Creating Custom Lists

To create a custom list, complete the following:

1. From the Infoblox Portal, click Configure > Security > Policies.
2. On the Security Policies page, click the Custom Lists tab located above the top Action bar.
3. On the Custom Lists page, click Create at the top Action bar.
4. On the Create a Custom List page, complete the following:
   • Custom List Name: Enter a name for the custom list. Ensure that you use a unique name for each custom list.
   • Description: Enter a brief description of the custom list.
   • Threat Level: Select a Threat  level from among the following options: Info, High, Medium, Low, or Info. The default Threat insight value is High. For more information creating a custom list with customer-defined threat rating level, see Customer-Defined Threat Level and Confidence Score for Custom and Threat Insight Lists.
   • Threat Confidence: Select a Threat Confidence score from among the following options: High, Low, or Medium. The default Threat insight value is Low. For more information creating a custom list with customer-defined threat confidence score, see Customer-Defined Threat Level and Confidence Score for Custom and Threat Insight Lists.
   • Tag: Enter a tag. A tag consists of a KEY (required) and a Value. When a security policy is created possessing a key and its corresponding value, all resource data having the same or similar key and the same or similar value will be associated with the security policy. For information on adding tags to a custom list, see Adding Policy Rules and Setting Precedence.
   • Domains/IP Addresses: Enter a fully qualified domain name (FQDN), a valid IPv4 address, an IPv6 address, a subnet, or a CIDR that you want to include in the custom list that you are creating.
     
     • Organizations can use custom lists to allow or block large subnets. IPv4 subnet addresses with CIDRs between /8 and /32 are supported and can be added to a custom list for allowing or blocking subnets, with permissions in a security policy. Likewise, IPv6 subnet addresses with CIDRs between /32 and /128 can also be added to a custom list for allowing or blocking a subnet by assigning it to a security policy. For information on how to add a custom list to security policies and applying policy rules, see Adding Policy Rules and Setting Precedence.
     • You can enter multiple domains or IP addresses by repeating the same steps. For each domain or IP address added to a custom list, a description for the domain or IP address can also be added to improve the investigative process. When configuring an IP address without using a mask, the IP address will automatically be updated using a /32 subnet mask. When finished, press any key on your keyboard to accept the entry. To remove a domain or IP from the list, place a check the box to the left of the entry and then click the Remove button.  

5. Click Save & Close to save the configuration. Infoblox Platform adds the custom list.

Configuring a Wild Card Domain for use with Custom Lists

It is not required to add the wild card domain and the parent domain name to an internal domain list. By default, a domain name added to an internal domain list will be interpreted as a wild card entry, allowing resolution of both the parent domain and all its sub-domains by the configured DFP local resolvers. For example. if test.com is added to an internal domain list, the list can be considered to effectively include all subdomains of the test.com domain (corresponding to the wildcard domain *.test.com”).

To view information on custom lists, see the following:

• Viewing Custom Lists
• Editing Custom Lists
• Updating an Imported Custom List