Versions Compared

Old Version 11

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version 12

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For information on creating endpoint groups, see Creating Endpoint Groups.

Enabling Probe Requests by Adding Protected Bypass Mode to a BloxOne Endpoint Group                             

When applying security policies to multiple BloxOne Endpoint devices, you can make the process more efficient by organizing the endpoint devices into BloxOne Endpoint groups, and then add the groups to the network scope when you create a security policy. Note that BloxOne comes with a default endpoint group called All BloxOne Endpoints (default) that is associated with the default global policy. You cannot modify or remove the default endpoint group.

Warning
titleWarning

Infoblox does not recommend configuring a subdomain in BloxOne Endpoint if the parent domain already exists as a member of a different BloxOne Endpoint group. For example, if the domain abc.com already exists in another BloxOne Endpoint group, then do not add subdomains of the domain to additional BloxOne Endpoint groups. For example, xyz.abc.com should not be added to additional BloxOne Endpoint groups. 

To enable probe requests in a BloxOne Endpoint group, complete the following:

  1. From the Cloud Services Portal, click Manage -> Endpoints.
  2. On the Endpoints page, select the Endpoint Groups tab, and then click the Add button.
Note
titleNote

At least one BloxOne Endpoint must be added to the configuration prior to configuring and enabling protected bypass mode.

3. In the Bypass Mode section of the Create Endpoint Group page, complete the following:

    1. State: Enable protected bypass mode from its default disabled state by switching the toggle from Disabled to Enable.
    2. FQDN: The default probe domain is probe.infoblox.com. You can choose to accept the default or create your own FQDN based on your requirements. If you choose to use a custom probe domain, ensure that it can be resolved with a custom TXT record.

    3. TXT Record: You can choose to accept the default TXT record, generate a random TXT record by clicking Generate random TXT Record, or apply a custom TXT record.

Note
titleImportant Note

To avoid conflict between two TXT records, Infoblox recommends that you define a custom probe domain and a custom TXT record, instead of using the defaults. Ensure that the custom probe domain can be resolved based on the information in the custom TXT record.

...