How to use Wildfire for Android APK

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to use Wildfire for Android APK

L5 Sessionator

I found following new press release:

Palo Alto Networks WildFire Protects Against Cyber Threats Targeting Android Smartphones and Tablets

I have PaloAlto device with Wildfire subscription.

The device is running on PANOS 5.0.6.

How can I use this new wildfire?

Does it mean I just change configuration of File Blocking to upload .apk files?

If someone knows, please help. Otherwise, I'll contact to my local SE.

Regards,

Emr

1 accepted solution

Accepted Solutions

L5 Sessionator

Please confirm this information with your  SE on the availability of Wildfire for Android.

View solution in original post

8 REPLIES 8

L7 Applicator

Hi Emr,

You are correct,

Apk--- Android application package file

It is part of File Blocking Profiles.  ( Objects > Security Profiles > File Blocking ) and add APK as Supported File Formats for File Blocking.

Thanks

L7 Applicator

For reference, please follow below mentioned article,

https://live.paloaltonetworks.com/docs/DOC-4118 >>>>>>>  Page 216

Hope it will help you.

Thanks

L4 Transporter

Hello

If you are trying to understand how Wildfire works and its configuration then the below links will give you a good understanding of the wildfire configuration, testing and monitoring.

How to Configure Wildfire

Wildfire Configuration, Testing and Monitoring

How to Check the Connectivity to Wildfire and Upload Status of Files

Hope this helps.

L5 Sessionator

Hi,

For me, today, upload apk to Wildfire is not supported yet.

For now you can allow or block apk but can't be more granular.

Hope help

V.

L5 Sessionator

Please confirm this information with your  SE on the availability of Wildfire for Android.

Thank you for your replies, guys.

I tested with my PA device.

As VinceM says, I confirmed PA did not upload the APK file at this point.

I think this is new feature available from 6.0.

L7 Applicator

Just to help clarify:

  1. APK signatures for Android malware are being provided in AV signature set (PAN-OS 5.0+ only)
  2. Currently the signatures are being developed by leveraging internal android wildfire analysis environment and running Android software from popular stores through it to determine maliciousness.


However, PAN devices themselves do not currently have the ability to forward apk files to the cloud as VinceM observed.

Hi achitwadgi,

I see.

It helps me to understand more clearly.

Thanks for the updates.

  • 1 accepted solution
  • 4953 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!