5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profiles


Set Applications and File Types fields to any in WildFire file blocking profiles. With a WildFire license, seven file types are supported, while only PE (Portable Executable) files are supported without a license. For the 'web browsing' application, the action 'continue' can be selected. This still forwards the file to the Wildfire service, but also presents the end user with a confirmation message before they receive the file. Selecting 'continue' for any other application will block the file (because the end user will not see the prompt). If there is a 'continue' rule, there should still be an 'any traffic / any application / forward' rule after that in the list.


Selecting 'Any' application and file type ensures WildFire is analyzing as many files as possible.


Navigate to Objects > Security Profiles > File Blocking.
Set a rule so that Applications is set to any, File Type is set to any, and Action is set to forward.

Default Value:

Predefined Security Profiles exist for 'basic' and 'strict' File Blocking.

See Also


Item Details


References: 800-53|SI-3, CSCv7|8

Plugin: Palo_Alto

Control ID: 6dddb22798284a39c18a18fe1f9fd4b8d60840ce834194d9cac913c937c8de3a