Page tree

Contents

BloxOne Mobile Endpoint

Infoblox BloxOne Mobile Endpoint is a lightweight mobile cloud service for sending queries over an encrypted channel. Mobile Endpoint provides visibility into infected and compromised devices (including Android and iOS), prevents DNS-based data exfiltration and other forms of DNS tunneling, and impedes device communications with botnets and their command-and-control infrastructure.

To enable end users to connect to Infoblox cloud services, you must download and install the Endpoint client on their devices. The client enforces security policies that you apply to the remote networks, regardless of where the end users are and which networks they are connected. Note that BloxOne Mobile Endpoint is incompatible with other VPNs. 

With BloxOne Mobile Endpoint, all DNS queries other than those that target the bypassed domains and  internal domains collected through the DHCP server are sent to BloxOne Threat Defense Cloud directly. If you have internal domains that are served by your local DNS servers, and if you want to reach them without interruptions, then consider adding them to the list of bypassed internal domains, to ensure that DNS queries for these internal domains are sent to the local DNS servers instead of BloxOne Threat Defense Cloud.

BloxOne Mobile Endpoint supports  IPv4 DNS configurations, thereby protecting all devices, regardless of their network environments. This means roaming clients will be protected in different networking environments. When connected to a network, mobile endpoint can communicate with BloxOne Threat Defense Cloud by using both protocols. Mobile endpoint is able to proxy IPv4 DNS queries and forward them to BloxOne Threat Defense Cloud.


Configuring Mobile Endpoint MDM in the Cloud Services Portal

To pull mobile endpoint configuration for MDM solutions, complete the following:

  1. From the Cloud Services Portal, click Manage -> Endpoints.
  2. On the Endpoints page, click the Endpoint Groups tab.
  3. On the Endpoints Groups page, click Manage MDM located beneath the top action bar. 
  4. On the Mobile Device Management page, download the configuration file for your device. For an android device, click Download Android Config File to download the xml file for your device. For an Apple device, click Download IOS Config File to download the xml file for your device.
  5. Click Close to close the once your device configuration file has been downloaded. 
  6. The configuration file contains the following information that you can use when configuring MDM:
    • customerId: The ID generated by the Cloud Services Portal for your account. You should use the provided ID to associate endpoints with your account.
    • groupName: The group name for the endpoint group to which endpoints will be automatically joining. You can change it per your requirements but you should specify only an existing group. 
    • allowServiceControl: True/false to allow the disabling of protection on the client.
    • userId: The user name displayed in the logs. MDM solutions provide variables like full name, username, serial, which help you to better identify a device user. Please refer your MDM documentation for additional information.
  • No labels

This page has no comments.