Advanced WildFire Inline Cloud Analysis
November 2023
- Introduced in PAN-OS 11.1 (Requires an Advanced WildFire
license)
|
Palo Alto Networks Advanced WildFire now operates a
series of cloud-based ML detection engines that provide inline analysis of PE
(portable executable) files traversing your network to detect and prevent advanced
malware in real-time.
Advanced WildFire Inline Cloud Analysis
prevents files from being downloaded and potentially spreading through your network
while it performs real-time analysis of the target sample. As with other malicious
content that WildFire detects, threats detected by Advanced WildFire Inline Cloud
Analysis also generate a signature that is then disseminated to customers through an
update package, providing a future defense for all Palo Alto Networks customers.
This real-time defense is facilitated by new cloud-based
engines that enable the detection of never-before-seen malware (e.g., a Palo Alto
Networks zero-day - malware previously unseen in the wild or by Palo Alto Networks)
and block it from entering your network environment. Advanced WildFire Inline Cloud
Analysis utilizes a lightweight forwarding mechanism on the firewall to minimize
performance impact, while the process-intensive operations take place in the cloud.
The cloud-based ML models are updated seamlessly, to address the ever-changing
threat landscape without requiring content updates or feature release support.
Advanced WildFire Inline Cloud Analysis is enabled and
configured through the WildFire Analysis profile and requires an active Advanced
WildFire license.