This content is part of the Buyer's Guide: Network security basics: A Buyer's Guide

Buyer's Guide

Browse Sections

Palo Alto WildFire: Malware sandbox product overview

Tightly integrated with existing Palo Alto next-generation firewalls, the Palo Alto WildFire cloud-based malware sandbox service supports both public and private cloud deployments.

Editor's note: This Palo Alto WildFire malware sandbox overview is part of a series on buying network security products for the enterprise. The series explores the evolution of network security and lays out some major use cases. It also looks at the buying criteria for network security products and compares the leading network security vendors in the market.

Palo Alto WildFire is a cloud-based service that provides malware sandboxing and fully integrates with the vendor's on-premises or cloud-deployed next-generation firewall (NGFW) line. The firewall detects anomalies and then sends data to the cloud service for analysis. Through the use of a cloud architecture, Palo Alto claims its approach simplifies management, increases scalability and automates many of the steps that other vendors require human intervention to accomplish. And to make things easier on security administrators, WildFire uses a threat intelligence prioritization feature -- called AutoFocus -- to highlight the threats that need the most attention.

Malware sandbox platform options: Palo Alto WildFire is built on a cloud-based architecture that can be utilized by your existing Palo Alto NGFW. If a public cloud option is out of the question for your company, Palo Alto sells a WF-500 appliance for private cloud deployments.

WildFire Cloud: Palo Alto WildFire is a subscription-based public cloud service that provides malware sandboxing services. WildFire is tightly integrated with Palo Alto's NGFW line of firewalls. The service also uses global threat intelligence to detect new global threats and shares those results with other service subscribers.

WF-500 Appliance: For customers that require a private-cloud option, Palo Alto WildFire can be purchased on a private WF-500 appliance. This is a purpose-built appliance that performs identically to the public-cloud service.

Pricing and support: The WildFire public cloud service is purchased as an added feature when ordering a WildFire-capable NGFW. Subscriptions are priced in one-, three- or five-year increments, and price is also dependent on the throughput capability of the firewall. A one-year subscription to Palo Alto WildFire for a PA-3050 NGFW, for example, has a list price of around $4,500.

If the WF-500 appliance is required, it can be purchased along with one-, three- or five-year licenses. The appliance alone lists for around $118,000, with a one-year license priced at approximately $20,000. Palo Alto requires hardware, software and cloud services are purchased through a registered Palo Alto channel partner. The partner ultimately sets the final price.

Palo Alto offers five different tiers of support, among them an on-site spares hardware program.

All tiers offer phone and email support and hardware replacement, as well as access to software updates. More advanced tiers offer faster access to support services and sometimes a dedicated team of support staff. Turnaround for replacement parts is faster in higher-level tiers, and the spares program gives customers the option of keeping hardware on-site for quicker replacement.

Next Steps

Learn about the benefits of cloud-based malware analysis.

Learn how smart sandboxes differ from traditional sandboxes.

Explore how some malware can beat sandboxes.

Discover how malware adapts to virtual machines.

Dig Deeper on Network security

Unified Communications
Mobile Computing
Data Center