Reviews (1-5 of 5)
April 28, 2020
Score 8 out of 10
It's been used as an APT and zero day. It's leveraging the current Palo Alto deployment where they're located at perimeter, data center and cloud.
Main usage is for the perimeter defense for the whole organization.
Without WildFire, static analysis and file checks do not give the up-to-date protection level for current infrastructure. That's also assisting the SOC for threat detection and hunting. Autofocus integration is a plus for file trajectory. API integrations with different solutions enrich the product usability.
- Integration with Palo Alto solutions (very easy and one-click).
- Zero day detection.
- AutoFocus integration.
- Leveraging the Palo Alto threat prevention features.
- API integration with different solutions (many of them already built-in configurations).
- Unit 42 threat research team behind the WildFire.
- Integration with 3rd-party feeds.
- Upcoming solutions and acquisitions of Palo Alto are integrated and built-in capability of WF usage.
- Local WF appliance is lacking in term of functionality like no bare metal analysis in local solution.
- No new features coming to local WF appliances.
- No built-in integration with GlobalProtect Agent.
- Cloud WF does not have the option for specific regions to be used (compliance).
- Cloud side does not have alarming option for [degraded] performance.
- Lack of forensics (needs additional product or integration).
Read this authenticated review
If an already implied Palo Alto Networks solutions, I'll definitely recommend.
From the cost perspective it's very competitive even from the scratch to get a Palo Alto Network firewall and open TP + WF. It'll surely cover your ATP needs.
Virtualwire integration with PAN firewall and WF works well and very easy to setup. Even it can be used additional 2nd layer of defense for enhancing current solutions.
Reports are magnificent.
Performance is great.
However for heterogeneous environments there are other solutions to take a look at.
For local-only solutions: Wildfire is not very suitable as it's lacking in terms of functionality.
December 12, 2018
Score 10 out of 10
We are using Wildfire to protect our network at several layers, we're using it on our edge networks to protect from threats on the internet as well as protecting our internal client networks from threats that may exist in our shared services environment or each other in the case of a few specific clients who are allowed to talk to each other. Additionally we use it to protect our corporate presence from the internet as well as our remote hosting environment. Wildfire has proven to be a lifesaver through several zero-day events including wanna-cry.
- Detecting malware
- Zero-day threat prevention
- Keeping you up to date with the latest threats
- I would personally like to see more JSON support in the API rather than XML, but that's being very nitpicky
Read this authenticated review
Palo Alto Networks Wildfire is well suited for pretty much anywhere that you need the latest and greatest network security. It is extremely good at protecting you from the latest malware threats that might pose a potential problem for your network/endpoints. We've been very please since we installed it and I would say cost of the Palo Altos is the only drawback. If money were no object I'd go with a Palo Alto with Wildfire every time. But unfortunately in some smaller branches it just doesn't make financial sense.
December 14, 2017
Score 9 out of 10
WildFire is a good product for sandboxing unknown files. Any exe, pdf, doc, etc file that originates from the interwebs is sent to the WF cloud. Internal info is sent to a WF appliance for internal assessment. Hashes from internal analysis is shared with the cloud but not the file.
- WF helps identify potentially malicious files across a large range of types and operating system executable files.
- WF + Traps helps catch things from a client that may traverse encrypted channels or that don't pass through a firewall.
- WF Appliance helps address compliance concerns allowing sandboxing of files on site.
- As all sand boxes, WF needs to stay on top of malware sandbox evasion techniques.
- The initial management and setup of WF could be better.
- Have had some bugs with WF code.
Read Alex Waitkus, CISSP-ISSAP, OSCP's full review
Currently it is being used at our collocation. It helps identify and more importantly prevents malware and evasive attacks to high confidential and production data. It takes our existing Palo Alto devices and works with WildFire becoming end point sensor to help prevent malicious attacks. This helps resolve any foreseeable threat as well as provides potential clients with reports showing the security procedures taken by our company. This helps project our confidence that data stored is protected and secure.
- This is could base and easily manageable for our collocation. While working within the could can review in live time potential treats that it has reported from other devices.
- Worked very well with existing Palo Alto devices.
- Another huge plus is the simplicity of managing and ease of scalability.
- Its cost is competitive with similar/like products available.
- Although it supports third party NGFW's I haven't tried and heard mixed reviews. I'd stay within the Palo Alto family of device.
- Support could become cumbersome if not identified from the beginning. Even though it's purchased through a vendor which could offer support ultimately having support from Palo Alto would be ideal.
Read Daniel J. Lewis's full review
Depending on the environment being implemented in I'd recommend it for compliance purposes as well as managing it from a Network Engineer perspective. From my experience, firmware updates, patching and hardware integration have generally been smooth. Truth be told, cloud based firewall and networking compliance are becoming more and more mainstream and WildFire has a solid foundation.
July 28, 2016
Score 8 out of 10
We are using the WildFire cloud services across the organization to detect and block malware discovered by others for near-zero-day protection, as well as to upload files that haven't been seen in the wild for examination in case a new or unique threat enters our organization.
- Quick definition downloads and updates. Version 7.1 can do one every 5 minutes. Zero day protection within 5 minutes is a huge plus.
- Quick manual or automatic examination of files. Palo Alto's wildfire site supports API uploads or manual uploads that provide more detailed information than a Virustotal, for example.
- Would be helpful if they supported more file types.
- Would be helpful if they supported uploads of larger files.
Read this authenticated review
It is well suited for organizations where zero-day exploits are likely or the impact will be large. Palo Alto Networks Wildfire can be relatively expensive, so smaller or extremely cost-sensitive organizations might not be able to justify the cost vs. waiting for daily antivirus updates that contain the intraday wildfire rollups.
Palo Alto Networks WildFire Scorecard Summary
About Palo Alto Networks WildFire
Palo Alto Network’s WildFire is a malware prevention service. It specializes in addressing zero-day exploits and malware. WildFire utilizes a combination of dynamic and static analysis, as well as machine learning, to automate threat prevention. It shares real-time threat intelligence across the user base, and provides advanced sandbox testing environments to reveal zero-day threats before they get to users’ systems.
WildFire can be deployed on-premises, via the cloud, or as a hybrid system. It can integrate with third-party security tools. It is a cloud-based system to enable efficient scaling and optimizes with other Palo Alto product offerings.
Palo Alto Networks WildFire Competitors
Cisco, CheckPoint, Fortinet
Palo Alto Networks WildFire Technical Details