cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Who rated this post

Most everything is handled locally, with the exception of malware verdicts.  Instead of leveraging signature files, the agent will check with WildFire via a SHA-256 hash.  If the file is known, it will respond accordingly.  If it is unknown, local analysis will score the file and make a temporary verdict.  At the same time the file is uploaded and detonated in WildFire.  After analysis, the file is known.  This logic is the same logic that applied in the on-premise ESM.

 

Do you have connectivity challenges or are you trying to limit internet traffic?


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 
Who rated this post