WildFire technology is being used already by Palo Alto customers, among them Concord Hospital. Conference attendee Mark Starry, director of architecture and security at Concord Hospital, said WildFire has detected a few attacks, although from time to time the technology may simply result in false positives. Nevertheless, the healthcare organization, which has migrated over the past few years from competing firewall products to use of the Palo Alto application-aware firewalls, finds WildFire to be well worthwhile as an additional threat-detection tool.
Klarich said 973 Palo Alto NGFW customers now use WildFire, and over the past year, WildFire has scanned millions of files passing through customer networks, finding nearly 170,000 of them were malware, and 69,111 of these were zero-day malware not detected by the host antivirus companies at the time.
Klarich further piled on the antivirus vendors, saying days go by and still the A/V vendors don't have coverage for 40% of the malware Palo Alto is finding. But it's the first 24 hours that are important to respond to any attack that penetrates into the corporate network, he said.
In spite of its tough words for antivirus vendors, Palo Alto says it regards WildFire as an addition to network defense, not a substitute for antivirus software. Klarich acknowledged WildFire still remains an evolving threat-detection service.
Palo Alto's stance is that its NGFW can and should be the cornerstone for an expanding wide range of defense based on application-aware controls and features such as URL and reputation-based filtering, which Palo Alto this week said it is now doing based on its own research and development, rather than relying on third-party licensing.
But in an age where companies are now trying to come to grips with the influx of mobile devices, including Google Android and Apple iOS smartphones and tablets, often in situations where employees are allowed to "bring your own device," it's a question how successful a strategy can be that relies on pushing traffic through corporate firewalls to meet security policies.