Palo Alto Networks WildFire Reviews

It can do sandboxing on the premises, and it can be directly integrated with Palo Alto NGFW. The malware information on the file that has been sandboxing will be directly updated to the Palo Alto NGFW, and added to the Palo Alto Networks NGFW malware signature library. Also, the credential data within the file that has been sandboxing still be kept on the premises.

Palo Alto Networks WildFire can detect many types of attacks that are using malware embedded on files/URLs with minimum time, and it can increase the effectiveness of resources (time and people) to prevent the malware.

In my opinion, it could be developed to be dependent not only on signatures, but also on patterns and behavior of malware. What I would like to see in the next version/release is to be able to handle much more file types on premises during deployment, because now on premises deployment a .APK file must be sent to the cloud for sandboxing.

I can't remember exactly, but probably more than six months.

For now, I have no issues with the deployment.

For now, I have no issues with the stability.

For now, I have no issues with the scalability.

Both customer server and technical support are very good.

In our case, before we contact Palo Alto Networks technical support, we can contact the Palo Alto Networks local distributor, who provide Palo Alto Networks technical support locally.

I forgot what the name or product that used previously, but the reason I choose Palo Alto Networks wildfire is it integrated with Palo Alto Networks NGFW that already used on the network environment

The initial setup of Palo Alto Networks WildFire is simple.

We’re the ones who implement the Palo Alto Networks WildFire in our customers environments.

It’s not about what we will get directly from having Palo Alto Networks WildFire as an ATD device, but it’s all about the loss of resources you suffer if you don't have it implemented.

User identification and the Applipedia are the most useful. The integration of the Applipedia with the application identification at layer seven makes it a very comprehensive, and secure, firewall.

We have the ability to see what traffic is coming and going in a much deeper and more detailed fashion. We have also found, and stopped, several malware applications before they infected the endpoints.

I've used it for five months.

During initial testing we were too strict on what was allowed outbound. We ended up needing to open up more broad categories. We also found that several websites do not function well with the SSL Decryption feature. We also found that a custom script is required to put the SSL Decryption certificate into Mozilla Firefox.

No the product has been very stable and reliable.

We implemented it in a smaller environment but, find that the 3000 series has plenty of power and has the ability to grow with us as we provide north-south as well as east-west security between internal environments.

Customer service is very friendly and responsive to any request.

I have found the tech support to be impressive. Support agents are available 24/7, and I have never waited for more than an hour to speak with an agent. I would consider the first team you call to be equivalent to most level two or three engineers.

Previously we used Cisco ASA 5510 and Fortinet. Fortinet was an old version and was phased out due to this. The Cisco ASA was replaced do to the limited capability of the out of box functionality and reporting.

Initial set-up was straightforward and easy. We were able to get both devices on the network and set-up to look at traffic within a few hours on split up time. The products complexity came from the terms and the overall thinking of how the product works.

We did it in-house.

Before choosing Palo Alto we also reviewed Cisco ASA, Fortinet, and Sophos.

The product is straightforward to implement, though if you are looking for a quick implementation, I would suggest bringing in an expert.

Being able to discover malicious files unknown to most AV vendors.

It has allowed me to stop new attacks before they could gain a foothold in my network.

• Inspection over different protocols (not just HTTP/FTP)
• Inspecting more file types
• Providing information back to the community that it uses to support its product.

I've used it for three years. However, my current company isn't using the product. I took a different engineering route into the company and I decided to use other protection solutions and not Wildfire.

The deployment of Wildfire was surprisingly easy.

Wildfire itself was a very stable product.

I never had any issues with scalability. When I enabled it, it seemed to work in the environment that the firewall was already servicing.

Great when I was at a large company but average or less than average at a small company.

Overall their support people are better than most tech companies.

There was no solution in this space before Wildfire. Both FireEye and Wildfire came onto the market right around the same time.

It was straightforward as I could, literally, turn on the firewall settings in five minutes or less.

You really don't need to pay to turn it on. The configuration is very simple.

There are two levels of Wildfire.

1. The free version which is great, so I would guess there is no ROI on this version
2. Then there is the subscription version of the service and this is a very affordable yearly subscription per firewall

Initially, the product doesn't cost anything for the first tier of usage you can prove the product before buying it.

• FireEye
• Blue Coat
• ProofPoint.
• Even as the more the list of products I look at each year is pretty long.

If you're running Palo Alto firewalls there is no reason not to use it at the free level. Once you have run it for a while at the basic level, you can make an educated decision if it's worth paying for the subscription (it is).

Sandboxing is the primary use case. WildFire is used for that. There are two options: one is on the cloud, and one is on-premise. The cloud version is perfect. It is working very well. But on the on-premise version, we have faced a lot of problems previously.  

