https://live.paloaltonetworks.com/t5/general-topics/wildfire-actions/m-p/379535#M89580 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/133520">@FWPalolearner</a> ,</P> <P>&nbsp;</P> <P>1) that is correct.</P> <P>&nbsp;</P> <P>2) Not really, limit at your discretion I would say.&nbsp;</P> <P>The default WildFire Analysis profile specifies that all supported file types across all applications are forwarded for WildFire analysis in either direction.&nbsp; If you create a custom WildFire Analysis profile, it is a best practice to still set the profile to forward any file type. This enables the firewall to automatically begin forwarding file types as they become supported for WildFire analysis.</P> <DIV class="p" style="box-sizing: border-box; margin-bottom: 10px; font-family: 'HCo Decimal'; color: #141414; font-size: 12.5px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: #ffffff; text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;">&nbsp;</DIV> <P>3) Correct, there is no action in the profile.&nbsp; It's purely for the analysis, not for the prevention at this stage.</P> <P>&nbsp;</P> <P>Cheers !</P> <P>-Kiwi</P> <DIV id="ConnectiveDocSignExtentionInstalled" data-extension-version="1.0.4">&nbsp;</DIV> Wed, 13 Jan 2021 12:50:36 GMT kiwi 2021-01-13T12:50:36Z https://live.paloaltonetworks.com/t5/general-topics/wildfire-actions/m-p/379479#M89573 <P>Hi ,</P><P>i have 3 question for wildfire&nbsp;</P><P>1)If we define wildfire profile , and call that profile in a security rule , only that particular rule will be effective for wildfire analysis and not all the rules in the policy ?</P><P>&nbsp;</P><P>2)Also , as a starting point , we want to limit sending all the file types to Wildfire , is there any initial level Wildfire categories to start with ?</P><P>&nbsp;</P><P>3) Also , i dont see any action for wildfire profile , does the action depend upon AV , Antispyware profiles where we also have widlfire action ?</P> Wed, 13 Jan 2021 10:51:33 GMT https://live.paloaltonetworks.com/t5/general-topics/wildfire-actions/m-p/379479#M89573 FWPalolearner 2021-01-13T10:51:33Z https://live.paloaltonetworks.com/t5/general-topics/wildfire-actions/m-p/379535#M89580 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/133520">@FWPalolearner</a> ,</P> <P>&nbsp;</P> <P>1) that is correct.</P> <P>&nbsp;</P> <P>2) Not really, limit at your discretion I would say.&nbsp;</P> <P>The default WildFire Analysis profile specifies that all supported file types across all applications are forwarded for WildFire analysis in either direction.&nbsp; If you create a custom WildFire Analysis profile, it is a best practice to still set the profile to forward any file type. This enables the firewall to automatically begin forwarding file types as they become supported for WildFire analysis.</P> <DIV class="p" style="box-sizing: border-box; margin-bottom: 10px; font-family: 'HCo Decimal'; color: #141414; font-size: 12.5px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: #ffffff; text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;">&nbsp;</DIV> <P>3) Correct, there is no action in the profile.&nbsp; It's purely for the analysis, not for the prevention at this stage.</P> <P>&nbsp;</P> <P>Cheers !</P> <P>-Kiwi</P> <DIV id="ConnectiveDocSignExtentionInstalled" data-extension-version="1.0.4">&nbsp;</DIV> Wed, 13 Jan 2021 12:50:36 GMT https://live.paloaltonetworks.com/t5/general-topics/wildfire-actions/m-p/379535#M89580 kiwi 2021-01-13T12:50:36Z https://live.paloaltonetworks.com/t5/general-topics/wildfire-actions/m-p/379556#M89584 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/11943">@kiwi</a>&nbsp;Thanks a lot . really appreciate</P> Wed, 13 Jan 2021 13:52:30 GMT https://live.paloaltonetworks.com/t5/general-topics/wildfire-actions/m-p/379556#M89584 FWPalolearner 2021-01-13T13:52:30Z