Page tree

Contents

Infoblox BloxOneTM Threat Defense offers the following levels of subscription: BloxOneTM Threat Defense Essentials, BloxOneTM Threat Defense Business On-Premises, BloxOneTM Threat Defense Business Cloud, and BloxOneTM Threat Defense Advanced. Each subscription provides a different level of threat intelligence feeds, features, and protection.

Depending on your subscription, you might or might not have access to all functionality through the Cloud Services Portal. For detailed information about BloxOne Threat Defense subscriptions, contact your Infoblox representative. For information on viewing your licensing entitlements and subscription levels from within the Cloud Services Portal, see Viewing License Entitlements.

The following third-party threat indicator feeds are not included in any subscription package but can be purchased a la carte:

Third-party Threat Indicator Feeds

  • CrowdStrike

  • FireEye iSight Threat Intelligence

  • ThreatTrack Security BorderPatrol (RPZ)

  • Farsight Security Newly Observed Domains (NOD) (RPZ)

  • Proofpoint Emerging Threats (ET) IP and Domain Reputation (RPZ)

For more information on Threat Intelligence Feeds, see Threat Intelligence Solution Note.
The following table describes the availability of threat intelligence feeds and features for each subscription:

FeatureEssentialsBusiness On-PremisesBusiness CloudAdvanced
DNS FirewallPer ApplianceGrid Wide
Grid Wide
Cloud-based DNS Firewall

XX

DNS Forward Proxy



XX
DNS over HTTPS risk managementXXXX
Block DNS Data Exfiltration, DNS TunnelingXXXX
Block Malicious Domains (malware, C2, phishing, etc.)XXXX
File-less Malware (DNSMessenger)XXXX
Detect Inline DGA, Dictionary, DGA etc.
XXX
Block inappropriate or unwanted websites

XX
Custom Lookalike Domain Monitoring


X
Threat Insight On-PremisesPer ApplianceGrid Wide
Grid Wide
Threat Insight in the Cloud
XXX
Infoblox Threat (RPZ) feedsBasic (9)Intermediate (20)Intermediate (20)Advanced (27)
TIDE (Ingest & Distribute custom feeds)


X
Ecosystem (data sharing and response automation)Available a la carteGrid WideCloud Data Connector OnlyGrid Wide
Threat Lookup to research attacker dataX


Dossier for contextual & detailed threat intelligence (queries per year)
32,00032,00064,000
BloxOne Endpoint (Mac & Windows)

XX

The following list details the threat intelligence feeds and features for each subscription:


BloxOne Threat Defense Essentials

Threat Intelligence Feeds

  • Base hostnames

  • Anti-malware

  • Ransomware

  • Bogon

  • DHS AIS_IP

  • DHS AIS_Hostname

  • DHS AIS NCCIC Watch list Hostnames and Domains

  • DHS AIS NCCIC Watch list IPs

  • Public_DoH and Public_DoH_IP

 Features

  • Live threat feeds in DNS RPZ format

  • DNS Firewall capable of stopping threats at your GRID

  • Threat Insight (On-Premises) to detect advanced threats and data exfiltration

  • Threat Lookup to research basic attacker data (Dossier is not included in BloxOne Threat Defense Essentials)

  • Predefined Reports (Infoblox reporting appliance is required)


BloxOne Threat Defense Business On-Premises

Threat Intelligence Feeds

  • Base hostnames

  • Anti-malware

  • Ransomware

  • Bogon

  • DHS AIS_IP

  • DHS AIS_Hostname

  • DHS AIS NCCIC Watch list Hostnames and Domains

  • DHS AIS NCCIC Watch list IPs

  • Malware IPs

  • Bot IPs

  • Exploit kit IPs

  • Malware DGA hostnames

  • Tor Exit Node IPs

  • SURBL Multi domains

  • SURBL Multi Lite domains

  • SURBL Fresh domains

  • US OFAC Sanctions IPs

  • EECN IPs

  • Cryptocurrency hostnames and domains

  • Public_DoH and Public_DoH_IP


  • Live threat feeds in DNS RPZ format

  • DNS Firewall capable of stopping threats at your GRID

  • Threat Insight (On-Premises and Cloud) to detect advanced threats and data exfiltration

  • Dossier advanced threat research portal
  • Security Ecosystem to integrate Infoblox data with your 3rd party security tools

  • Predefined Reports (Infoblox reporting appliance is required)

For more information on BloxOne Threat Defense Business On-Premises, see BloxOne Threat Defense Business On-Premises Datasheet.


BloxOne Threat Defense Business Cloud

Threat Intelligence Feeds

  • Base hostnames

  • Anti-malware

  • Ransomware

  • Bogon

  • DHS AIS_IP

  • DHS AIS_Hostname

  • DHS AIS NCCIC Watch list Hostnames and Domains

  • DHS AIS NCCIC Watch list IPs

  • Malware IPs

  • Bot IPs

  • Exploit kit IPs

  • Malware DGA hostnames

  • Tor Exit Node IPs

  • SURBL Multi domains

  • SURBL Multi Lite domains

  • SURBL Fresh domains

  • US OFAC Sanctions IPs

  • EECN IPs

  • Cryptocurrency hostnames and domains

  • Public_DoH and Public_DoH_IP

  Features

  • Live threat feeds in DNS RPZ format

  • Threat Insight in the cloud to detect advanced threats and data exfiltration

  • Dossier advanced threat research portal

  • Security Ecosystem (cloud) to integrate Infoblox data with your 3rd party security tools

  • Endpoint Protection for your roaming Windows and Mac computers

  • Web Content Filtering

  • Predefined Reports

For more information on BloxOne Threat Defense Business Cloud, see BloxOne Threat Defense Business Cloud Datasheet.


BloxOne Threat Defense Advanced

Threat Intelligence Feeds

  • Base hostnames

  • Anti-malware

  • Ransomware

  • Bogon

  • DHS AIS_IP

  • DHS AIS_Hostname

  • DHS AIS NCCIC Watch list Hostnames and Domains

  • DHS AIS NCCIC Watch list IPs

  • Malware IPs

  • Bot IPs, Exploit kit IPs

  • Malware DGA hostnames

  • Tor Exit Node IPs

  • SURBL Multi domains

  • SURBL Multi Lite domains

  • SURBL Fresh domains

  • US OFAC Sanctions IPs

  • EECN IPs

  • Cryptocurrency hostnames and domains

  • Extended base & anti-malware

  • Extended malware IPs

  • Extended TOR Exit Node IPs

  • Extended ransomware IPs

  • Extended exploit kit IPs

  • Spambot IPs

  • Spambot IPs DNSBL

  • Public_DoH and Public_DoH_IP

  Features

  • Live threat feeds in DNS RPZ format

  • DNS Firewall capable of stopping threats at your GRID

  • Cloud-Based DNS firewall

  • Threat Insight in the cloud to detect advanced threats and data exfiltration

  • Dossier advanced threat research portal

  • Security Ecosystem to integrate Infoblox data with your 3rd party security tools

  • Endpoint Protection for your roaming Windows and Mac computers

  • Web Content Filtering

  • Threat Intelligence Data Exchange (TIDE) Manage and share threat intelligence between all of your security environment in multiple machine-readable formats

  • Predefined Reports

For more information on BloxOne Threat Defense Advanced, see BloxOne Threat Defense Advanced Datasheet.

  • No labels

This page has no comments.