Document toolboxDocument toolbox

Defining Network Scopes

Owned by Shirly Tsang
Last updated: Sept 06, 2024 by Gary Leicht
2 min read

In your network infrastructure, there are three main IP sources that generate DNS traffic on the internet:

  • Your organization's public networks

  • Roaming end users

  • On-premises networks

To cover all basis for possible cyber attack, Infoblox Threat Defense allows you to set up protection for one or all of these IP sources based on your business requirements.

Your Organization's Public Networks

To protect internet-facing IP address spaces your company uses, you can register these networks using the External Networks feature through the Infoblox Services Portal. You identify these networks by IP addresses. A network can contain a group of IPv4 addresses or blocks. If you have multiple internet-facing networks, Infoblox recommends that you register all of them to ensure that they are protected when traffic is pointed at them. This also prevents IP spaces belonging to your company from being incorrectly assigned. Please be aware that no protection is provided for traffic pointed to a network that has not been registered.

For information on how to add your company's public networks for protection, see Configuring External Networks. 

Roaming End Users

You can set up Infoblox Endpoint and Infoblox Mobile Endpoint to secure roaming end users in varying environments such as home offices, branch offices, public spaces, and more. Infoblox Endpoint is a lightweight mobile agent that can be used to secure roaming end users, devices, and systems no matter where they are, extending enterprise-level security to remote locations and work-from-home environments. To enable end users to connect to Infoblox Platform, you must download and install the Endpoint client on
their devices. The client enforces security policies that you apply to the remote networks, regardless of where the end users are and which networks they are connected to. Once installed, Infoblox Endpoint will automatically update when updates are available.

For information on the installation and deployment of Infoblox Endpoint, see Installing Endpoint.

For information on how to deploy Infoblox Mobile Endpoint, see Managing BloxOne Mobile Endpoint. 

To view the Infoblox Endpoint deployment guides, click here for Infoblox Endpoint and here for Infoblox Mobile Endpoint.

On-Premises Networks

For on-premises networks (including the NIOS Grid) in your enterprise infrastructure, Infoblox Threat Defense provides DFP (DNS Forwarding Proxy) as a DNS forwarder that secures your DNS traffic. The DFP protects your DNS traffic when queries are sent over the internet to the Infoblox anycast DNS server. You can run DFP as a service on hosts that you implement to connect to Infoblox Platform, within which you can take full advantage of the security features to protect your enterprise infrastructure. If for any reason the host cannot reach the Infoblox anycast DNS server, DFP will send requests to a local DNS server that protects your clients via the RPZ (on-prem DNS Firewall) feeds.

For information on the installation and deployment of DFP, see Creating DNS Forwarding Proxy Services. see Configuring General DNS Forwarding Proxy Information.

To view the DNS Forwarding Proxy Deployment Guide, click here