Versions Compared

Version Old Version 5 New Version 6
Changes made by

Arkadi_Bourkov

Arkadi_Bourkov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A status dashboard contains widgets from which you can view and manage data. Widgets are the building blocks of status dashboards. For more information about widgets, see Adding Widgets to Dashboards bookmark257. They provide information about different aspects of your Grid and networks. For example, the Member Status widget provides general information about a Grid member, and the Network Statistics widget provides data for a specified network.
The appliance provides a default status dashboard. Grid Manager displays the default dashboard only when there are more than one widget on the dashboard. You can add and modify widgets in the default dashboard, but you cannot rename or delete it. From a dashboard, you can access your most commonly accessed tasks and monitor appliance status. You can configure your own status dashboards to which you can add widgets that help you manage different data. Configuring multiple status dashboards helps organize widgets in a meaningful way and improves dashboard and widget performance. This is especially useful when you have a Grid serving a large number of Grid members. When you configure a new dashboard, you can use the existing dashboard as a template. You can create up to 100 copies at a time using the Add Dashboard option. For information about how to add status dashboards, see Adding Status Dashboards bookmark261.
You can add widgets to different dashboards, however, you can add only one widget at a time on each dashboard. The default number of widgets per dashboard is 10. The maximum number of widgets that you can add on each dashboard is 20 at a time. You can define the number of widgets that can be configured on each dashboard in User Profile. This limitation applies only to dashboards that you configure and does not apply to the default dashboard. For information about how to specify the widget limit, see Configuring Widget Limit per Dashboard bookmark260.
Grid Manager provides a default Security dashboard if you have installed any or all of the following licenses on the appliance: Threat Protection, RPZ, and Threat Analytics. The Security dashboard contains widgets that help you monitor the security status of the Grid. In the Security dashboard, you can add and remove widgets, but you cannot rename or delete them.

...

If you have configured a lot of status dashboards, you can use the Quick Navigation icon to quickly access each status dashboard. For information, see Using Quick Navigation. Figure 2.1 bookmark262. bookmark256 illustrates the typical layout in Grid Manager after you configure multiple status dashboards.

Anchor
bookmark256
bookmark256
Figure 2.1 Status Dashboard

...


Anchor
Adding Widgets to Dashboards
Adding Widgets to Dashboards
Anchor
bookmark257
bookmark257
Anchor
bookmark258
bookmark258
Adding Widgets to Dashboards
You can add all or some of the following widgets to your status dashboards depending on whether you are managing a Grid, an independent appliance, or an Infoblox Orchestration server:

Grid Manager displays the Security dashboard if you have any or all of the following licenses installed on your appliance: Threat Protection, RPZ, and Threat Analytics. The Security dashboard contains the following widgets, depending on the licenses installed on your appliance:

Note that you must have at least read-only permission to the objects that a widget displays. Otherwise, though you are allowed to select and place the widget on the dashboard, it does not display any information.
To add widgets to your dashboard:

  1. Default Status Dashboard: From the Dashboards -> Status tab -> Default tab, click the Configure icon -> Add Content. This is applicable when you have the default dashboard only.
    Configured Status Dashboards: From the Dashboards -> Status tab, select the configured status dashboard, click the Configure icon -> Add Content.
    Security     Status Dashboard: From the Dashboards -> Status tab -> Security tab, click the Configure icon -> Add Content. This is applicable only when at least one member in the Grid has Threat Protection, RPZ, or Threat Analytics license. Note that the Security Status dashboard is a default dashboard and it cannot be renamed or deleted.
    Grid Manager displays thumbnails of the available widgets. Use the scroll bar on the right to scroll through the widgets, as illustrated in the Figure 2bookmark259.2.
  2. Select and drag a widget to the desired location on your dashboard.
    After you add a widget to the dashboard, you can configure it to provide relevant data. You can also copy or move a widget, by selecting and dragging it to its new location on your dashboard. Grid Manager saves your dashboard configuration and displays it the next time you log in.
    You can turn on auto-refresh by clicking On in the Turn Auto Refresh field at the top of the dashboard to periodically refresh the contents of all widgets in the dashboard. Click Off to disable auto-refresh for all widgets in the dashboard. When auto-refresh is disabled, you can enable it for individual widgets by clicking the Configure icon in the corresponding widgets. You can specify the auto-refresh period in seconds. The default auto-refresh period is 30 seconds.

