WildFire Appliance Interfaces
Where Can I Use
This? | What Do I Need? |
The WF-500 appliances are equipped with four RJ-45 Ethernet ports
located at the back of the appliance. These ports are labeled MGT, 1, 2,
and 3 and correspond to specific interfaces.
The WildFire appliance has three interfaces:
Virtual Machine Interface (VM interface)—Provides
network access for the WildFire sandbox systems to enable sample
files to communicate with the Internet, which allows WildFire to
better analyze the behavior of the sample. When the VM interface
is configured, WildFire can observe malicious behaviors that the
malware would not normally perform without network access, such
as phone-home activity. However, to prevent malware from entering
your network from the sandbox, configure the VM interface on an
isolated network with an Internet connection. You can also enable
the Tor option to hide the public IP address used by your company
from malicious sites that are accessed by the sample. For more information
on the VM interface, see
Set Up the WildFire Appliance VM Interface.
Cluster Management Interface—Provides cluster-wide
communication among the WildFire appliance nodes that are members
of a WildFire appliance cluster. This is a different interface than
the MGT interface for firewall operations. You can configure the
Ethernet2 interface or the Ethernet3 interface (labeled 2 and 3,
respectively) as the cluster management interface.
Obtain the information required to configure network connectivity
on the MGT port, the VM interface, and the cluster management interface
(WildFire appliance clusters only) from your network administrator
(IP address, subnet mask, gateway, hostname, DNS server). All communication
between the firewalls and the appliance occurs over the MGT port,
including file submissions, WildFire log delivery, and appliance
administration. Therefore, ensure that the firewalls have connectivity
to the MGT port on the appliance. In addition, the appliance must
be able to connect to updates.paloaltonetworks.com to retrieve its
operating system software updates.