Palo Alto Networks WildFire Subscription adds support for Archive (RAR/7z) and Linux ELF File Analysis

By Allen Wilkes

Technical Sales Consultant

Palo Alto Networks have added support for archive (RAR/7z) & Linux (ELF) binaries to the WildFire public cloud subscription in the Application and Threat Content release version 745 dated 25/10/2017 for PAN-OS versions 8.0 and higher with malicious, benign, or grayware verdicts. The WildFire appliance does not support ELF and archive file analysis.

Follow the WildFire best practices configuration below to ensure your Palo Alto Networks WildFire subscription is providing the highest level of unknown threat protection.

 

WildFire Best Practice Configuration

Best practice for WildFire configuration recommends are as follows:

Choose the WildFire cloud to which you want to submit samples for analysis based on your location and your organization’s needs

1) Choose the WildFire cloud to which you want to submit samples for analysis based on your location and your organization’s needs

  • WildFire Global Cloud – wildfire.paloaltonetworks.com
  • WildFire EU Cloud – eu.wildfire.paloaltonetworks.com
  • WildFire Japan Cloud – jp.wildfire.paloaltonetworks.com
  • WildFire Singapore Cloud – sg.wildfire.paloaltonetworks.com

2) Enable both Report Benign Files & Grayware Files

3) Change the file size limits to the maximum sizes allowed

 

FILE TYPESIZE LIMIT
pe10MB
apk50 MB
pdf1000 KB
ms-office10,000 KB
jar10 MB
flash10 MB
MacOSX50 MB
archive50 MB
linus10 MB

 

 

Contact us – We’d love to help you

Teneo collects your personal data when you complete our online forms. We will use this information to provide an accurate response to your questions or requests and we will keep a record of your form completion in our CRM system. By submitting this form, you agree to us contacting you for the purpose of our response. For more information explaining how we use your personal data, please see our Privacy Policy.