topic Re: WildFire file size limits in General Topics

WildFire file size limits

Melissa_Walker — Tue, 11 Sep 2018 20:51:12 GMT

I'm trying to figure out whether our file size limits for WildFire are set appropriately. I have been unable to find a good way to determine whether there are files that aren't being uploaded due to their size. Would that show up in our logs? I've also discovered the WildFire logs don't include a column for file size, I need to look at the detailed view of each log entry to find the size of the file uploaded which is extremely inefficient. Is there a trick I'm missing to do this analysis, or is everyone else just using the default settings?

Re: WildFire file size limits

BPry — Tue, 11 Sep 2018 23:21:40 GMT

@Melissa_Walker,

The majority of places you'd be 100% safe with keeping the defaults. If you're worried about large files (though malicious files are generally smaller) then the following would be recommended.

PE: 10 MB

APK: 30 MB

PDF: 1,000 KB

ms-office: 2,000 KB

jar: 5 MB

Flash: 5 MB

MaxOSX: 1 MB

Archive: 10 MB

Linux: 5 MB

Keeping in mind that the firewall has limited forwarding ability due to a cache size limits before forwarding actually takes place, so you really wouldn't want to set this any higher.

Re: WildFire file size limits

OtakarKlier — Wed, 12 Sep 2018 20:01:18 GMT

Hello,

We set ours to the max size on all settings. But like BPRy stated, most malware is super small.

Regards,