Note: IPv4 subnets larger than /30 and IPv6 subnets larger than /56 will be verified by the Infoblox support team prior to becoming operational.Please allow 5 business days for support team verification.
Before you can apply security policies, you must first define the networks that you want to protect from malicious attacks. The first step in configuring BloxOne Threat Defense is to set up DNS Firewall by defining your remote networks. You can identify these external networks by their IP address subnets organized into groups, providing distinct networks for application in your DNS Security Policies.
...
NAME: The external network name.
DESCRIPTION: An optional description for the external network.
SUBNET: The logical subdivision of an IP address. Both IPv4 and IPv6 IP addresses are supporting when configuring subnets. To avoid duplicate networks and issues with ACLs defined for the DNS Firewall, BloxOne Threat Defense does not allow a CIDR block that spans a wide range of IPs. You can enter a valid netmask between /24 and /32. BloxOne Threat Defense will return an error if you enter an invalid netmask. IPv4 subnets larger than /30 and IPv6 subnets larger than /56 will be verified by the Infoblox support team prior to becoming operational.Please allow 5 business days for support team verification. For addition information about Subnets, see External Subnets.
...
If a public IP address or subnet is mistakenly added to an organization's security policy that has previously been registered by another registered organization, then the public IP address or subnet will not be allowed. In this case, the organization attempting to add the IP address or subnet will be notified regarding the issue since no overlapping of public IP addresses or subnets between organizations is allowed. For information on network scope, see Configuring Network Scopes.
...
You can perform the following actions in this tab:
...