03-07-2013 11:10 AM
For WildFire logs in 5.0.2 there is some confusion about the subscription. The question most ask is whether the lack of a wildfire subscription will still allow the logs in the WildFIre section to accurately alert if a file is potentially malware. And in a general sense what the WildFire subscription gives you.
03-07-2013 11:47 AM
WildFire logs will still have the files analyzed against up to date information from the cloud, the subcription is to get those updates every 15 minutes and not over 24 hours. File rules establish the action for each EXE/PE file downloaded.
03-07-2013 12:13 PM
Wildfire will function the same as in the non subscription version except the summary report you get via email is now in the console. If you have panorama or a siem you can more easily look at historical wildfire information or port the wildfire logs off to a separate place for analysis etc. The Wildfire logs will only come down to the console if you have the subscription service. Also you will get hourly wildfire AV files with the latest signatures as opposed to the daily AV files (which you will still get if you have a threat subscription).
Hope this adds some clarity?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
