Red Hat SATELLITE 5.0.0 RELEASE NOTES Instrukcja Użytkownika Pobierz pdf (Strona 7)

Palo Alto Networks PAN-OS 6.1 Release Notes • 7

PAN-OS 6.1 Release Information Features Introduced in PAN-OS 6.1

WildFire Features

The following WildFire™ features are introduced in PAN-OS 6.1.0. For more details about these features and

for instructions on configuring them, refer to WildFire Features in the New Features Guide:

New WildFire Feature Description

Signature/URL

Generation on the

WildFire Appliance

The WF-500 appliance can now generate signatures locally, eliminating the need to send any

data to the public cloud in order to block malicious content. The WF-500 WildFire

appliance can now analyze files forwarded to it from Palo Alto Networks firewalls or from

the WildFire API and generate the following types of signatures that block both the

malicious files as well as associated command and control traffic:

• Antivirus signatures detect and block malicious files. These signatures are added to

WildFire and Antivirus content updates.

• DNS signatures detect and block callback domains for command and control traffic

associated with malware. These signatures are added to WildFire and Antivirus updates.

• URL Categorization classifies callback domains as malware and updates the URL

category in PAN-DB.

Firewalls must be running PAN-OS 6.1 or later to enable local signature generation for

forwarded files. In addition, you must configure the firewalls to receive content updates

from the WF-500 WildFire appliance, which can occur as frequently as every five minutes.

You can optionally send the malware sample file analysis data (or just the XML report if you

don't want to send the sample) to the WildFire public cloud to enable signature generation

for distribution through the Palo Alto Networks update server.

Content Updates on the

WF-500 WildFire

Appliance

To support the ability to generate signatures on the local WF-500 WildFire appliance, daily

content updates are now available for the appliance. These content updates equip the

appliance with the most up-to-date threat information for accurate malware detection and

improve the appliance's ability to differentiate the malicious from the benign.

Email Header

Information in WildFire

Logs

The firewall now captures email header information—email sender, recipient and subject—

and sends it along with the corresponding email attachments and email links that it forwards

to WildFire. If WildFire determines that the email attachment or link is malicious, it includes

the email header information in the WildFire Submissions log that it returns to the firewall.

This information can help you quickly track down and remediate threats that are detected

in emails received by your users. Note that neither the firewall nor WildFire receive, store,

or view the actual email contents.

Flash and Office Open

XML File Type Support

Firewalls can now forward Flash content embedded in web pages to WildFire for analysis.

In addition, WildFire now creates antivirus signatures for Flash applets and Office Open

XML (OOXML) 2007+ documents that it determines to be malicious and delivers the

signatures through antivirus updates, enabling you to alert or block malicious content in

these types of files. To support this capability, the firewall must have a WildFire subscription

and be running Content Release version 454 or later.

1 2 3 4 5 6 7 8 9 10 11 12 ... 51 52

Komentarze do niniejszej Instrukcji

Brak uwag

Red Hat SATELLITE 5.0.0 RELEASE NOTES Instrukcja Użytkownika Strona 7

Komentarze do niniejszej Instrukcji

Powiązane produkty i podręczniki dla Oprogramowanie Red Hat SATELLITE 5.0.0 RELEASE NOTES