Introduction to WildFire

-->WildFire is a technology that provides detection and prevention of zero-day malware attacks using a combination of malware sandboxing and signature-based detection and blocking of malware.

--> WildFire extends the capabilities of Palo Alto Networks next-generation firewalls to identify and block targeted and unknown malware.

--> The Palo Alto Networks WildFire engine executes zero-day and targeted malware files in a virtual environment within the WildFire system.

--> Palo Alto Network wildfire automatically generates signatures for identified malware and distributes signatures to all firewalls via regular threat updates.

--> Palo Alto Wildfire provides forensics and insight into malware behavior such as,

i) Actions on target machine

ii) Applications that were used to deliver the malware

iii) URLs that were involved


-->We can deploy Palo Alto wildfire in three modes,

i) Wildfire Public Cloud

--> Palo Alto firewall forwards the files to hosted Wildfire environment that Palo Alto network owns and maintains.

--> whenever wildfire in the cloud detects the malware, it generates the signatures within 15-30 minutes to all the firewalls.

--> Palo Alto Firewalls equipped with wildfire subscription receives signatures within 15 minutes.

--> Palo Alto Firewalls equipped with Threat Prevention Subscription receives the signatures within 24-48 hours. Introduction to WildFire



ii) Wildfire Private Cloud 


--> Palo Alto firewall forwards the files to hosted wildfire environment that Corporate network owns and maintains using WF-500 Appliance.

--> Palo Alto WF-500 can receive and analyze the files from more than 100 Palo Alto Firewalls.

--> By using Wildfire Private Cloud, benign or grayware files never leave your network outside.



iii) Wildfire Hybrid Cloud

--> Hybrid cloud is a combination of Wildfire Public Cloud and Wildfire Private Cloud.

--> By using Wildfire Hybrid cloud, a single firewall can forward some specific files to wildfire private cloud and some files to wildfire public cloud.

--> We can do this by configuring settings based upon the file type, application and transmission direction of the file ( Upload or download).


0 Comments