Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

In your network infrastructure, there are three main IP sources that generate DNS traffic on the internet:

  • Your organization's public networks

  • Roaming end users

  • On-premises networks

To cover all basis for possible cyber attack, BloxOne Threat Defense allows you to set up protection for one or all of these IP sources based on your business requirements.

Your Organization's Public Networks

To protect internet-facing IP address spaces your company uses, you can register these networks using the External Networks feature through the Cloud Services Portal. You identify these networks by IP addresses. A network can contain a group of IPv4 addresses or blocks. If you have multiple internet-facing networks, Infoblox recommends that you register all of them to ensure that they are protected when traffic is pointed at them. This also prevents IP spaces belonging to your company from being incorrectly assigned. Please be aware that no protection is provided for traffic pointed to a network that has not been registered.

The following diagram describes the high-level steps for deploying BloxOne Threat Defense for your company’s public networks:

For information on how to add your company's public networks for protection, see Configuring External Networks

Roaming End Users

You can set up BloxOne Endpoint and BloxOne Mobile Endpoint to secure roaming end users in varying environments such as home offices, branch offices, public spaces, and more. BloxOne Endpoint is a lightweight mobile agent that can be used to secure roaming end users, devices, and systems no matter where they are, extending enterprise-level security to remote locations and work-from-home environments. To enable end users to connect to BloxOne Cloud, you must download and install the Endpoint client on
their devices. The client enforces security policies that you apply to the remote networks, regardless of where the end users are and which networks they are connected to. Once installed, BloxOne Endpoint will automatically update when updates are available.

For information on the installation and deployment of BloxOne Endpoint, see Installing Endpoint.

For information on how to deploy BloxOne Mobile Endpoint, see Mobile Endpoint Management

To view the BloxOne Endpoint deployment guides, click here for BloxOne Endpoint and here for BloxOne Mobile Endpoint.

On-Premises Networks

For on-premises networks, including the NIOS Grid, in your enterprise infrastructure, BloxOne Threat Defense provides DFP (DNS Forwarding Proxy) as a DNS forwarder that forwards DNS queries to the BloxOne anycast DNS server or to a local DNS server that you configure. DFP protects your DNS traffic when queries are sent over the internet to the BloxOne anycast DNS server. DFP runs on hosts that you implement to connect to BloxOne Cloud, within which you can take full advantage of the security features to protect your enterprise infrastructure. If for any reason the host cannot reach the BloxOne anycast DNS server, DFP will send requests to a local DNS server that protects clients via the RPZ (on-prem DNS Firewall) feeds.

For information on the installation and deployment of DFP, see Configuring DNS Forwarding Proxy. 

To view the DNS Forwarding Proxy Deployment Guide, click here

  • No labels