Document toolboxDocument toolbox

Configuring Threat Protection Profiles

Owned by Panna .
Jun 20, 2022
2 min read

When you configure the Grid or Member security properties, you have an option to select an active ruleset or a threat protection profile. A threat protection profile defines specific security settings and ruleset that you want to apply to a specific member or a group of members. Infoblox uses event filters to limit the amount of logs that are generated due to the threat protection events. It drops packets for services or ports that are not enabled on the card.
If you want to use the same threat protection rulesets and settings for multiple members, you can create a threat protection profile and associate it with multiple members so you do not have to configure them individually. You can configure threat protection profiles for both hardware and Software ADP appliances.
Infoblox automatically migrates threat protection profile settings when:

  • you update an active ruleset at the Grid level and if a profile has inherited the respective active ruleset from the Grid.
  • the profile inherits an active ruleset from the Grid and you override the active ruleset that is associated with the profile.
  • the profile is set to override an active ruleset and you change an active ruleset for the profile.

You can do the following to configure threat protection profiles: