Overall Satisfaction with Palo Alto Networks WildFire
WildFire is a good product for sandboxing unknown files. Any exe, pdf, doc, etc file that originates from the interwebs is sent to the WF cloud. Internal info is sent to a WF appliance for internal assessment. Hashes from internal analysis is shared with the cloud but not the file.
- WF helps identify potentially malicious files across a large range of types and operating system executable files.
- WF + Traps helps catch things from a client that may traverse encrypted channels or that don't pass through a firewall.
- WF Appliance helps address compliance concerns allowing sandboxing of files on site.
- As all sand boxes, WF needs to stay on top of malware sandbox evasion techniques.
- The initial management and setup of WF could be better.
- Have had some bugs with WF code.
- Unknown file analysis helps with identifying malware that may not have a current signature.
- Additional visibility into files transferred across networks.
- FireEye
We use both FireEye and WildFire - they are the same and different. No analysis has been done.