Palo Alto Networks WF-500 Debuts Out-of-Band Malware Analysis
Page 1 of 1
The WF-500 is the on-premises version of Palo Alto's WildFire cloud-based security . The basic idea behind WildFire is that it is a service that examines unknown network payloads for potential malicious behavior. WildFire first debuted as a cloud-only service in November 2012 and is now being brought on-premises with the WF-500.
"With everything that comes into the firewall, if we don't know what it is, then we throw it in the sandbox and do some analysis to see if it's good, bad or indifferent," Wade Williamson, senior security analyst at Palo Alto, explained to Enterprise Networking Planet.
With the WildFire service, data is sent from the enterprise's firewall to the Palo Alto service. With the WF-500, instead of sending data to the cloud for analysis, the analysis is done on the local physical appliance. Williamson noted that some customer networks will not allow any data to be sent outside their networks, which is why there is a need for a local device.