BloxOne Threat Defense uses Swagger to publish and deliver its APIs. For a list of available APIs, first log in to the Cloud Services Portal, and then click the following link:
Below is a list of currently supported calls along with their descriptions.
BloxOne Anycast API
ANYCAST API
| Info | ||
|---|---|---|
| ||
Detailed information for the ANYCAST API can be viewed on at |
Anycast capability enables HA (High Availability) configuration of BloxOne applications that run on equipment located on customer’s premises (on-prem hosts). Anycast supports DNS, as well as DNS-forwarding services.
...
| Info | ||
|---|---|---|
| ||
Detailed information for the BloxOne FW API can be viewed on at |
BloxOne Threat Defense is an extension of the BloxOne Cloud that provides visibility into infected and compromised off-premises devices, roaming users, remote sites, and branch offices. You can subscribe to Infoblox BloxOne Threat Defense and use its functionality to mitigate and control malware as well as provide unprecedented insight into your network security posture and enable timely action. BloxOne Cloud also offers unified policy management, reporting, and threat analytics across the entire spectrum. Using automated and high-quality threat intelligence feeds and unique behavioral analytics, it automatically stops device communications with C&Cs/botnets and prevents DNS based data exfiltration.
...
| Info | ||
|---|---|---|
| ||
Detailed information for the BloxOne Endpoint API can be viewed on at |
Infoblox BloxOne Endpoint is a lightweight mobile agent that redirects DNS traffic from your remote devices to BloxOne Threat Defense. It allows you to apply applicable security policies to your roaming end users in remote sites and branch offices.
...
| Info | ||
|---|---|---|
| ||
Detailed information for the BloxOne Cloud DFP API can be viewed on at |
BloxOne Cloud is a SaaS offering designed to provide protection to devices on and off-premises, including roaming, remote, and branch offices. It provides visibility into infected and compromised devices, prevents DNS-based data exfiltration, and automatically stops device communications with command-and-control servers (C&Cs) and botnets, in addition to providing recursive DNS services in the cloud. You can access the services by deploying the BloxOne Endpoint agent or the DNS forwarding proxy.
...
| Info | ||
|---|---|---|
| ||
Detailed information for the LAD API can be viewed on at |
BloxOne LAD is an extension of the BloxOne Cloud that provides lookalike domains detection. You can subscribe to BloxOne LAD and use its functionality to protect domains from spoofing threats.
...
| Info | ||
|---|---|---|
| ||
Detailed information for the Dossier API can be viewed on at |
Dossier, sometimes referred to as Intel Lookup, is a threat research tool that provides contextual information from multiple sources simultaneously for a given indicator. The APIs listed below allow a user to search on specific sources and view the results that they return.
TIDE Data Service API (TIDE Data)
...
| Info | ||
|---|---|---|
| ||
Detailed information for the TIDE Data API can be viewed on at |
The heart of TIDE is the threats submitted by the Infoblox Cyber Intelligence group and external partners.
...
| Note | ||
|---|---|---|
| ||
API key expiration notification: The maximum expiration time for an API key is 56 weeks or 13 months. You will receive notification when your API key is about to expire. A new API key will need to be created to replace the expiring key. To create a new API key, select the expiring API key from the list of API keys and remove it by clicking Disable followed by Delete. To create a new API key to replace an expiring api key, see How Do I Create an API Key. |
Additional API Resources
Listed below are additional API resources.
...