Infoblox On-Prem DNS Firewall employs DNS RPZs (Response Policy Zones), a technology developed by ISC ( Internet System Consortium), for allowing . DNS RPZs enable reputable sources to dynamically communicate domain name reputation so that you can , and this helps you implement policy controls for DNS lookups.
| Warningnote |
|---|
The The Data Exfiltration, Malware, Command & Control, and and Summary reports reports are not tied to your organization's custom whitelist allow list and should not be reported as RPZ events. As suchThus, they are reporting Threat Intelligence detections report threats detected by threat intelligence and exist independent independently of the DNS Firewall. If you have your DNS Threat threat policy is set to "log, allow allow," these reports will continue to show up. To remedy this , only the Security Report should be used when interpreting DNS Firewall activity, use only the Security Report. |
To access Infoblox On-Prem DNS Firewall can be accessed from the Cloud Services Portal at https://csp.infoblox.com. Once logged in to CSP, , log into the Infoblox Platform and go to Configure > Security > On-Prem DNS Firewall can be found under the policies tab (Policies > Firewall. On the On-Prem DNS Firewall) page, follow the four-step process to set up your on-prem firewall service.
For information on about the On-Prem DNS Firewall Service, see the following:
- DDI
Infoblox Threat Intelligence Feed Deployment Guide
(
downloadablePDF)
If your network infrastructure consists of On-Prem Infobox Infoblox appliances, you can set up the DNS Firewall service on these appliances to provide protection through RPZ (Response Policy Zones)RPZs. For more information about Infoblox DNS Firewall, refer to the the Infoblox NIOS Administrator Guide(NIOS 9.0).