The Infoblox Data Connector VM (virtual appliance) is a utility designed to do the following:
- Collects DNS query and response data from the Infoblox Grid members;
- Filters based on user criteria, thus reducing the quantity of data;
- Converts the data to a format that can be securely transferred to the following endpoints: NIOS reporting server for report generation, Infoblox ActiveTrust cloud destination, and third-party Splunk Indexer.
The Data Connector filters data based on user criteria (thus reducing data quantity) and converts the data to a format that can be securely transferred to the supported destinations. It acts as a central point for data collection across your network devices, which reduces the impact of data exchange and improves your Grid performance.
The Data Connector collects DNS query and response data from the Grid members that are answering queries, and then forwards this data to the NIOS reporting server and third-party indexers through the SCP protocol. Similarly, it collects RPZ Hits, DHCP Leasing Information and IPAM, User Info data if available, from the Grid members, generates parquet files and sends the parquet files to the Infoblox ActiveTrust Cloud destination via HTTP requests.
The Data Connector is designed to run on VMware ESXi servers. You can install the Data Connector VM software package on a host with VMware ESXi 5.x or later installed, and then configure it as a virtual appliance. After configuring the Data Connector VM, you must register it with the Infoblox Grid and configure certain NIOS parameters before it can collect DNS query and response data from the Grid. Note that you can register only one Data Connector with a Grid running NIOS 7.3.0 and later.
When you set up a Data Connector VM, you use it solely for collecting DNS data from the Grid and sending the data to the desired destination. You cannot add licenses to run other services, such as DNS and DHCP.
Note: It is not required that you upgrade the Data Connector VM when upgrading NIOS appliances in your Grid.
The following are some key features for the Data Connector:
- The Data Connector collects DNS query data from the NIOS Grid and forwards this data to the NIOS reporting server through the SCP protocol and to the Infoblox cloud destination via HTTP requests.
- To ensure confidentiality, all protocol exchanges to and from the Data Connector VM are encrypted.
- The Data Connector VM has firewall enabled.
You can make a remote serial connection to the Data Connector VM using SSH port 2020. Example: ssh admin@DCVM_IP -p 2020.
Infoblox Technical Support can use port 2222 to access the Data Connector VM. Example: ssh dcadmin@DCVM_IP -p 2222.
Figure 1.1 illustrates the basic concept of the data collection process, which includes collecting query and response data from Grid members, storing them, and sending it back to the supported destinations. You can then monitor the trend of DNS queries by client, domain, time, record type, query type, and DNS view. For more information, see Viewing DNS Query Capture Reports.
Figure 1.1 Data Connection Process
This page has no comments.