WildFire EU Cloud
A new WildFire regional cloud is now available in Europe. The WildFire EU cloud is hosted in The Netherlands, and is designed to adhere to European Union (EU) data privacy regulations. Samples submitted to the WildFire EU cloud remain within EU borders, and the WildFire EU cloud analyzes malware and generates signatures independently of the WildFire global cloud.
Any firewall with an active WildFire subscription can start forwarding samples to the WildFire EU cloud, and you can access the WildFire EU portal using your support account credentials. You can learn more about the file types supported for WildFire analysis depending on the cloud to which you are forwarding files—currently, all file types supported for WildFire global cloud analysis are also supported for WildFire EU cloud analysis.
If you have not done so already, get started with WildFire to define the samples that you want a firewall to forward for analysis—you can then begin to Submit Samples to the WildFire EU Cloud.
Submit Samples to the WildFire EU Cloud
You can submit samples to the WildFire EU cloud from the firewall, from a WF-500 appliance, using the WildFire EU portal, and using the WildFire API.
Submit Samples to the WildFire Regional Cloud in Europe
Firewall: Enable a firewall with an active WildFire subscription to forward samples to the WildFire EU cloud: Log in to the firewall and select Device > Setup > WildFire and edit General Settings. Enter the URL for the WildFire Public Cloud hosted in Europe: eu.wildfire.paloaltonetworks.com . Click OK to save the updated WildFire analysis location. Use the show wildfire status command in the CLI to verify that the firewall is connected to the WildFire EU cloud. Find verdicts and analysis reports for samples: Select Monitor > WildFire Submissions or log in to the WildFire EU cloud portal to view the WildFire verdict and analysis details for samples submitted to the WildFire EU cloud. WildFire Submissions logs might not be displayed for samples submitted up to seven minutes before and two minutes after you update the WildFire public cloud field on the firewall. To view verdicts and analysis reports for samples submitted before the update, go to the WildFire global cloud portal. To view verdicts and analysis reports for samples submitted after the update, go to the WildFire EU cloud portal.
WF-500 Appliance: Enable a WF-500 appliance to submit locally-discovered malware or sample reports to the WildFire EU cloud for additional analysis and signature distribution: To connect the WF-500 appliance to the WildFire EU cloud, enter the following command from the WF-500 appliance CLI: set deviceconfig setting cloud-server eu.wildfire.paloaltonetworks.com If you have not done so already, enter the following command from the WF-500 appliance CLI to start submitting malware to the WildFire EU cloud: set deviceconfig setting wildfire cloud-intelligence submit-sample yes
WildFire EU Portal: You can manually submit samples to the WildFire EU cloud using the WildFire EU portal: https://eu.wildfire.paloaltonetworks.com. After uploading files or URLs to the WildFire EU portal, you can also view the WildFire analysis verdict and report for the sample.
WildFire API: Use the following resources to submit samples through the WildFire API to the WildFire EU cloud: Submit a file: https://eu.wildfire.paloaltonetworks.com/publicapi/submit/file Submit a file through a URL: https://eu.wildfire.paloaltonetworks.com/publicapi/submit/url Submit a URL: https://eu.wildfire.paloaltonetworks.com/publicapi/submit/link Submit multiple URLs: https://eu.wildfire.paloaltonetworks.com/publicapi/submit/links To get information on submissions to the WildFire EU Cloud, you must also use the same base URI that corresponds to the WildFire EU cloud. Example: https://eu.wildfire.paloaltonetworks.com/publicapi/get/verdict

Related Documentation