On-Prem DNS Firewall Service

Infoblox On-Prem DNS Firewall employs DNS RPZs (Response Policy Zones), a technology developed by Internet System Consortium. DNS RPZs enable reputable sources to dynamically communicate domain name reputation, and this helps you implement policy controls for DNS lookups.

The Data Exfiltration, Malware, Command & Control, and Summary reports are not tied to your organization's custom allow list and should not be reported as RPZ events. Thus, they report threats detected by threat intelligence and exist independently of the DNS Firewall. If your DNS threat policy is set to "log, allow," these reports will continue to show up. To remedy this when interpreting DNS Firewall activity, use only the Security Report.

To access Infoblox On-Prem DNS Firewall, log into the Infoblox Platform and go to Configure > Security > On-Prem Firewall. On the On-Prem DNS Firewall page, follow the four-step process to set up your on-prem firewall service.

For information about the On-Prem DNS Firewall Service, see the following:

If your network infrastructure consists of On-Prem Infoblox appliances, you can set up the DNS Firewall service on these appliances to provide protection through RPZs. For more information about Infoblox DNS Firewall, refer to the Infoblox NIOS Administrator Guide (NIOS 9.0).