Before you can apply security policies, you must first define the networks that you want to protect from malicious attacks. The first step in configuring BloxOne Threat Defense Cloud is to set up DNS Firewall by defining your remote networks. You identify these external networks by their IP addresses. A network can contain a group of IPv4 addresses or blocks.
If you plan to use multiple external networks in your configuration, Infoblox recommends that you register all your networks as soon as possible. Pre-registering your networks ensures that they will be available when traffic is pointed at them, and prevents IP space belonging to your company from being incorrectly assigned. Please be aware that no protection is provided for traffic pointed to a network that has not yet been registered.
BloxOne Threat Defense Cloud automatically generates the following default networks. You cannot modify or delete them.
- All Endpoints (default): This network includes all Endpoints. If you want to apply specific security policies only to these endpoints, you can use this network when you configure your security policies.
- All DNS Forwarder Proxies (default): This network includes the DNS forwarding proxies.
- All Users (default): This network includes all users in your organization, including all BloxOne Endpoints.
To define additional networks, complete the following:
- From the Cloud Services Portal, click Manage -> External Networks.
- On the Networks page, click Add at the top Action bar.
- On the Define a Network page, complete the following:
- Network Name: Enter the name of the network. Ensure that you use a unique name for each network.
- Description: Enter a brief description of the network.
- IP addresses and ranges: Enter a valid IPv4 address and netmask. To avoid duplicate networks and issues with ACLs defined for the DNS Firewall, BloxOne Threat Defense Cloud does not allow a CIDR block that spans across a wide range of IPs. You can enter a valid netmask between /24 and /32. BloxOne Threat Defense Cloud will return an error if you enter an invalid netmask. If you must use a CIDR block outside of this range, contact Infoblox Technical Support. Click the + icon to add the IP address to the list. You can add multiple IP addresses by repeating the same steps. To delete an IP address from the list, click the x icon next to the entry.
- Click Save to save your configuration. BloxOne Threat Defense Cloud adds the newly created network to the Networks list.
Using the search field located at the top Action bar, a specific network may be located.
The Networks page displays all the networks that you have defined. You can click the Action menu next to a network and select Edit to modify its information or select Remove to delete it. When you select a specific network, you can also view its detailed information on the right panel of the page.
This page has no comments.