Product Updates & Enhancements

July 2025

In Case You Missed It

Last month's product updates can be found in June's communication.

Now Available

NIOS 9.0.6: New Swagger/OpenAPI Documentation for Infoblox NIOS APIs
Infoblox Threat Defense: New Point of Presence (PoP) in Hong Kong
Ecosystem: Cisco ISE
Ecosystem: CrowdStrike EDR

Coming Soon

Infoblox Universal DDI™ Management: Network Workspace Monitors: DNS Error Responses and DHCP Classifications
NIOS 9.0.7: The Latest NIOS Features and User Experience Available for Federal Organizations
NIOS DDI: vNIOS X6 Series Cloud Platform Updates
Infoblox Threat Defense: Security Workspaces and Monitors
Infoblox Threat Defense: Detect Mode
Infoblox Threat Defense: Protection Before Impact
Infoblox Threat Defense: Predictive Intelligence
Infoblox Threat Defense: Asset Discovery and Asset Inventory Access
Ecosystem: Google SecOps SIEM
Ecosystem: Rapid7

NETWORKING

NIOS 9.0.6: New Swagger/OpenAPI Documentation for Infoblox NIOSAPIs

Now Available

Infoblox is making it even easier for developers to integrate third-party software and automate NIOS DDI deployments. We’ve recently added support for OpenAPI (Swagger) specifications for Infoblox NIOS WAPI endpoints. Starting with NIOS 9.0.6 (WAPI version 2.13.6), developers can now explore and test NIOS APIs directly from their browser using Swagger UI, without writing a line of code. With these new capabilities, you can:

Discover and use interactive API documentation with references that automatically update with new versions
Access pre-compiled OpenAPI specifications for all NIOS APIs
Browse API endpoints, request/response models and examples
Use automated workflows for continuous integration and deployment

Altogether, these enhancements lead to faster, simpler API integrations and more agile and efficient DevOps processes.

For more information, see NIOS Swagger UI Documentation and the NIOS Swagger GitHub Repository.

Infoblox Universal DDI™ Management: Network Workspace Monitors: DNS Error Responses and DHCP Classifications

Coming Soon

The Network Workspace will have 2 additional summary monitors offering visibility and insights into the state of DNS and DHCP in your environment.

DNS Error Responses: Offered as part of the UDDI Reporting token entitlement, this summary monitor will report the number of DNS Responses classified by error state (i.e. NXDOMAIN, SERVFAIL, etc.). Detailed drill-downs, showing actionable data, will be available by clicking on each of the DNS Response types.
DHCP Classifications: This summary monitor will show the total number of leases that match pre-defined DHCP classifications. Among these insights are Stale Reservations, Rapid Requests, Rogue Assignments and Stale Fixed Addresses. Clicking any of the classifications will present a list of leases that match this criteria.

NIOS 9.0.7: The Latest NIOS Features and User Experience Available for Federal Organizations

Coming Soon

With NIOS 9.0.7, the full suite of NIOS 9.X features and UX enhancements will be available to all Infoblox customers, including government agencies subject to Federal Information Processing Standards (FIPS) requirements. The latest NIOS version will also add support for new DNS resource records and performance enhancements, new cloud and partner integrations and our Long-Term Support program, all in a solution submitted for FIPS validation.

NIOS DDI: vNIOS X6 Series Cloud Platform Updates

Coming Soon

Infoblox vNIOS cloud platforms can do more than ever—even in smaller sizes. We’ve recently released updated specifications for using smaller vNIOS instance sizes in AWS, similar to the specifications for smaller X6 Series appliances in Microsoft Azure. Similar updates are now in progress for Google Cloud. Soon, organizations using instances with more memory or CPU than their vNIOS workloads actually require will be able to use smaller instance types across all major cloud environments. They can right-size their cloud spend for actual utilization without sacrificing performance.

Quick Links for Universal DDI

Quick Links for NIOS DDI

Subscribe to the Infoblox Status Page to receive real-time notifications on maintenance upgrades.

SECURITY

Infoblox Threat Defense: New Point of Presence (PoP) in Hong Kong

Now Available

Infoblox has expanded its global infrastructure with the addition of a new Point of Presence (PoP) in Hong Kong. This enhancement improves performance and resiliency for regional DNS security services.

The Regional Anycast IP addresses for the new PoP are 52.119.41.64 and 103.80.6.64, FQDN: ap-south-2-geo.threatdefense.infoblox.com.

For more information, see Forwarding DNS Traffic to the Infoblox Platform.

Infoblox Threat Defense: Security Workspaces and Monitors

Coming Soon

We will be introducing Security Workspaces & Monitors, a powerful new addition designed to streamline threat visibility and accelerate security workflows.

