Palo Alto Networks WildFire Review

It can do on-premises sandboxing and detect attacks by malware embedded on files and URLs, but it should handle many more file types without sending .APK files to the cloud for sandboxing.


What is most valuable?

It can do sandboxing on the premises, and it can be directly integrated with Palo Alto NGFW. The malware information on the file that has been sandboxing will be directly updated to the Palo Alto NGFW, and added to the Palo Alto Networks NGFW malware signature library. Also, the credential data within the file that has been sandboxing still be kept on the premises.

How has it helped my organization?

Palo Alto Networks WildFire can detect many types of attacks that are using malware embedded on files/URLs with minimum time, and it can increase the effectiveness of resources (time and people) to prevent the malware.

What needs improvement?

In my opinion, it could be developed to be dependent not only on signatures, but also on patterns and behavior of malware. What I would like to see in the next version/release is to be able to handle much more file types on premises during deployment, because now on premises deployment a .APK file must be sent to the cloud for sandboxing.

For how long have I used the solution?

I can't remember exactly, but probably more than six months.

What was my experience with deployment of the solution?

For now, I have no issues with the deployment.

What do I think about the stability of the solution?

For now, I have no issues with the stability.

What do I think about the scalability of the solution?

For now, I have no issues with the scalability.

How are customer service and technical support?

Customer Service:

Both customer server and technical support are very good.

Technical Support:

In our case, before we contact Palo Alto Networks technical support, we can contact the Palo Alto Networks local distributor, who provide Palo Alto Networks technical support locally.

Which solution did I use previously and why did I switch?

I forgot what the name or product that used previously, but the reason I choose Palo Alto Networks wildfire is it integrated with Palo Alto Networks NGFW that already used on the network environment

How was the initial setup?

The initial setup of Palo Alto Networks WildFire is simple.

What about the implementation team?

We’re the ones who implement the Palo Alto Networks WildFire in our customers environments.

What was our ROI?

It’s not about what we will get directly from having Palo Alto Networks WildFire as an ATD device, but it’s all about the loss of resources you suffer if you don't have it implemented.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are Palo Alto Networks partner and reseller.
1 visitor found this review helpful
3 Comments
author avatarSenior Presales Engineer at a tech services company with 501-1,000 employees
Consultant

I didn't know that paloalto private sandboxing solution was limited in the type of files it can scan. Where can i get this info from ?

author avatarIT Security Engineer at a tech services company with 51-200 employees
Consultant

The private sandboxing I prefer is on the WF-500 appliance, but it can be done if sent to the private cloud sandboxing. List type applications that can be handled by WildFire can be seen on link below.

Https://www.paloaltonetworks.com/documentation/60/pan-os/newfeaturesguide/content-inspection-features/wildfire-enhanced-file-type-and-operating-system-support.html

author avatarEMEA Corporate Sales - Advanced Cyber Security Solutions at a tech company with 5,001-10,000 employees
Vendor

Please refer to hybrid cloud deployment for WF500, with this setup you may pass the APK files which is not likely to have any confidential information to Wildfire Threat Intelligence Cloud and get the verdict. https://www.paloaltonetworks.com/documentation/70/pan-os/newfeaturesguide/wildfire-features/wildfire-hybrid-cloud.html

Guest