This release of BloxOne Threat Defense introduces a new workflow that streamlines the deployment of DNS forwarding proxies. The workflow uses a secure join token mechanism to authenticate and deploy virtual appliances that you configure in your VM environments. For information about deployment options, see Deploying On-Prem Hosts.
About On-Prem Hosts
BloxOneTM Threat Defense Cloud is an extension of the BloxOne Suite that provides visibility into infected and compromised off-premises devices, roaming users, remote sites, and branch offices. You can subscribe to BloxOne Threat Defense Cloud and use its functionality to mitigate and control malware as well as provide unprecedented insight into your network security posture and enable timely action. BloxOne Threat Defense Cloud also offers unified policy management, reporting, and threat analytics across the entire spectrum. Using automated and high-quality threat intelligence feeds and unique behavioral analytics, it automatically stops device communications with malicious sites, C&C, botnets, and prevents DNS-based data exfiltration.
The mission-critical DNS infrastructure can become a vulnerable component in your network when it is inadequately protected by traditional security solutions and consequently used as an attack surface. Compromised DNS services can result in catastrophic network and system failures. To fully protect your network in today’s cyber security threat environment, Infoblox sets a new DNS security standard by offering scalable, enterprise-grade, and integrated protection for your DNS infrastructure. You can configure DNS forwarding proxies to forward recursive DNS requests to BloxOne Threat Defense so you can take advantage of the cybersecurity protection you get from BloxOne Threat Defense.
Through the Infoblox Cloud Services Portal, you can view the status of your subscription and threat intelligence feeds, manage your network scope and roaming end users, and learn more about threats on your networks through the Infoblox Threat Lookup tool and predefined reports.
Note
When you enable NIOS appliances as on-prem hosts, the QPS (query per second) throughput might vary, depending on your appliance models and the cache hit ratios. You might see a bigger performance impact when the cache hit ratio is lower. In general, NIOS can forward at least 3,500 QPS to BloxOne Threat Defense Cloud. For standalone installations, the QPS may vary depending on the hardware used and the cache hit. However, the number of QPS could fall in the range of 3,500 when you deploy an OVA with the recommended minimum system requirements. For more information, see Minimum System Requirements for On-Prem Hosts.
For more information on DNS forwarding proxies and how to use them in your network, see the following: