The Network workspace is displayed when you click Monitor on the left navigation menu on the Infoblox Portal. This workspace displays real-time information and monitoring for DDI services providing insights aimed towards enhancing your network visibility and management – thereby increasing operational efficiency across on-prem and cloud providers.
Business KPI Ribbon
On top of the page, the business KPIs provide weekly insights based on the most recent 7-day period and are updated daily at 00:00 UTC
On top of the page in the business KPI ribbon, you can see statistics about the following:
Deployment Availability: This metric represents the cumulative availability of the Infoblox network services deployed within your network over a defined time period. It includes both protocol services, such as DNS and DHCP for NIOS-X and NIOS-XaaS. The availability measurement accounts for the overall uptime and reliability of these services, ensuring they meet expected performance and operational standards. A high cumulative availability indicates that the deployed services have been consistently accessible and functioning without significant interruptions, while lower availability may suggest service disruptions or outages that require attention.
IP Utilization: This metric provides an overview of the IP utilization levels across all allocated subnets within your network infrastructure. It calculates the average utilization percentage, factoring in the size of each subnet to provide a weighted assessment. This ensures that larger subnets, which accommodate more IP addresses, contribute proportionally to the overall utilization figure. By monitoring IP utilization, administrators can assess how efficiently IP resources are being used, identify potential shortages or over-provisioning, and optimize allocation strategies to prevent IP exhaustion or inefficiencies.
DNS Resolution Time: This metric represents the average time required to resolve DNS queries across your network. It helps track performance by indicating whether resolution times are increasing or decreasing. An increase in DNS resolution time is highlighted in red with an upward arrow, while a decrease is shown in green with a downward arrow. The DNS resolution time is shown in milliseconds.
Summary Monitors
The Infoblox Portal also displays the following summary monitors for additional information related to the supported network objects. You can click an active area in the monitors to drill down to the detail view.
DNS Record Classification: This monitor shows the status of DNS resource records. This monitor shows the following information (count):
Dangling: These are DNS records that point to resources (such as cloud services, or domains) that no longer exist. They pose a security risk as attackers can potentially take over the dangling domain and hijack the DNS record (e.g., subdomain takeover). Applies to:
PTR - Points to domain (FQDN) that doesn't exist
CNAME - Points to domain (FQDN) that doesn't exist
SRV - Points to non-existing target (FQDN)
Abandoned: These are outdated or unused DNS records that remain in a domain's configuration. While not necessarily pointing to reclaimable resources, abandoned records can cause confusion, slower network traffic, and increase the attack surface if misused. Certain cloud resources use shared network spaces and won’t be classified as abandoned even though the resource has been delete (for example, AWS S3 buckets). Applies to:
CNAME that are resolvable but unreachable.
A-Record that does not have a route to the IP or the IP is not reachable. AAAA records are not supported.
Untrusted: These are DNS records that resolve to domains or servers that are not fully trusted or controlled by the organization. This may include third-party services, dynamic DNS hosts, or external domains that could be compromised, leading to security risks such as phishing or data leaks. Applies to:
CNAME that is not in our Asset or IPAM/DHCP Inventory.
A-Record that is not in our Asset or IPAM/DHCP Inventory.
These DNS Record classifications are applicable to public/external DNS zones across AWS, Azure, and GCP
Azure Front Door and Storage Container objects are not supported for the Untrusted classification. This applies to CNAME records whose targets point to these Azure resources.
The following detailed views are available: