarding sizes and rates are increased in PAN-OS® 9.0 to provide optimal visibility and detection. Based on Palo Alto Network’s data analytics, the new default capacities protect against the majority of threats, and is a best practice to use the new default values.
The forwarding capacities for Traps, Aperture, and Magnifier have not changed. For additional information about the file forwarding capacity of these products and other public/API integrations, refer to the product documentation.
File TypePAN-OS 9.0 Default File Forwarding SizesPAN-OS 9.0 Size Limits
pe16MB1-50MB
apk10MB1-50MB
pdf3,072KB100-51,200KB
ms-office16,384KB200-51,200KB
jar5MB1-20MB
flash5MB1-10MB
MacOSX10MB1-50MB
archive50MB1-50MB
linux50MB1-50MB
The default forwarding values might change over time based on the current version of PAN-OS or the content release version. To view the file size ranges and defaults:
  • Web Interface—From the Device > Setup > WildFire > General Settings window, select and clear a Size Limit field, and then press enter to update the field.
  • CLI—From a terminal emulator, connect to the firewall CLI and issue the following command: show wildfire file-size-limits.
  1. Log in to the firewall and verify the WildFire file forwarding size limits.
    wf-file-size-limits.png
    As a WildFire best practice, Palo Alto Networks recommends using the default file forwarding sizes. These values are designed to include the vast majority of malware that are likely to be encountered in real-world scenarios. Very large files that are beyond the size limits are excluded.
  2. Commit your configuration updates.
  3. Verify that the firewall is forwarding filestotheWildFire public cloud.

Related Documentation