Palo Alto Networks WildFire Review

It can do on-premises sandboxing and detect attacks by malware embedded on files and URLs, but it should handle many more file types without sending .APK files to the cloud for sandboxing.


Valuable Features

It can do sandboxing on the premises, and it can be directly integrated with Palo Alto NGFW. The malware information on the file that has been sandboxing will be directly updated to the Palo Alto NGFW, and added to the Palo Alto Networks NGFW malware signature library. Also, the credential data within the file that has been sandboxing still be kept on the premises.

Improvements to My Organization

Palo Alto Networks WildFire can detect many types of attacks that are using malware embedded on files/URLs with minimum time, and it can increase the effectiveness of resources (time and people) to prevent the malware.

Room for Improvement

In my opinion, it could be developed to be dependent not only on signatures, but also on patterns and behavior of malware. What I would like to see in the next version/release is to be able to handle much more file types on premises during deployment, because now on premises deployment a .APK file must be sent to the cloud for sandboxing.

Use of Solution

I can't remember exactly, but probably more than six months.

Deployment Issues

For now, I have no issues with the deployment.

Stability Issues

For now, I have no issues with the stability.

Scalability Issues

For now, I have no issues with the scalability.

Customer Service and Technical Support

Customer Service:

Both customer server and technical support are very good.

Technical Support:

In our case, before we contact Palo Alto Networks technical support, we can contact the Palo Alto Networks local distributor, who provide Palo Alto Networks technical support locally.

Previous Solutions

I forgot what the name or product that used previously, but the reason I choose Palo Alto Networks wildfire is it integrated with Palo Alto Networks NGFW that already used on the network environment

Initial Setup

The initial setup of Palo Alto Networks WildFire is simple.

Implementation Team

We’re the ones who implement the Palo Alto Networks WildFire in our customers environments.

ROI

It’s not about what we will get directly from having Palo Alto Networks WildFire as an ATD device, but it’s all about the loss of resources you suffer if you don't have it implemented.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are Palo Alto Networks partner and reseller.
1 visitor found this review helpful
3 Comments
Tareq Musmar - CCIE Security #30689Real UserTOP 20

I didn't know that paloalto private sandboxing solution was limited in the type of files it can scan. Where can i get this info from ?

21 August 15
IT Security Engineer at a tech services company with 51-200 employeesReal User

The private sandboxing I prefer is on the WF-500 appliance, but it can be done if sent to the private cloud sandboxing. List type applications that can be handled by WildFire can be seen on link below.

Https://www.paloaltonetworks.com/documentation/60/pan-os/newfeaturesguide/content-inspection-features/wildfire-enhanced-file-type-and-operating-system-support.html

21 August 15
Batuhan UsluVendor

Please refer to hybrid cloud deployment for WF500, with this setup you may pass the APK files which is not likely to have any confidential information to Wildfire Threat Intelligence Cloud and get the verdict. https://www.paloaltonetworks.com/documentation/70/pan-os/newfeaturesguide/wildfire-features/wildfire-hybrid-cloud.html

28 October 15
Guest

Sign Up with Email