You can deploy the infoblox threat defense to proactively protect users everywhere After you submit, a security expert will respond within one business day. Instead of redirecting queries to the cloud, detect mode forwards dns query and response logs to the threat defense service for full threat detection
Security teams gain visibility into threats and can forward findings to soc tools such as siem or soar for investigation and response. We’ll show you exactly how to turn dns into your most effective line of defense—and how infoblox can reduce secops load while increasing visibility It captures and streams query logs to the infoblox threat defense cloud for security analysis and visibility
To avoid unintended blocking of legitimate internal dns lookups, do not configure the bogon feed (bogon.rpz.infoblox.local) on nios appliances that are authoritative for internal domains or that forward dns queries to internal authoritative dns servers. Infoblox threat defense applies threat intelligence feeds to your network scope based on your subscription level You can view these feeds to understand how they can protect your networks.
