To edit BloxOne To edit Infoblox Endpoint groups, complete the following:
- From the Cloud Services the Infoblox Portal, click Manage Configure > Security > Endpoints.
- On the Endpoints page, select the Endpoint Groups tab.
- Select the endpoint group to edit from among those listed in the NAME column on the page.
- Click the Edit button below the top Action bar.
- On the BloxOne Endpoints Infoblox Endpoints Group page, apply your edits to the following items:
- Endpoint Group Name: This is a required field. Enter a name for the BloxOne the Infoblox Endpoint group. Ensure that you enter a unique name for each endpoint group.
- Description: Enter a brief description about the group.
- Associated Policy: This field displays the associate security policy when you add the group to the policy. It shows Default Global Policy by default.
- State: Toggle the switch to the right to enable endpoints.
- User Authentication: To enable user authentication, toggle the switch to Enable.
- Automatically remove endpoints after a period of inactivity: To automatically remove endpoints due to inactivity, enter a value from 15 to 180. If you specify no value, a value between 1 and 29, or a value greater than 180, then an error message will ask you to specify a different value. You can adjust the value any time after the group is created. If you specify 0, automatic removal will be disabled. BloxOne Infoblox Endpoint will monitor the status of inactive endpoints during configurable period of time (from 15 to 180 days) and then remove the remaining inactive endpoints.
- Authentication Settings:
- Session TTL: Specify the period of time the session is to persist. The default is 8 hours.
- Authentication Server Port: Specify the server port that will be used to authenticate the endpoint group. The default is 9094.
- Authentication Profile: Click Select Authentication Profile to select an authentication profile from the list of profiles available for use with the endpoint group. The available authentication protocols are SAML, OpenID Connect, and MS Active Directory. To learn more, see Adding an Authentication Profile to an Endpoint Group to Enforce a Security Policy.
- Internal Domains List:
- To add an internal domains list to an Endpoint Group, complete the following:
- Click the Add button to call up the list of available internal domains.
- From the Select List under the NAME column, choose an internal domains list to add it to the endpoint group.
- For information on using internal domains lists with an endpoint group, see Adding Internal Domains to an Endpoint Group.
- To add an internal domains list to an Endpoint Group, complete the following:
- Bypass Mode: To enable Bypass Mode an internal domains list to an Endpoint Group, complete the following:
- State: Toggle the State switch to Enable from the default disable state to enable bypass mode for the endpoint group.
- Internal Domains List: Click Add to select an add an internal domains list from the Select List options.
- FQDN: Use the default FQDN or a custom FQDN.
- TXT Record: Use the default TXT Record or a custom TXT record by clicking Generate random TXT record.
- Management Passwords: Change or modify a previously created password by applying changes in the management password text field. Once modifications are complete, click Save & Close.
- If an update release occurs on Wednesday, the first day of the month, and the network administrator selects a 7-day deferral period and has selected a preferred update day of Monday, then the deferred upgrade will occur on Monday, the 6th day of the month.Schedule Updates: You can choose to automatically update endpoint groups or you can choose to defer endpoint group updates for a period between 1 and 30 days. This can be useful in validating a new endpoint release
Schedule Updates: You can choose to automatically update endpoint groups automatically or you can choose to defer endpoint group updates for a period between 1 and 30 days. This can be useful in validating a new endpoint release on a few devices prior to updating endpoint for all users on your network. To schedule endpoint group updates, complete the following:
Info title Deferred Deployment Scheduling Scenario Examples - If an update release occurs on Wednesday, the first day of the month, and the network administrator selects a 7-day deferral period without selecting a preferred update day, then the deferred upgrade will occur on the following Wednesday, the 8th day of the month.
- If an update release occurs on Wednesday, the first day of the month, and the network administrator selects a 7-day deferral period and has selected a preferred update day of Wednesday, then the deferred upgrade will occur on the following Wednesday, the 8th day of the month).
- If an update release occurs on Wednesday, the first day of the month, and the network administrator selects a 7-day deferral period and has selected a preferred update day of Sunday, then the deferred update will occur on Sunday, the 12th day of the month.
- Automatic Updates: Select
- this option to have
- updates installed automatically.
- Schedule Updates: Select
- this option to manually choose the day
- , time, and duration for
- updates.
- Day
- & Time: Schedule a day and time for updates.
- Duration: Specify the period of time the system will attempt to perform
- an update
- . Select 4 to 10 hours, in one-hour increments.
Defer Updates: Updates can be deferred for a maximum of 28 days with the flexibility to choose a specific day of the week and time for deployment, regardless of the original scheduled release date. The option to defer upgrades for a period of up to
28 days with abilty to select a day and time means the deferred update schedule does not have to be adjusted within
the Infoblox Portal in the anticipation of each
new Infoblox Endpoint update release. Scheduled deferred updates are perfomed based on the timezone where the local endpoint resides. For information, see Scheduling Endpoint Group Updates.
To defer updates, performthe following:
- Always defer upgrades for: From among
- the list of options, select a deferment period. You can select a duration period of 0
- days to 28 days, with a
- maximum deferment
- period of 28 days.
- Days of
- the week to perform upgrades: Select a day or
- days of a week upgrades are to be performed. Or
- , select All to perform upgrades on all days of the week.
- Choose local endpoint time zone and duration:
- Select a time of day the upgrades are to commence.
Select a duration period (in hours) where updates are to be updated.
PoP Settings: To improve performance, select a preferred Point of Presence (PoP) according to the region. You can select a PoP manually or have it selected automatically. To select a PoP manually, set the toggle switch Auto Selection to the OFF position, select a preferred PoP from the Point of Presence drop-down list. To have a PoP selected automatically, set the switch to the ON position. Auto Selection is set to On by default.
updates from 0 to 28 days. Deferring can be useful when you want to validate the release of a new endpoint on a few devices prior to updating the endpoint for all users on your network. To schedule
endpoint group updates, completean update, specify the following:
- Mobile Endpoint Domains: To edit a mobile endpoint domain to an endpoint group, perform the following:
- Click Add to edit the existing information:
- Domain: Add the name of the desired mobile domain.
- Description: Proivide a description for the added mobile domain.
- Search: Copy/paste the name of a mobile endpoint domain into the search field to verify it has previously been added to the list or to view its description.
- Click Add to edit the existing information:
- Click Save & Close to save your edited endpoint group.
...