Versions Compared

Old Version 49

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version 50

changes.mady.by.user Shirly Tsang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For additional information on using TIDE for your threat intelligence needs, see Infoblox Quick Start Guide for Dossier and TIDE.

Dossier 

Dossier is a threat investigation and research tool providing analysts, threat researchers, security staff, and SOC team members with simultaneous contextual information on threats from multiple sources, including TIDE.  The acquisition of immediate contextual information allows threat analysts to save precious time in taking action against any identified threats. Dossier automates the collection and correlation of threat intelligence from dozens of open-source proprietary and premium commercial resources and presents the aggregated data in a single view. By enabling analysts to quickly pivot between intelligence sources and complete investigations, Dossier helps the analysts respond to threats rapidly and effectively.

...

For additional information on using Dossier for your threat research, see the Infoblox Infoblox Dossier User Guide

Custom Lookalike Domain Monitoring 

...

For additional information on setting up and configuring custom lookalike domain monitoring, see Custom Lookalike Domain Monitoring.

Custom Lists 

You can create custom lists containing domains and IP addresses to define allow lists and bock lists for additional protection. You can use a custom list to complement existing feeds or override the Block, Allow, Log, or Redirect action that is currently defined for an existing feed. You can also add a custom list to multiple security policies or multiple custom lists to one security policy based on your business needs. When using your own threat intelligence feeds with BloxOne Threat Defense Cloud, allow lists and block lists, you can apply your own security policies. Each custom list can contain as many as 50,000 records, and BloxOne Thread Defense Cloud supports up to 500,000 records across al customer lists.

...

For additional information on setting up and configuring custom lists, see Custom Lists.

Filters 

Two types of filters can be configured using the Cloud Services Portal. You can configure category filters and application filters. Category filters are content categorization rules that BloxOne Threat Defense Cloud uses to detect and filter specific internet content. Based on your configuration, specific actions such as Allow or Block will be taken on the detected content. BloxOne Threat Defense Cloud provides the following content categories from which you can build your category filters. Application filters are content application rules that BloxOne Threat Defense Cloud uses to detect and filter specific Internet content.

...

For additional information on setting up and configuring filters, see Using Filters.

Default and Custom Redirects 

...

For additional information on setting up and configuring redirects, see Defining the Redirect Page.

Additional Resources 

Optionally, you can complete the following configuration based on your business needs:

...