...
| Note |
|---|
The Data Exfiltration, Malware, Command & Control, and Summary reports are not tied to your organization's custom whitelist allow list and should not be reported as RPZ events. Thus, they report threats detected by threat intelligence and exist independently of the DNS Firewall. If your DNS threat policy is set to "log, allow," these reports will continue to show up. To remedy this when interpreting DNS Firewall activity, use only the Security Report. |
To access Infoblox On-Prem DNS Firewall, log in to Cloud Services Portal into the Infoblox Platform and go to Policies > Configure > Security > On-Prem Firewall. On the On-Prem DNS Firewall > Policies tab page, follow the four-step process to set up your on-prem firewall service.
For information about the On-Prem DNS Firewall Service, see the following:
Infoblox Threat Intelligence Feed Deployment Guide Infoblox Threat Intelligence Feed Deployment Guide (PDF)
If your network infrastructure consists of On-Prem Infoblox appliances, you can set up the DNS Firewall service on these appliances to provide protection through RPZs. For more information about Infoblox DNS Firewall, refer to the Infoblox NIOS Administrator Guide(NIOS 9.0).