WildFire Logs versus Blocking.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

WildFire Logs versus Blocking.

L4 Transporter

For WildFire logs in 5.0.2 there is some confusion about the subscription.  The question most ask is whether the lack of a wildfire subscription will still allow the logs in the WildFIre section to accurately alert if a file is potentially malware. And in a general sense what the WildFire subscription gives you.

3 REPLIES 3

L3 Networker

WildFire logs will still have the files analyzed against up to date information from the cloud, the subcription is to get those updates every 15 minutes and not over 24 hours. File rules establish the action for each EXE/PE file downloaded.

L4 Transporter

Wildfire will function the same as in the non subscription version except the summary report you get via email is now in the console.  If you have panorama or a siem you can more easily look at historical wildfire information or port the wildfire logs off to a separate place for analysis etc. The Wildfire logs will only come down to the console if you have the subscription service.  Also you will get hourly wildfire AV files with the latest signatures as opposed to the daily AV files (which you will still get if you have a threat subscription).

Hope this adds some clarity?

Thanks HITSEC.

  • 2304 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!