    Widgets have the following icons:
  • Copy/Move: Click to copy or move the widget from a dashboard to another. For information about how to copy or move, see Copying or Moving Widgets bookmark264.
  • Span Up/Span Down: Click to resize the widget. Click Span Up to increase the width of the widget. Click Span Down to decrease the width of the widget. Note that the fully spanned widgets are moved to the top of the dashboard.
  • Refresh: Click to update the content of the widget. Each widget contains a status bar at the bottom that displays the last date and time it was updated.
  • Configure: Click to hide and show the configuration options of the widget.
  • Toggle: Click to minimize and restore the widget.
  • Close: Click to remove the widget from a dashboard.

...

You can use the Quick Navigation icon to quickly access a specific dashboard. The appliance provides the Quick Navigation icon at the right corner of the status dashboards, as illustrated in Figure 2bookmark256.1.
To quickly navigate to a dashboard:

...

You can configure thresholds to determine the overall status of Threat Protection, DNS RPZ (Response Policy Zone), and DNS Threat Analytics services in the Grid. Grid Manager provides a view of the overall security status of the Grid in the Security Status for Grid dashboard widget. For information, see Security Status for Grid bookmark319.
To configure the thresholds for security status:

...

The Mobile Devices widget provides information about the number of active leases of the DHCP fingerprint devices managed by the Grid. The widget displays a pie chart indicating the number of active leases in percentile for each of the device category. For information about device category, device class, and device type, see Table 2bookmark310. 2. You can click the Refresh icon or configure auto refresh to update the status.

...

  •   : Left click the Action icon  next to a zone to perform the following:
    • View Syslog: Select this to open the Syslog Preview dialog and view data discrepancy events for the selected zone. For more information, see Previewing Syslog Events. bookmark313
    • Check Now: Select this to perform DNS integrity check to immediately query current DNS data from the top-level parent domain. When you select this, verbose logging for DNS integrity check is automatically enabled. After the operation is complete, the appliance updates the timestamp for the Last Checked column.
  • Zone: Displays the name of the top-level authoritative zones that is being monitored for DNS integrity check. You can click the zone name and the appliance opens the zone viewer for the selected zone.
  • Status: Displays the current DNS data discrepancy status. The status can be one of the following:
    • Critical (red): Data in the NS RRsets for the authoritative and delegate zones are completely out of synchronization.
    • Severe (orange): Some data in the NS RRset between the authoritative and delegate zones overlaps and some data is different.
    • Warning (yellow): The NS RRset for the authoritative zone is a subset of the NS RRset for the delegate zone. It is possible that incorrect IP addresses have been entered at the registrar.
    • Informational (blue): The NS RRset for the delegate zone is a subset of the NS RRset for the authoritative zone. This could indicate a possible delay in domain registration.
    • Normal (green): There are no DNS data discrepancies between the NS RRsets for the authoritative and delegated zones.
    • None (black): No DNS discrepancies data has been collected or DNS integrity check has not been performed.
  • Last Checked: The timestamp in YYYY-MM-DD HH:MM:SS when the parent domain was last queried for its DNS data.
  • Description: Information about the zone.

...

The Security Status for Grid widget displays the overall status of Threat Protection, RPZ (Response Policy Zone), and DNS Threat Analytics services on the Grid members that support Infoblox Advanced DNS Protection, hardware or Software ADP, and Infoblox Threat Insight. Grid Manager displays this widget only when at least one member in the Grid has the Threat Protection, RPZ, or Threat Analytics license installed. You can add this widget to the Security dashboard to monitor the overall security status of the Grid. The statistics displayed in this widget are cumulative, collected from all the Grid members that support Infoblox Advanced DNS Protection, hardware or Software ADP, and Infoblox Threat Insight. This widget displays data for the last 30 minutes. The overall status of Threat Protection, RPZ, and DNS Threat Analytics is determined by the threshold values configured in the Global Dashboard Properties editor. For information, see Configuring Security Status Thresholds bookmark267.

...

Note: If the Threat Protection license is not installed on any of the Grid members, Grid Manager does not display any threat protection related information in this widget. Similarly, if the RPZ license is not installed on any of the Grid members, Grid Manager does not display RPZ and DNS Threat Analytics related information in this widget and if the Threat Analytics license is not installed on any of the Grid members, Grid Manager does not display DNS Threat Analytics related information in this widget.

...

You can hover your mouse over the Threat Protection, RPZ, and Threat Analytics status icon and view the Threat Protection Status for Grid widget, Response Policy Zone (RPZ) Status for Grid widget, and Threat Analytics Status for Grid widget respectively. For information about Threat Protection Status for Grid widget, Response Policy Zone (RPZ) Status for Grid widget, and Threat Analytics Status for Grid widget, see Threat Protection Status for Grid 4, Response Policy Zone (RPZ) Status for Grid, and Threat Analytics Status for Grid bookmark321 bookmark3214, bookmark330, and bookmark342 respectively.

  • Events from <> of <> security capable members: This column displays the cumulative event counts collected from the online Grid members that support the Infoblox Advanced DNS Protection and Infoblox Threat Insight.
    • Threat Protection: Displays the total threat protection event counts for the following severity levels:
      • Critical (Red): The total number of critical events.
      • Major (Orange): The total number of major events.
      • Warning (Yellow): The total number of warning events.
      • Informational (Blue): The total number of informational events.
    • RPZ: Displays the total number of hits received for the following RPZ rules:
      • Blocked hits (Red): Total number of queries that triggered a Block (No Data) or Block (No Such Domain) RPZ rule.
      • Passthru hits (Yellow): Total number of queries that triggered a Passthru RPZ rule.
      • Substituted hits (Orange): Total number of queries that triggered a Substitute (Domain Name) or Substitute (Record) RPZ rule.
    • Analytics: Displays the total number of DNS tunneling events.
  • Definitions/Rules: This column displays the status of the latest ruleset available in the database. For RPZ, the definition status is based on the latest RPZ feed received from Infoblox specific feeds. You can hover your mouse over the definition status to see the RPZ definition status when RPZ definitions exists.
  • Configuration Status: This column indicates whether the security service is enabled and running properly or not. Grid manager displays a green check mark if the security service is enabled and running properly in the Grid. If the security service is disabled, a gray pause mark is displayed. You can hover your mouse over the gray pause mark to see the status of the security service.

...

  • Click Configure Security Status Thresholds to configure the thresholds for the security status of the Grid. In the Global Dashboard Properties editor, you can define the threshold values for Threat Protection, RPZ, and DNS Threat Analytics. For information, see Configuring Security Status Thresholds bookmark267.
  • Select the Auto Refresh Period check box to turn on auto-refresh and specify the auto-refresh period in seconds. The default auto-refresh period is 30 seconds.

...

  • Member: The name of the member. You can hover your mouse over the member name and view the Member Status widget. For information about the Member Status widget, see Member Status (System Status) on page 145 bookmark275 bookmark275.
  • IPv4 Address: The IPv4 address of the member.
  • IPv6 Address: The IPv6 address of the member.
  • Threat Protection Status: The status of the threat protection service running on the member. This can be either OK, Warning, Critical, NotSetup, or Unknown. You can hover your mouse over the threat protection status and view the Threat Protection Status for Member widget. For information about the Threat Protection Status for Member widget, see Threat Protection Status for Member . bookmark328
  • RPZ Status: The status of the RPZ service running on the member. This can be either OK, Warning, Critical, NotSetup, or Unknown. You can hover your mouse over the RPZ status and view the ResponsePolicyZone(RPZ)Statistics widget. For information about the Response Policy Zone (RPZ) Statistics widget, see Response Policy Zone (RPZ) Status for Member bookmark337bookmark3378.
  • Analytics Status: The status of the DNS Threat Analytics service running on the member. This can be either OK, Warning, Critical, NotSetup, or Unknown.

...

