02-24-2014 08:11 AM
i used PA3020 and software version 6.0.0, wildfire version is 26818-33137
i configured wildfire action to block in antivirus profile and apply to security policy already.
but, when i test to download a malicious files. the action is alert and i can download this file. why?
i don't know, what is wrong in my configure and i want to know, how to configure wildfire to block a malicious file.
02-24-2014 08:55 AM
Hi,
What about the wildfire report for your virus.exe file ?
V.
02-24-2014 11:00 AM
Do you have a configured file blocking profile ? What is the action set for the file blocking profile under objects ?
02-24-2014 11:00 AM
02-24-2014 11:03 AM
i configured action in blocking profile to "forward".
02-24-2014 08:35 PM
Wildfire report shows that the first time the malware was reported at 02-24 14:08 and the log shows alert for type wildfire at 22:59 with wildfire-upload-skip since the file has been already sent to wildfire cloud
If the firewall is equipped with a WildFire subscription then it can receive the new signatures within 30-60 minutes; firewalls with only a Threat Prevention subscription can receive the new signatures in the next antivirus signature update within 24-48 hours. Can you please confirm if you have valid license for wildfire? The wildfire version that you have is 26818-33137 and the latest available is 26836-33168.
02-24-2014 08:45 PM
i try to test this virus.exe about 4 hours. and i download an update already.
and if you look at this pic. wildfire log is show "virus.exe" is malicious but action is alert, not block.
02-25-2014 08:34 PM
Hi thanachaip,
Nothing false in your configuration.
I got the same problem and already open case for it.
02-25-2014 09:00 PM
Could you please share the case ID here.
02-25-2014 10:40 PM
Hi HULK,
My case number : 00189573.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!