Versions Compared

Old Version 11

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version 12

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In NIOS Grid Manager, navigate to Data Management > DNS > Response Policy Zones.

  2. Identify the current NIOS feeds for removal. These can be identified by their Names: infoblox-base.rpz.infoblox.local, infoblox-base-ip.rpz.infoblox.local, infoblox-high-risk.rpz.infoblox.local, infoblox-medium-risk.rpz.infoblox.local, infoblox-low-risk.rpz.infoblox.local, and infoblox-informational.rpz.infoblox.local.
    Note: The availabilty of the new RPZ feeds is dependent on subscription level. 

    The old NIOS RPZ feeds to be removed prior to replacing with the new feeds.

    Note: If you have a large number of RPZs, use the search function to locate the feeds to be removed.
    Image: Searching for specific RPZs to be removed. 

    Searching for specific RPZs to be removed.Image Added

  3. Select the checkbox associated with one of the feeds to be removed.

  4. Click the ( trash can icon ) or the Delete button in the toolbar. 
    Image: Removing the old RPZ feeds from NIOS.

    Removing the old RPZ feeds from NIOS.Image Added

      

  5. Click Yes in the Delete Confirmation dialogue. Image: Confirming the removal of the selected feeds. The removed feeds will be moved to the Recycle Bin. 

    Confirming the removal of the selected feeds. The removed feeds will be moved to the Recycle Bin.Image Added

  6. If you are removing multiple feeds, repeat steps 3-5 for each.

  7. Deletion of RPZs requires a service restart.  Click Restart located in the top, yellow banner to perform a system restart. 

    Image: Click Restart to remove the desired feeds and restart NIOS. 

    In the Restart Grid

    image-20240506-205106.pngImage Added

  8. In the Restart Grid Services dialog, adjust Restart Method if desired and click Restart.

    Image: Selecting a restart method from among the restart options.  

...

  1. Selecting a restart method from among the restart options.Image Added

Adding the New NIOS RPZ Feeds to be Released on April 2024  

Feed and Distribution Server Configuration Values

To get the configuration information for the new, replacement NIOS RPZ feeds, you need to find out the feed names and the configuration details for the distribution server.

  1. In the Cloud Services Portal, navigate to Policies > On-Prem DNS Firewall.Image: Navigating to On-Prem DNS Firewall within the Cloud Services Portal. 

    Navigating to On-Prem DNS Firewall within the Cloud Services Portal.Image Added

  2. Click on Feed Configuration Values.

    Image: Click Feed Configuration Values (Step 2) of the feed configuration process. 

    In the

    Click Feed Configuration Values (Step 2) of the feed configuration process.Image Added

  3. In the Threat Feed Details list, locate the first feed you will configure. Refer to the table in the Replacement Feed Mapping section for recommended feeds.

  4. Click the Copy button for the desired Note: Paste this and other configuration data copied in this section into a text file for easy retrieval when configuring the feeds in NIOS.
    Image: The Threat Feed Details list from the Cloud Services Portal.  

    The Threat Feed Details list from the Cloud Services Portal.Image Added

  5. Repeat steps 3 and 4 for each Refer to the table in the Replacement Feed Mapping section for recommended feeds.

  6. Click Close.

  7. Click on Distribution Server Configuration Values.

    Click Distribution Server Configuration Values (Step 3).Image Added

    Image: Click Distribution Server Configuration Values (Step 3). 

  8. Scroll down to locate the Distribution Server you will use and click the Copy button for the IPv4 or IPv6 Note: Paste this and other configuration data copied in this section into a text file for easy retrieval when configuring the feeds in NIOS.Image: The Distribution Server Details panel displaying the IPv4, IPv4(Notify), and IPv6 information.

    The Distribution Server Details panel displaying the IPv4, IPv4(Notify), and IPv6 information.Image Added


  9. Scroll down to the TSIG

  10. Note the Key Algorithm that is configured.

  11. Copy the Key Note: Paste this and other configuration data copied in this section into a text file for easy retrieval when configuring the feeds in NIOS.

  12. Copy the TSIG. Note: Paste this and other configuration data copied in this section into a text file for easy retrieval when configuring the feeds in NIOS.

  13. Click Cancel to exit the Distribution Server. 

    Image: The Distribution Server details panel configuratio details.

...

  1. The Distribution Server details panel configuration details.Image Added

Adding RPZ Feeds in NIOS 

...

  1. In NIOS Grid Manager, navigate to Data Management > DNS > Response Policy Zones.

  2. Click the ( add icon ) or the Add button in the toolbar. 

    The new NIOS RPZ feeds added in order of recommended order (slots 0 through 5).Image Modified

    Image: The new NIOS RPZ feeds added in order of recommended order (slots 0 through 5).  Note: Feed availability is dependent on subscription level. 

  3. On Step 1 of the Add Response Policy Zone Wizard, select Add Response Policy Zone Feed.

    Click Next.

    Image: The first step of adding a response policy zone feed. .

  4. Click Next.

    The first step of adding a response policy zone feed.Image Added

  5. On Step 2, paste the Name of the feed, as copied from the Cloud Services Portal.

  6. Optionally, adjust Policy Override and Severity. Note: This should reflect the policy used on the SURBL feeds being replaced.

  7. Click Next.
    Image: The second step of adding a response policy zone feed includes providing a name for the feed and optionally adjusting the policy override and severity.  

    The second step of adding a response policy zone feed includes providing a name for the feed and optionally adjusting the policy override and severity.Image Added

  8. On Step 3, use the Add button dropdown to select External PrimaryNote: To save time, you can instead use a nameserver group configured with the external primary and any Grid secondaries to be used for all RPZs. Refer to NIOS Documentation for additional information on creating nameserver groups.Image: The third step of adding a response policy zone feed involves selecting the External Primary.  .

    The third step of adding a response policy zone feed involves selecting the External Primary.Image Added

  9. Enter a Name. Note: This field is for reference purpose only, use any name you choose.

  10. Enter the Address of the distribution server as copied from the Cloud Services Portal.

  11. Select the box for Use TSIG.

  12. Enter the Key Name as copied from the Cloud Services Portal.

  13. Select the Key Algorithm as noted from the Cloud Services Portal.

  14. Enter the Key Data as copied from the Cloud Services Portal.

  15. Click Add.Image: Adding configuration information in the TSIG text fields.

    Adding configuration information in the TSIG text fields.Image Added

  16. Use the Add button followed by selecting Grid Secondary from among the menu option choices.Image: Adding a Grid Secondary.  

    Adding a Grid Secondary.Image Added

  17. Click Select followed by choosing the NIOS member to update. Note: You can configure a single secondary to be “Lead Secondary”. If you select this, then that member will be the only one to reach out to the external primary. The feed is then redistributed between members using zone transfers.

  18. Click Add.
    Image: Selecting the NIOS member to update. 

    Selecting the NIOS member to update.Image Added

  19. (Optional) Repeat Steps 17 and 18 to add additional NIOS appliances as secondaries. 

  20. Click Save & Close.
    Image: Adding secondary nameservers.   

    Adding secondary nameservers.Image Added

  21. Repeat steps 2-20 for each feed you are adding.

  22. When adding an RPZ a service restart is In the banner at the top of the Grid Manager window, click on Restart.Image: Click Restart to remove the desired feeds and restart NIOS.  Restart.

    Click Restart to remove the desired feeds and restart NIOS.Image Added

  23. In the Restart Grid Services dialog, adjust Restart Method if desired and click Restart.

    Image: Selecting a restart method from among the restart options to restart the Grid Service. Selecting a restart method from among the restart options to restart the Grid Service.Image Added

  24. (Optional) Once you have added all feeds, use the Order Response Policy Zones button in the Toolbar to change the order feeds are applied. Image: Clicking the Order Response Policy Zones button to change the feed order. 

    Image Added

  25. In the Order Response Policy Zones dialog, use the arrows to change the

  26. Click OK when complete. 

    Configuring Order Response Zones for the new NIOS RPZ feeds.Image Added

    Image: Configuring Order Response Zones for the new NIOS RPZ feeds.

  27. Changing the order of RPZs requires a service restart to take effect. In the banner at the top of the Grid Manager window, click on Restart.

  28. In the Restart Grid Services dialog, adjust Restart Method if desired and click Restart.

...