Windows 10 Analysis Environment for the WildFire Appliance
Table of Contents
10.0
Expand all | Collapse all
-
- Automatic Content Updates Through Offline Panorama
- Enhanced Authentication for Dedicated Log Collectors and WildFire Appliances
- Syslog Forwarding Using Ethernet Interfaces
- Increased Configuration Size for Panorama
- Access Domain Enhancements for Multi-Tenancy
- Enhanced Performance for Panorama Query and Reporting
- Log Query Debugging
- Configurable Key Limits in Scheduled Reports
- Multiple Plugin Support for Panorama
Windows 10 Analysis Environment for the WildFire Appliance
The WildFire ® appliance can now analyze files
in a Windows 10 operating system.
The
WildFire ® appliance can now analyze files using the
Windows 10 operating system, which increases the threat prevention
coverage of the appliance by enabling it to detect threats that
are designed specifically for Windows 10 environments.
The
virtual analysis environment has the following system attributes:
- Windows 10 x64
- Adobe Reader 11
- Flash 11
- Office 2010
The WildFire appliance can use the Windows
10 environment to analyze all files that it normally supports.
To
take advantage of the new VM, you must download the Windows 10 VM
image from the Palo Alto Networks Customer Support Portal, install
the image onto the WildFire appliance, and then configure the appliance
to use the new VM environment.
Use the Windows 10 environment
for file analysis by selecting vm-7 when
you configure the WildFire appliance.
- Go to the Palo Alto Networks Customer Support Portal software download page.
- From the software updates page, select WF-500 Guest VM Images and download the WFWin10Base_m-1.0.0-c2.10base VM image file.
- Upload the Windows 10 VM image to the WildFire appliance.
- Import the software image from the SCP server:
admin@WF-500>scp import wildfire-vm-image from <username@ip_address>/<folder_name>/<vm_image_filename>
For example:admin@WF-500>scp import wildfire-vm-image from user1@10.0.3.4:/tmp/WFWin10Base_m-1.0.0-c2.10base
- To check the status of the download, use the following command:
admin@WF-500>show jobs all
- Install the Windows 10 VM image.
admin@WF-500>request system wildfire-vm-image upgrade install file <vm_image_filename>
- Confirm that the Windows 10 VM image has been properly
installed and enable the VM image the WildFire appliance uses to
perform analysis.
- View a list of available virtual machines images:
admin@WF-500> show wildfire vm-images
The following output shows that vm-7 is the Windows 10 VM image:vm-7 Windows 10 x64, Adobe Reader 11, Flash 11, Office 2010. Support PE, PDF, Office 2010 and earlier
- Set the image to be used for analysis:
admin@WF-500# set deviceconfig setting wildfire active-vm vm-7
And commit the configuration:admin@WF-500# commit
- (Optional) View the active VM image by running the following
command:
admin@WF-500> show wildfire status
- View a list of available virtual machines images: