Document toolboxDocument toolbox

Managing External Licenses

Owned by Gary Leicht
Last updated: Sept 06, 2024
3 min read

 External licenses allow you to use your vendor-provided API key to obtain Dossier data. All external licenses associated with your organization’s account can be viewed on the External Licenses page (ConfigureAdministration -> External Licenses). The External Licenses page displays all the external licenses you have configured. Currently, only VirusTotal AI keys are supported. Additional vendors and license types will be supported by Infoblox in the future.

Key Store Service for Bring Your Own License (BYOL)

Bring Your Own License” or BYOL, provides greater flexibility in the use of cyber threat intelligence when integrated with Infoblox’s threat feeds. Using the Key Store Service for BYOL, Infoblox Threat Defense is able to support threat feeds from vendors preferring a more direct subscription relationship. Currently, BYOL licensing service supports VirusTotal data feeds for Dossier when researching an indicator, but eventually this capability will be extended to support the enrichment of a broader range of vendors and threat feeds. 

NOTE: “Bring Your Own License” Key Store Service is not included at the Infoblox Threat Defense Essentials subscription level. 

Infoblox Key Store Service is an integral part in providing BYOL service. Using the Key Store Service in conjunction with BYOL allows you to store your API licenses from third-party vendors like VirusTotal in your organization’s account. Many of the VirusTotal API features are currently restricted to premium subscribers only. Using the Key Store Service allows Infoblox to use your valid license credentials to make API calls on behalf of your organization to third-party vendors, resulting in the fully automated integration with Infoblox Threat Defense.

NOTE: Currently, the BYOL Key Store service only functions when storing API license keys for VirusTotal, Mandiant, and Emerging Trends Proofpoint (ETPro). Support for other third-party vendors and license types will be added in the future. 

For example, if you are using Dossier to retrieve VirusTotal data, Infoblox pulls the data using your organization’s unique API license key for VirusTotal. Your API license key is unique to your organization and cannot be used by other organizations. Infoblox is prohibited from using a global API key to pull data on behalf of any organization.

The External Licenses page displays all the information for your organization's configured external licenses. On the External License page, you can view the following: 

  • Name: The name or identifier of the organization's key.
  • Vendor: The vendor’s name for which the key applies from among the drop-down options.
  • License Type: The license type from among the available drop-down menu options. Currently only license keys are supported. Other license types will be supported in the future.
  • Key: A user-created key associated with the license to make it easily identifiable. 
  • Status: The status of the key, whether active or inactive.

Obtaining API Keys from Third-Party Vendors

Each organization is responsible for obtaining their own API keys from the third-party data sources for which they are subscribed. For example, if your organization subscribes to VirusTotal, then you will need to contact VirusTotal with your request for an API key. In VirusTotal’s case, visiting their API documentation page at the VirusTotal API Version 3 Overview page will provide you with information on the various API licensing packages available to your organization along with information on their acceptable usage. Likewise, other third-party data vendors will need to be contacted with the request for API licenses allowing you to access their data through the Infoblox Portal. 

Configuring Key Storage for Bring Your Own License (BYOL)

Before you can use a stored external license to obtain data for TIDE in the Infoblox Portal, you must first configure it. All external licenses associated with your organization’s account are displayed on the external licenses page (ConfigureAdministration > External Licenses). You can add a new external license to your configuration by clicking Create on the top Action bar or remove a license by clicking Remove.

  • Name (required): The name of the external license. 
  • Vendor: The name of the vendor for which the license key applies. Select the vendor from among the options available on the drop-down list. Currently, Emerging Threats Proofpoint, Mandiant APIv4, and Virus Total are supported. 
  • License Type: The type of external license. Currently only license keys are supported. Other license types will be supported in the future. Note that when viewing the external license page, the license key is obfuscated from viewing.
  • Key (required): The key associated with the license.
  • Active: The status of the key, whether active or inactive. By default, the external license status is set to Active.

Once all external license data is added, click Save & Close to save the external license configuration. 

For information on using external licenses, see the following: