New Infoblox Feeds
Infoblox offers a set of new feeds designed to replace those feeds approaching end of service and scheduled for deprecation in December 2024on January 31, 2025.
The following new feeds are available based on your subscription level.
Feed Availability | ||||
|---|---|---|---|---|
Feed Name | Essentials | Business On-Prem | Business Cloud | Advanced |
Infoblox Base | ✔ | ✔ | ✔ | ✔ |
Infoblox Base IP | NA | ✔ | ✔ | ✔ |
Infoblox High Risk | NA | NA | NA | ✔ |
Infoblox Medium Risk | NA | NA | NA | ✔ |
Infoblox Low Risk | NA | NA | NA | ✔ |
Infoblox Informational | NA | ✔ | ✔ | ✔ |
For information on the new RPZ feed recommendations for NIOS, see Feed Revamp for NIOS.
...
Default Actions of the New Feeds | |
New Feeds | Default Action |
Infoblox Base | Block - No Redirect |
Infoblox Base IP | Block - No Redirect |
Infoblox High Risk | Block - No Redirect |
Infoblox Medium Risk | Block - No Redirect |
Infoblox Low Risk | Allow - With Log |
Infoblox Informational | Allow - With Log |
Feeds Scheduled for Deprecation
...
on January 31, 2025
The following feeds are approaching end of service and are being deprecated. In their place, Infoblox offers a set of new feeds designed to replace the deprecated feeds.
...
Your security policies must be updated to adhere to the latest policy rules using the upgraded feed structure. The deadline for upgrading your security policies is December January 31, 20242025. Any policy that has not been updated after this date will be automatically upgraded.
...
Navigate to the Security Policies page in the Cloud Services Platform (Policies > Security Policies).
On the Security Policy tab, click the Upgrade link in the Upgrade Status column. Once the Upgrade link is clicked, a pop-up window will be displayed asking you to confirm your intent to update the upgrade process is automatic. The upgrade process is non-reversible.
security policy for use with the new feeds. Click Confirm to complete the upgrade process, or click Cancel to abort the update process. If you need more information prior to confirming the upgrade, click the link in the pop-up window. The link with take you to this page, were you can review information about the feed upgrade prior to updating your security policy. Note that the updating operation for the security policy cannot be reversed once you click Confirm and the update operation begins.
Policies that have been upgraded will display a green check along with an Upgrade Complete message. No further action is required with policies already upgraded. Policies requiring upgraded will display an Upgrade link. Clicking on the link will commence the upgrade process for the policy selected.
Out of respect for our customers, policy upgrades are not being conducted automatically. Instead, we offer our customers some latitude with upgrading their policies to a date and time they see fit, although do keep in mind that customers not having upgraded their policies by December 31stJanuary 31, 20242025, will have their policies automatically upgraded on this date.
...
To view your upgraded security policy rules, select a security policy and click on the three horizontal bars icon associated with it. From among the available options, click the Edit option followed by clicking the Policy Rules side menu item of the Edit Policy wizard. The upgraded security policy configuration will be displayed.
...
Restricted Workflows for Old Security Policies Prior to Upgrading
Before upgrading a security policy, you won't be able to modify the current security policy configuration. While you can still view your existing security policies, making changes to non-upgraded policies will not be possible. Once you upgrade a current security policy, you will once again have the ability to edit and update it. When attempting to edit or change a non-upgraded security policy, the Finish button will be disabled.
Additionally, if you attempt to edit the Policy Rules page, then the Save & Close button on the Summary page will be disabled. However, you will still be able to view the policy configuration.
...
Logic for Upgrade Script
Logic for Upgrade Script | |||
Step 1: | |||
Logic Used: | |||
Case 1A (Best: No mix, all Block) | New Action | ||
Base Hostnames | Block | ||
AntiMalware | Block | Infoblox Base | Block |
Malware DGA hostnames | Block | ||
Ransomware | Block | ||
Case 1B (Best: No Mix, all Allow) | New Action | ||
Base Hostnames | Allow | ||
AntiMalware | Allow | Infoblox Base | Allow |
Malware DGA hostnames | Allow | ||
Ransomware | Allow | ||
Case 2 (possible: 1-2 mixed) | New Action | ||
Base Hostnames | Block | ||
AntiMalware | Block | Infoblox Base | Block |
Malware DGA hostnames | Allow | ||
Ransomware | Block | ||
Case 3 (Worst: Most mixed) | New Action | ||
Base Hostnames | Allow | ||
AntiMalware | Block | Infoblox Base | Block |
Malware DGA hostnames | Allow | ||
Ransomware | Allow | ||
Step 2: | |||
Logic Used: | |||
New Action | Retained as is (in same precedence with same action), no change | ||
Antimalware IP | Infoblox Base IP | ||
Step 3: | |||
Logic Used: | |||
Case 1A: (Best: No mix, all Block) | New Action | ||
Suspicious | Block | Infoblox High Risk | Block |
Suspicious Lookalikes | Block | Infoblox Med Risk | Block |
Suspicious NOED | Block | Infoblox Low Risk | Block |
Case 1B: (Best: No Mix, all Allow) | New Action | ||
Suspicious | Allow | Infoblox High Risk | Allow |
Suspicious Lookalikes | Allow | Infoblox Med Risk | Allow |
Suspicious NOED | Allow | Infoblox Low Risk | Allow |
Case 2: (Possible: 1 mixed) | New Action | ||
Suspicious | Block | Infoblox High Risk | Block |
Suspicious Lookalikes | Allow | Infoblox Med Risk | Block |
Suspicious NOED | Allow | Infoblox Low Risk | Allow - with Log |
Case 3: (Worst: 2 mixed) | New Action | ||
Suspicious | Block | Infoblox High Risk | Block |
Suspicious Lookalikes | Allow | Infoblox Med Risk | Block |
Suspicious NOED | Block | Infoblox Low Risk | Allow - with Log |
Step 4: | |||
Logic Used: | |||
New Action | Retained as is (in same precedence with same action), no change | ||
NOED | Infoblox Informational | ||
...