cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Who rated this post

Hi Tom,

 

First of all, I'd like to thank you for your wonderful book 'Mastering the Palo Alto networks' which is very informative and helpful for the beginners like me to nourish our skills on Palo Alto.

 

Under Monitor -> Wild fire submissions, I see Malicious is being marked as 'blocked'. From the below, I believe AV is the one which is going to block the viruses and not the Wild Fire. Please correct me if I'm wrong.

 

1. Assuming no wildfire license in place and through AV updates, will it be automatically blocked in next 24hours?

2. Will it block only if it's set to 'reset-both' under AV/Wildfire action or it'll block automatically if the action is set to 'default or alert' in the AV profile?

3. In AV profile, I see only HTTP, FTP, SMB, SMTP and POP3. What if any files which are malicious are transferred through SFTP and so on, which isn't part of the AV decoders?

 

 

 

Who rated this post