The threat intelligence from WildFire supports our proactive defense strategies. Palo Alto has a unit 42 team, which is one of the best in the market for threat intelligence. Their threat intelligence is comprehensive.

Also, Palo Alto is a pioneer in AI and ML integration, so I think there are some AI processes running in clusters.

It can detect new threats, particularly. It's a sandboxing prototype. 

We send mostly emails or connections with context or files. The most important thing is how many kinds of files the sandbox can handle. Also, Palo Alto is good at this. There are more than 20 different file types, this product can understand.

 The important thing for sandboxing is how many different types of files the sandbox product is analyzing. And so, also, Palo Alto is good at it, compared to other sandboxes.

Palo Alto doesn't do much to support the on-premise version. It wants too much self-support for the on-premise version of WildFire. 

But for regulation purposes, some of our customers don't want to use the cloud environment, so they have to use the on-premise version. 

Integration is okay, not too hard, with Palo Alto. But we are facing a lot of issues, and most of the issues go unresolved. So, the on-premise version is not very stable.

With my experience, the cloud version is stable. So I need the on-premises version to be more stable.

I have been working with Palo Alto for four years, but I have been familiar with WildFire for one and a half years.

I would rate the stability a seven out of ten. 

The cloud version is very stable. It is working very fine. Integration is very easy. There are not too many issues. I like it. Compared to the on-premise version, it is very easy and very effective for customers.

Some of my colleagues work on SD-WAN.

The initial setup is a little bit complex on-premise, but not too complex because it can only connect to a Palo Alto firewall. On the cloud, it is very easy; you only need to enable it with a click, and it is done. After that, you can set up the configuration on the firewall. 

But on-premise, it is not a configuration issue; it's a little bit of a stability issue.

Integration with existing infrastructure: 

WildFire can only integrate with the Palo Alto firewall. Right now, maybe XDR can integrate on the cloud version, but you cannot integrate it with other vendors or put it standalone without any Palo Alto product.

We are an integrator. We also work with some other vendors.

WildFire has improved our customer's security posture and reduced costs overall.

It's not hard to configure as it connects to the firewall. After integration, you don't need much configuration and don't waste too much time, so the return on investment is very rapid.

In general, all Palo Alto products are a little bit higher in price compared to competitors.

I recommend it, but mostly the cloud version.

I recommend it to any company who needs sandboxing or this kind of file analysis. But they must be careful if they have to use on-premise, because of the stability issues.

Overall, I would rate the solution an eight out of ten. 

We are using Palo Alto Networks WildFire as our network firewall.

The solution has helped our company stay secure from the security features it provides.

The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good.

When comparing this solution to others it is not as good overall.

I have been using Palo Alto Networks WildFire for approximately one year.

Palo Alto Networks WildFire is a stable solution.

I have found Palo Alto Networks WildFire to be scalable.

We have 10 users that use this solution. We plan to increase usage in the future.

The technical support is good.

I have used other similar solutions, such as HP, Checkpoint, and Fortinet.

The implementation is not difficult and the full process took approximately two days.

We have an internal team that did the implementation of the solution. We do some of the maintenance ourselves but if we have trouble we contact the support.

I rate Palo Alto Networks WildFire a five out of ten.

I use WildFire mostly for customers, especially when they ask about firewalls. We recommend Palo Alto, FortiGate, Check Point, and then a customer decides what is the best firewall for their tasks. 

I generally recommend WildFire for telecom companies, banks, supermarkets, or any company which has its own IT infrastructure.

It provides threat intelligence that supports customers' proactive defense strategies. If a customer has an updated database of signatures or behavior, it is useful for their protection.

The features depend on the file format. For Windows, there is one set of features, and for Linux binaries, it is another. All sandboxes basically work with new binaries for Linux or macOS since they are not able to emulate behavior, and they are unable to analyze what code snippets or what behavior is malicious for binaries.

Improving detection on non-Windows formats would be beneficial as there are many samples, such as Linux or ransomware for macOS. Enhancing detection in these areas would be great.

I have been familiar with WildFire for two to three years, but it depends on the customer because it can be rather periodic.

I have files tickets and their support was great. I was able to solve the problems of my customers.

Positive

I have interacted with Microsoft Box and some online sandboxes.

Generally speaking, it is hard to analyze ROI since no one in Ukraine did analytics on sandbox networks.

It is hard to say because there is a significant difference between some European countries and Ukraine in the ability to buy expensive products. European countries may not find it a huge problem to spend $10,000, however, it is a significant issue for Ukrainian companies, especially given the current situation with war.

I use any online sandbox which is allowed to be public and frequently check malicious files in virus or sandboxes, including virus total information.

I would recommend improving detection in non-Windows formats. Currently, scripts like PHP scripts, Bash scripts, and other issues not related to Windows rank much worse.

I'd rate the solution nine out of ten.