Note
Before you deploy the Data Connector, ensure that you prepare your environment according to the requirements for the supported platforms and open all necessary ports for unrestricted outbound access. When deploying the Data Connector, you are configuring the Data Connector as an on-prem host through the Cloud Services Portal.
Port Usage
The following table lists the port usage for the BloxOne on-prem hosts:
| IP Protocol | Port | Domain | IPs and URLs | Description |
| TCP | 443 | csp.infoblox.com | Cloud Services Portal Access (unrestricted outbound access to TCP 443) | |
| TCP | 443 | cp.noa.infoblox.com | On-Prem Host – Platform Management | |
| TCP | 443 | app.noa.infoblox.com | On-Prem Host – Application Management | |
| TCP | 443 | threatdefense.bloxone.infoblox.com | 52.119.40.100 | BloxOne Threat Defense Cloud DNS server |
| TCP | 443 | DNS server | DNS over TLS for DNS Forwarding Proxy | |
| UDP | 123 | ntp.ubuntu.com | NTP Server (For OVA only. In case if NTP was not provisioned and time sync is disabled.) | |
| UDP | 123 | ubuntu.pool.ntp.org | NTP Server (Only if time sync with EXSi is disabled.) | |
| TCP | 22 | Data Connector | If you deploy the Data Connector as a container, ensure that there are no SSH processes listening on port 22. You must terminate these SSH processes for the Data Connector to collect data from NIOS. | Required only for Data Connector. SCP data transfer from NIOS. |
| TCP | 514 6514 | Data Connector | If you deploy the Data Connector as a container, ensure that these ports are not used by other processes. | Required only for Data Connector. Secure syslog for RPZ hits data. |
| TCP | 8125 | Data Connector | If you deploy the Data Connector as a container, ensure that these ports is not used by other processes. | Required only for Data Connector. |
Note
Infoblox recommends that connectivity from the on-prem hosts and services have unrestricted outbound access to the Internet on port 443. This will allow for fewer changes in the future when we change or expand services. For more deployment information, see Best Practices for On-Prem Hosts.
Supported Platforms for the Data Connector
You may deploy the Data Connector host application on the following:
- Bare-metal systems running Linux and Docker version 17.09 or below (except for 17.05 and 17.06), or version 18.09 or above.
Note
Infoblox recommends that you use Docker version 17.09 or below (except for 17.05 and 17.06), or version 18.09 or above, to avoid an issue in which the Docker container might re-deploy continuously, resulting in multiple deployments of the on-prem host. In addition, Kubernetes is not supported.
- VMs that are deployed on VMware ESXi servers version 5.5, 6.0, or 6.5.
- VM infrastructures such as Hyper-V or KVM, running Linux and Docker version 1.13.0 or above. For information about the supported Linux VMs for Hyper-V, refer to this article.
Infoblox has validated the following platforms:
- Red Hat Enterprise Linux 7.2
- CentOS 7.3.16
- Ubuntu 16.04.2.
Minimum System Requirements
The minimum system requirements for your VM are as follows:
- CPU: 4 cores
- Memory: 8 GB
- Network: Single NIC connected to the network
- Hard Disk Drive: 620 GB
Note
SIEM Requirements
Ensure that the following are configured for a secure transport for forwarding data to a SIEM destination:
You must configure a SIEM tool to secure TCP communication using TLS. This is mandatory for an encrypted communication.
Configure server certificates so that the Data Connector can forward DNS queries and responses to the configured SIEM tool. Note that the server certificates must be self-signed or signed by CA authorities. You can retrieve these from your SIEM tools. For more information, refer to the respective SIEM tool documentation.