Infoblox Mobile Endpoint is a lightweight mobile cloud service for sending queries over an encrypted channel. Mobile Endpoint communicates with Infoblox Threat Defense by using DNS over Transport Layer Security (DoT). Mobile Endpoint provides visibility into infected and compromised devices detected on the network (including Android, iOS, and ChromeOS), preventing DNS-based data exfiltration and other forms of DNS tunneling, and impedes device communications with botnets and their command-and-control infrastructure. Note that Mobile Endpoint is not a VPN client.
The Mobile Endpoint client uses on-device VPN by default to intercept the DNS traffic, in case of iOS, the admin can also configure Extension Type as DNS Proxy (this setting is mentioned in the “Installing Mobile Endpoint” section, below).
Supported Devices
...
To enable end users to connect to Infoblox Platform services, the Mobile Endpoint client must be downloaded and installed on all devices. The client enforces security policies that you apply to the remote networks, regardless of where the end users are and which networks they are connected to. For details on downloading the Mobile Endpoint client, see Downloading and Enrolling of BloxOne Mobile Endpoint on Your Device. You will also need to download the MDM configuration file for your device; for details, see Configuring Mobile Endpoint MDM in Infoblox Portal.
...
Mobile Endpoint is designed to route DNS queries directly to Infoblox Threat Defense. If your network setup includes internally hosted domains, you should add them to the bypassed internal domains list; this will ensure uninterrupted access to local resources, such as servers, computers, and printers on your network. After you add internal domains to the list, Mobile Endpoint will direct DNS requests for these internal domains to your local DNS servers, for resolution. For information on how to add domains to the bypass list, see /wiki/spaces/BloxOneThreatDefense/pages/9080650Configuring Internal Domains.
By supporting dual-stack IPv4/IPv6 as well as IPv6 DNS configurations, Mobile Endpoint protects all devices, regardless of their network environments. This means Mobile Endpoint will protect roaming clients in different networking environments. When Mobile Endpoint is connected to a network, the endpoint can communicate with Infoblox Platform by using both IP address protocols. Mobile Endpoint in a dual-stack environment is able to proxy IPv6 DNS queries and forward them to Infoblox Platform over IPv4.
...
- Configuring Mobile Endpoint MDM in Infoblox Portal
- /wiki/spaces/BloxOneThreatDefense/pages/9082312
- /wiki/spaces/BloxOneThreatDefense/pages/9083493
- /wiki/spaces/BloxOneThreatDefense/pages/9081217
- /wiki/spaces/BloxOneThreatDefense/pages/9079831
- /wiki/spaces/BloxOneThreatDefense/pages/9079794
- /wiki/spaces/BloxOneThreatDefense/pages/9079775
- /wiki/spaces/BloxOneThreatDefense/pages/9079748
- /wiki/spaces/BloxOneThreatDefense/pages/9082188
- /wiki/spaces/BloxOneThreatDefense/pages/9082202
- /wiki/spaces/BloxOneThreatDefense/pages/9082567
- /wiki/spaces/BloxOneThreatDefense/pages/9082527Downloading and Enrolling Mobile Endpoint on Your Device
- Enrollment of Mobile App Using VMWare Workspace One (Airwatch)
- Enrollment of Mobile Using Workspace One MDM
- Enrollment of Mobile Device Management App Using Cisco Meraki
- Enrollment of Mobile Device Management App Using Microsoft Intune
- Enrollment of Mobile Device Management App using MobileIron for iOS Devices
- Installing and Using Mobile Endpoint Management on Devices Running the Chrome Operating System
- Viewing Mobile Endpoint on Your Device
- Viewing Mobile Endpoint Devices
- Viewing Mobile Endpoint Groups in Infoblox Portal
- Viewing Mobile Endpoint Reports in Infoblox Portal