Working with Infoblox can be challenging when it comes to their naming of features, licenses, marketing slides, and GUI options. So let’s bring some clarity into this chaos. :D I have listed the most common DNS security features and their corresponding Infoblox names. I hope you folks can use it as well.
I am focussing on the DNS security features here only. Not on core NS1 Grid, NetMRI, and so on.
|response policy zone RPZ trigger & action||DNS Firewall DFW||see left||DNS -> Response Policy Zones|
|RPZ feed for malware blocking (recursive DNS server)||ActiveTrust AT|
(includes DFW for RPZ)
|DNS exfiltration/tunneling blocking (recursive DNS server)||Threat Insight TI||Threat Anlytics TA (requires DFW or AT for RPZ)||Grid -> Threat Analytics
Data Management -> Threat Analytics
|DDos & exploit defense (authoritative DNS server)||Advanced DNS Protection (v)ADP||Threat Protection & Threat Protection Update||Grid -> Threat Protection
Data Management -> Security
Please note that at least the “TI” acronym is used twice, cause it can be either “Threat Intelligence” or “Threat Insight”. To my mind it’s better to omit those acronyms at all while using the full two/three words when talking about it.
Features I have not listed here:
- DNS Traffic Control (DTC): Global Server Load Balancing (GSLB)
- Cybersecurity Ecosystem: Outbound API
- ActiveTrust Cloud (ATC): DNSaaS
Merry christmas everyone! 🎄🎄🎄 Christ is born. That’s what it’s all about!