Hello Everyone, I did not manage to get this information in other online resources and in Wildfire -> General Settings does not seem to have this option. Hence I am asking for your help on these questions:
Thanks a lot!
A few short answers on your queastions:
1. The files will be uploaded to the WildFire cloud on the fly as they get through the PA
2. The cloud sandboxing is determening whether a file is maliciuos or not.
3. Users with an account on the WildFire portal will receive the notifications.
Great inputs @Mourik, thanks a lot.
All my relevant security policies are using my wildfire profile (which i instructed to capture any app, any file type, both direction with the Analysis on "Public-cloud), so with this I can say my traffic is pretty covered with wildfire.
I will tell my boss who is the main account holder for wildfire, thanks so much for your response.
If file passes Palo then hash is taken and checked against Wildfire cloud if this file has been scanned already.
If yes then based on previous verdict it is decided if file is benign, grayware or malware.
Benign is clean.
Grayware is something that does not install automatically but is something security aware people dislike (browser toolbars that leak data for example).
Malware is something that behaves maliciously.
If file has not been checked before then file is passed on to user but copy is sent to cloud to be analyzed.
Verdict will come in 5 minutes and if configured to block viruses found by Wildfire (there are 2 databases - AV and Wildfire) then Palo starts blocking malicious traffic that this virus generates.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!