Unified Threat View: Gain a holistic, correlated view of threats across your environment, helping you better understand impact, prioritize risks and drive operational efficiency.
Key Security Metrics: Easily view key metrics on security workspaces, including threats blocked, threats allowed, threats by level, first to detect and bandwidth savings.
Streamlined Workflows: See how centralized, intuitive access to critical security data can elevate your threat investigation speed and decision-making confidence.

Drill-downs will also be available for each of these monitors, showing details such as the number of detections, threat class and last detected timestamp, letting users see what’s happening in their environment and fine-tune policies accordingly.

Threat Defense preemptively blocks malicious, high-risk and unwanted traffic, leading to optimized performance, lower infrastructure costs and improved overall network efficiency. The bandwidth savings monitor will enable you to easily see these savings quantified by threat type.

Infoblox Threat Defense: Detect Mode

Coming Soon

Threat Defense (TD) Detect Mode will eliminate technical challenges that IT or Network Architects face when trying to prove the value of the Threat Defense product without redirecting external queries to the cloud for resolution. This will allow security teams to learn the value of Protective DNS practices with Threat Defense without intrusive infrastructure changes. Detect Mode will be available on all supported Infoblox NIOS versions and works by forwarding DNS query/response logs (not queries) to Threat Defense in the cloud for full threat detection capability. Any detected threats and context can then be sent to SOC tools, such as SIEM/SOAR, for investigation and response.

Infoblox Threat Defense: Protection Before Impact

Coming Soon

The Protection Before Impact feature will help customers understand the time advantage of Infoblox’s early detection in staying ahead of threats. It will highlight the average number of days Infoblox proactively blocked threats before users ever accessed the associated domains. It includes two metrics:

Infoblox Time Advantage: Highlights how much sooner Infoblox identified an indicator before the rest of the industry.
Protection Time Advantage: Highlights how much sooner Infoblox identified an indicator before it was first detected in a customer environment.

Infoblox Threat Defense: Predictive Intelligence

Coming Soon

This monitor will showcase indicators initially flagged as suspicious in customer environments that are later confirmed as malicious. It will include drill-downs to show the details of the associated indicators. Customers will easily be able to see the value of Infoblox’s early threat detection and accurate classification, highlighting the ability to provide predictive intelligence before threats fully materialize.

Infoblox Threat Defense: Asset Discovery and Asset Inventory Access

Coming Soon

Asset Discovery and Asset Inventory Access will be integrated into Threat Defense to allow for faster triage with contextual investigations. Asset Discovery will include on-prem, cloud (AWS, Azure, Google Cloud) and third-party (CrowdStrike, ServiceNow) discovery sources. On-prem discovery for NIOS is simplified with auto-configured discovery jobs for ‘NIOS Grid Connector,’ which can be enabled as needed. Threat Defense users will also benefit from unified asset threat views using Asset Workspace for a more confident response.

Quick Links for Security

Subscribe to the Infoblox Status Page to receive real-time notifications on maintenance upgrades.

ECOSYSTEM

Ecosystem: Cisco ISE

Now Available

Ecosystem support for Cisco ISE APIs has been added to enable quarantining assets identified by Threat Defense or SOC Insights threats. These threats are now shareable directly with Cisco ISE for use in their “authorization policies.” When Infoblox detects and blocks internet threats, like command-and-control attempts or DNS tunneling, Cisco ISE can immediately limit access or impose other restrictions on those assets, including internal access, external access or other limitations, until the investigation is complete. Configuration options are available to customize by network, confidence and threat level.

Ecosystem: CrowdStrike EDR

Now Available

Infoblox has added Ecosystem support with a new integration between Infoblox Threat Defense, SOC Insights and CrowdStrike. This capability enables detected threats—such as DNS-based data exfiltration, command-and-control attempts and domain-generated algorithm (DGA) activity—to be automatically sent from Infoblox to CrowdStrike. Once received, CrowdStrike can instantly quarantine the affected endpoint, stopping threats at both the network and device level.

Ecosystem: Google SecOps SIEM

Coming Soon

Infoblox now has a supported deployment guide for syslog integration with Google SecOps SIEM using the Infoblox Cloud Data Connector (CDC). This integration enables sending Infoblox IPAM asset data, threat data, and insights to the SIEM for enrichment, assessment and response. Once available, customers will be able to access the deployment guide with clear integration steps and assurance of integration support from the Ecosystem portal.

Ecosystem: Rapid7

Coming Soon

Infoblox will soon provide a supported integration with Rapid7 Network Vulnerability, allowing organizations to automatically trigger targeted vulnerability scans when high-confidence threats are detected, such as internal systems attempting to connect to known command-and-control sites, or when Infoblox DDI assigns a new IP address. This integration ensures investigations begin with up-to-date asset and vulnerability data, automating manual scans and significantly reducing mean time to resolution (MTTR). Once released, customers can access a deployment guide and receive integration support directly through the Ecosystem portal.