/
Using BloxOne as a DoH server
Document toolboxDocument toolbox

Using BloxOne as a DoH server

Owned by Shirly Tsang
Jun 19, 2024
4 min read

BloxOne Threat Defense offers the ability to utilize agent-less support for DNS resolution via DoH. In order to use BloxOne’s DoH feature, a security policy must be created to acquire a DoH URL. This URL can be leveraged by clients for direct DoH resolution of domains via BloxOne. The rules within the security policy the URL is acquired from will apply to traffic being resolved via the DoH URL. Additionally, any external networks added to the Security policy will be resolvable by clients using the DoH URL. For more information on external networks and security polices please view the Infoblox documentation portal.

This section covers how to acquire a DoH URL from a security policy in BloxOne.

Licensing and Certificate Requirements

To leverage BloxOne Threat Defense’s DoH feature a BloxOne Threat Defense Cloud or Advanced license is required.

Create a new security policy and acquire a DoH URL

To create a DoH URL from BloxOne the creation of a Security Policy is required. Alternatively, a DoH URL can be acquired from an existing security policy. For more information on how to acquire a DoH URL from an existing security policy please view the section here. Complete the following steps to acquire a DoH URL from BloxOne.

  1. Navigate to Policies → Security Policies.

image-20240604-152837.png

  1. Click Create Security Policy.

image-20240604-165901.png

  1. Give the new security policy a Name.

image-20240604-170554.png

  1. (Optional) Give the new security policy a Description.

image-20240604-170658.png

  1. Enable the toggle switch associated with DoH per Policy.

image-20240604-213046.png

  1. Copy the URL that is visible and save it to a text editor for use later.

image-20240604-213122.png

 

  1. Click Next.

image-20240604-213451.png

  1. (Optional) Apply this security policy to any additional sources via the Add Source button if desired.

image-20240604-213409.png

  1. Click Next.

image-20240604-213455.png

  1. (Optional) Add any desired rules to this policy via the Add Rule button if desired.

image-20240604-213533.png

  1. Click Finish.

image-20240604-213455.png

  1. Click Save & Close to confirm the creation of the security policy.

image-20240604-213642.png

  1. Add the DoH URL to any platform that supports DoH. For more information please refer to the documentation here.

Acquire a DoH URL from an existing security policy

A DoH URL can be acquired from an existing security policy. Complete the following steps to acquire a DoH URL from BloxOne.

  1. Navigate to Policies → Security Policies.

image-20240604-152837.png

  1. Locate and click the hamburger icon associated with the existing security policy that the DoH URL is to be acquired from. Then, click Edit.

image-20240604-214531.png

  1. Give the new security policy a Name.

image-20240604-170554.png

  1. (Optional) Give the new security policy a Description.

image-20240604-170658.png

  1. Enable the toggle switch associated with DoH per Policy.

image-20240604-213046.png

  1. Copy the URL that is visible and save it to a text editor for use later.

image-20240604-213122.png

 

  1. Click Finish.

image-20240604-213455.png

  1. Click Save & Close to confirm the edits to the security policy.

image-20240604-213642.png

  1. Add the DoH URL to any platform that supports DoH. For more information please refer to the documentation here.

Related content