Enable Advanced WildFire Inline ML
Where Can I Use
This? | What Do I Need? |
Prisma Access (Managed by Strata Cloud Manager) Prisma Access (Managed by Panorama) NGFW (Managed by Strata Cloud Manager) NGFW (Managed by PAN-OS or Panorama) VM-Series CN-Series
|
Advanced WildFire License For Prisma Access, this is usually included with your
Prisma Access license.
|
You can prevent malicious variants of portable
executables and PowerShell scripts from entering your network in
real-time using machine learning (ML) based analytics on the firewall
dataplane. By utilizing WildFire® Cloud analysis technology on your
security platform, Advanced WildFire Inline ML dynamically detects
malicious files of a specific type by evaluating various file details,
including decoder fields and patterns, to formulate a high probability
classification of a file. This protection extends to currently unknown
as well as future variants of threats that match characteristics that
Palo Alto Networks identified as malicious. Advanced WildFire inline
ML complements your existing Antivirus profile protection configuration. Additionally,
you can specify file hash exceptions to exclude any false-positives
that you encounter, which enables you to create more granular rules in
your profiles to support your specific security needs.
To enable Advanced WildFire Inline ML, you must have an active Advanced WildFire or WildFire
subscription, create (or modify) an Antivirus (or WildFire and Antivirus for Prisma Access) security profile to configure and enable the service, and then attach
the Antivirus profile to a security policy rule.
Advanced WildFire Inline ML is not currently supported
on the VM-50 or VM50L virtual appliance.