Page tree

Contents

To access the BloxOne Threat Defense Cloud service, you must forward your DNS traffic (except for internal domain resolution) to the BloxOne Threat Defense Cloud name server by using: BloxOne Endpoints, DNS forwarding proxies (standalone or running on NIOS) to forward requests from your DNS server to BloxOne Threat Defense Anycast DNS servers. When using global accelerator, the domain, geo.threatdefense.infoblox.com, must be allowed in the firewall rules.

If you directly use the Infoblox cloud DNS resolver (without BloxOne Endpoint or DNS forwarding proxy), you may provision the following DNS Anycast addresses:

  • IPv4 DNS Anycast addresses: 52.119.40.10052.119.41.100, and 103.80.5.100
  • IPv6 DNS Anycast addresses: 2400:4840::100 and 2620:129:6000::100

Warning
Before you point your DNS to BloxOne Threat Defense Cloud, ensure that your network and DNS server are properly configured for sending DNS queries and receiving responses. For more information, see Testing Network Configuration.

Depending on your network configuration, you may need to perform different procedures to configure your DNS forwarders to use the BloxOne Threat Defense Cloud name server. If you have an on-prem Infoblox Grid, you can configure your Grid members (acting as DNS forwarders) to use the BloxOne Threat Defense Cloud name server. If you are using any 3rd party DNS server e.g. Unbound or BIND as your DNS resolver, you can make some modifications in your DNS configuration file to configure your DNS forwarders to use the BloxOne Threat Defense Cloud name server IP. You can also configure Microsoft servers to use DNS forwarders.  

DNS Forwarding can be set up for on-prem host services, including Anycast, Data Connector, DHCP, DNS, DNS Forwarding Proxy, and NIOS Grid Connector by navigating to the Manage  -> On-Prem Hosts page, selecting an on-prem host from among the list of on-prem hosts, and clicking Service  -> DNS Forwarding. For more information, see DNS Forwarding Proxy. Note: The ability to select an on-prem host is unavailable in NIOS 8.5. 

A DNS forwarder is essentially a name server to which all other name servers first send queries that they cannot resolve locally. The forwarder then sends these queries to DNS servers that are external to the network, avoiding the need for the other name servers in your network to send queries off-site. A forwarder eventually builds up a cache of information, which it uses to resolve queries. This reduces Internet traffic over the network and decreases the response time to DNS clients.

To enable recursion on the Grid for forwarding DNS traffic, see On-Prem Infoblox Grid.

To configure DNS Forwarding Proxy on NIOS, see DNS Forwarding Proxy on NIOS.

To modifying your DNS configuration file for Unbound DNS Resolver, BIND DNS Resolver, or Microsoft DNS Resolver, see the following:


  • No labels

This page has no comments.