Palo Alto Networks WF (WildFire)

2018: Purchase of Axoft of a sandbox PAN WF-500

On April 25, 2018 the service IT distributor of Axoft announced acquisition of a sandbox of PAN WF (WildFire) 500 for carrying out pilot projects and tests. The amount of purchase is not specified, however it is noted that "large investment" will allow the distributor to offer the partners and their clients modern local solution for counteraction to the target attacks (Anti-APT) from Palo Alto Networks.

As explained in Axoft, purchase of a sandbox of PAN WF-500 is connected with the fact that among clients interest in local option of protection against threats of "zero-day" increased, especially from the power sphere and the communication sector.

The WF-500 device will suit partners and customers who do not want to transfer the files in a public cloud. The environment of the analysis WildFire identifies earlier unknown malware and generates signatures which Palo Alto Networks NGFW can use for detection and blocking of the malware. The private cloud Palo Alto Networks WF-500 device complements cloud WildFire with the local analysis of files. To ensure the increased safety, WildFire uses the hybrid approach, namely: both the local, and cloud analysis. The standalone mode (Stand-alone) allows to make dynamic analysis without Internet access.

Now Axoft can offer not only in sale, but also in pilot operation a full range of the solutions PAN: NGFW (protection of network) + WF-500 (sandbox) + TRAPS (advanced protection of end-point). Project work is carried out within a business chain: pilot implementation, report, budget assessment and competitive analysis, sale.

The Segment of the market of sandboxes grows very actively: the number of requests for carrying out pilot tests of this type of solutions raises. Interest of the Russian market in a sandbox from Palo Alto Networks is attracted by the fact that the solution in combination with NGFW is not a separate product in a portfolio, and represents an independent hardware and software system which does not require connection to cloud services. Clients wait from us and our partners of fast reaction to the request, and existence of own pilot park it allows us to do quickly – all process occupies no more than two working days — Vladislav Fefelov, the head of information security of Axoft company said.

2013: Release of Palo Alto Networks WF-500

In June, 2013 the Palo Alto Networks company specializing in solutions of network security announced an exit of Palo Alto Networks WF-500 – the platform for timely and complete detection, the analysis and warning of threats of "zero day" and purposeful the attacks in the form of a private cloud (private cloud).

Developed for users whose corporate security policy excludes a possibility of use of public cloud resources, the solution Palo Alto Networks WF-500 gives ample opportunities on detection and the analysis of threats in a controlled environment ("sandbox"). Earlier these opportunities were available only at a subscription to the service of Palo Alto Networks company under the name WildFire rendered in a public cloud of vendor. Now clients will be able to receive it, using the own platform set in corporate network. Integrated with the firewall of the next generation from Palo Alto Networks, WF-500 gives opportunities for complete prevention of threats.

Palo Alto Networks proposes such solution of "closed loop" on prevention of threats which includes a possibility of deployment both in private, and in a public cloud, the careful analysis of all network traffic and also a possibility of automatic blocking of malware and the purposeful attacks by means of the firewall of the next generation from Palo Alto Networks.

More than 1.700 companies use WildFire service, providing for the analysis the suspicious files detected by firewalls of the next generation Palo Alto Networks unrolled at clients of the company worldwide.

Files are loaded into a cloud for the analysis by automated systems and experts of Palo Alto Networks. If the file is classified as harmful, the signature which automatically goes to users of firewalls of the next generation of Palo Alto Networks with a subscription to WildFire service is generated to provide protection from:

• Earlier unknown malware and its modifications;
• The traffic generated by the malware including requests to unique domain names; and
• Managing traffic of botnets and unauthorized traffic to domain name servers (DNS).

The WF-500 device provides the same opportunities on the protected device in network of the customer. After equipment installation users can detect, analyze and prevent threats in a private cloud under own control. At will, they can freely share the detected harmful files with a public cloud of Palo Alto Networks and receive from it ready updates of signatures.