  • Turn on auto-refresh.
    • Click the Configure icon, select the Auto Refresh Period check box, and specify the refresh period in seconds. The default auto refresh period is 30 seconds.
      You can click the Configure icon again to hide the configuration panel.
  • Click the Total Events by Severity tab to view information about threat protection related events by the severity level. For information, see Total Events by Severity bookmark323.
  • Click the Top 10 Grid Members tab to view information about the top 10 Grid members that have the most number of threat protection events. For information, see Top 10 Grid Members bookmark324.
  • Click the Events Over Time tab to view information about the total event count for each type of event severity in the given time frame. For information, see Events Over Time. bookmark325
  • Click the Top 10 Rules tab to view information about the top 10 threat protection rules with the most number of hits. For information, see Top 10 Rules. bookmark326
  • Click the Top 10 Clients tab to view information about the top 10 clients that have the most number of threat protections events. For information, see Top 10 Clients bookmark327.

Anchor
bookmark323
bookmark323
Total Events by Severity

...

  • Select a graph configuration, Client Hits, Passthru Hits, Blocked Hits, or Substituted Hits, to view details of a specific RPZ rule. You can select either one or all the available graph configurations. Note that Client Hits is displayed only when the graph type is Line Diagram.
  • Select a graph type, Stacked Diagram or Line Diagram, to display data in the required diagrammatic format. This option is enabled only when you click the Trend tab and disabled when you click the Top 10 Grid Members, RPZ Recent Hits, or Health tabs. For more information, see Trend bookmark335.
  • Click the Top 10 Grid Members tab to view information about the top 10 Grid members that have the most number of RPZ hits. For more information, see Top 10 Grid Members bookmark332.
  • Click the RPZ Recent Hits tab to view information about the latest five RPZ hits with unique client addresses. For more information, see RPZ Recent Hits. bookmark333
  • Click the Trend tab to view RPZ hit statistics for the Grid. For more information, see Trendbookmark335.
  • Click the Health tab to view information about RPZ zones and their last updated times. For more information, see Health. bookmark336

Note that you must install the RPZ license and enable RPZ logging to access this widget. For more information about installing licenses and enabling RPZ logging, see License Requirements and Admin Permissions and Setting DNS Logging Categories.

...

  • Click Select Member. In the Member Selector dialog box, choose a Grid member to view the RPZ hits, or statistics, or RPZ zones and their last updated date and time.
  • Select a graph configuration, ClientHits, Passthru Hits, Blocked Hits, or Substituted Hits, to view details of a specific RPZ rule. You can select either one or all the available graph configurations. Note that Client Hits is displayed only when the graph type is Line Diagram.
  • Select a graph type, Stacked Diagram or Line Diagram, to display data in the required diagrammatic format. This option is enabled only when you click the Trend tab and disabled when you click the Top 10 Grid Members, RPZ Recent Hits, or Health tabs. For more information, see Trend bookmark339.
  • Click View Syslog to view the last 20 RPZ events that are logged in the syslog. For more information, see Previewing the Syslog. bookmark341
  • Click the RPZ Recent Hits tab to view information about the latest five RPZ hits with unique client addresses. For more information, see RPZ Recent Hits. bookmark338
  • Click the Trend tab to view RPZ hit statistics on the selected member. For more information, see Trendbookmark335.
  • Click the Health tab to view information about RPZ zones and their last updated times. For more information, see Health. bookmark340

Note that you must install the RPZ license and enable RPZ logging to access this widget. For more information about installing licenses and enabling RPZ logging, see License Requirements and Admin Permissions and Setting DNS Logging Categories.

...

  • Turn on auto-refresh.
    • Click the Configure icon, select the Auto Refresh Period check box, and specify the refresh period in seconds. The default auto refresh period is 30 seconds. Click the Configure icon again to hide the configuration panel after you complete the modification.
  • Click the Detections Over Time bookmark344 tab to view information about the detected DNS tunneling events in a given time frame.
  • Click the Top 10 Grid Members bookmark345 tab to view information about the top 10 Grid members with the most total counts of detections by type.
  • Click the Detections bookmark346 tab to view information about all the detected DNS tunneling events.

...