08-28-2015 01:15 PM
I thought there was a limited version of wildfire that you could use for PE files. But it isn't working, I do a test registration and it fails. Is there something that is missing in the instruction that I have
09-09-2015 01:24 PM
SSL decryption and quic disabled for chrome browsers enabled our free version of wildfire to work as well, one note was that I couldn't see WildFire entries in the WildFire logs on PAN-OS 5 but I could see it in the web portal(https://wildfire.paloaltonetworks.com/wildfire/reportlist)..after I upgraded to PAN-OS 6 I was able to see the wildfire entries in the firewall log as well.
09-09-2015 02:16 PM
I am already on OS 6.1 but I do not have decryption enabled because I thought it required a license and I did not know it was necessary for the limited version of wildfire
09-09-2015 11:21 PM
SSL Decryption is not necessary for a wildfire (free or licensed). It is necessary to analyze files that were downloaded via SSL. To test free Wildfire only you should download a test file from http://wildfire.paloaltonetworks.com/publicapi/test/pe. File will be downloaded in clear text, therefore no SSL decryption is required and you will be able to confirm that your Wildfire configuration is correct.
09-10-2015 05:33 AM
Yes I downloaded the file and nothing happened. I have a ticket in with PA TAC but they just keep blowing me off.
09-10-2015 06:14 AM
Is wildfire-test-pe-file.exe visible in Data Filtering logs? You should see two entries in that log: Forward and wildfire-upload-success.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!