- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
01-31-2017 03:26 AM
Hai all
after the upgrade to new version of pan os(7.0.13) i found some difference in security profile. Can you help me to understand the difference between:
- Security Profile > Antivirus > wildefire action
- Security Profile > Wildefire Analysis
is Antivirus profile to block malicious file knew in the dat file and wildefire for zero day files?Why there is a second wildefire profile in the Antivirus profile?If i make a rule which profile must i apply to the rule?
Thanks all
Gianpiero
01-31-2017 05:20 AM
hi there
there's 2 parts to Wildfire: one it the uploading and analyzing of files, which return you a verdict for that file
the second part is creating a signature to block these files for everyone that has downloaded the dynamic update package
so - Security Profile > Antivirus > wildefire action : is which actions to take on signatures matching the wildfire content update
it requires you to have the separate wildfire license
and - Security Profile > Wildefire Analysis : is what you want to do with files going through the firewall - upload them to wildfire or not
hope this makes sense ?
01-31-2017 05:23 AM
If I remember correctly, the AV profile allows you to set actions (reset-client, reset-server, etc) based on the decoder (http, ftp, pop3, etc). The Wildfire Analysis profile allows you to set which files you want to upload to the wildfire engine (public or private).
https://www.paloaltonetworks.com/documentation/70/pan-os/pan-os/policy/antivirus-profiles#19476
Hope that helps!
- Peter
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!