I thought there was a limited version of wildfire that you could use for PE files. But it isn't working, I do a test registration and it fails. Is there something that is missing in the instruction that I have
If you allow all outbound traffic, then correct you wouldnt need a specific rule. We tighten down our outbound access as well so we have a special policy just for the PAN to reach out to the internet and then we lock down what it can get to, source, destination, applications, etc.
However you can search your logs for those particular applications and/or URL's to see if your PAN is reaching out to the cloud.
i've updated both the wildfire config and testing and the Discussion of the Week with some additional pointers
if all your service routes are currently still the default (mgmt) there should already be a rule that allows your dynamic updates and software updates (if not you may consider creating a policy to support all these in one go, or opt for the service routes as mentioned above)
a good cli command to figure out which rule would allow your management outbound traffic is :
> test security-policy-match source <management-IP> destination 18.104.22.168 protocol 7 destination-port 443
the destination ip is from our updates server
In 6.1 and below, wildfire is tied to a "File Blocking" profile. Create a profile that detects any file type for any application and set the action to "forward". This should start sending MD5 hashes to Wildfire. 7.0 has changed things. I am looking for the config guide as I write this.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!