Details

Set Applications and File Types fields to any in WildFire file blocking profiles. With a WildFire license, seven file types are supported, while only PE (Portable Executable) files are supported without a license.

Rationale:

Selecting ‘Any’ application and file type ensures WildFire is analyzing as many files as possible.

Solution

Navigate to Objects > Security Profiles > File Blocking.
Set a rule so that Applications is set to any, File Type is set to any, and Action is set to forward.
or
From the CLI:
# set profiles file-blocking “How to configure File Blocking” rules “File Blocking” action forward direction both application any file-type any
Default Value:
Not Configured

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/1780

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Palo_Alto.

References

• 800-53|SI-4(4)
• CSCv6|8.5

Source

• Tenable.com/audits