In Case You Missed It
Last month's product updates can be found in July’s Communication.
Now Available
- Infoblox Universal DDI™ Management: Network Workspace Monitors: DNS Error Responses and DHCP Classifications
- Infoblox Universal Asset Insights: Cisco Meraki Discovery
- NIOS 9.0.7: Enterprise-Grade DDI Capabilities, Now for Everyone—Including Government Organizations
- NIOS 9.0.7: Swagger/OpenAPI Documentation for the Latest NIOS APIs
- NIOS DDI: Expanded Terraform Provider Early Access Program
- NIOS DDI: vNIOS X6 Series Cloud Platform Updates
- Infoblox Threat Defense™: Security Workspaces and Monitors
- Infoblox Threat Defense: Protection Before Impact
- Infoblox Threat Defense: Predictive Intelligence
- Infoblox Threat Defense: Asset Discovery and Asset Inventory Access
- Infoblox Threat Defense: Retrospective Detection
- Ecosystem: Google SecOps SOAR Playbooks
Coming Soon
- Infoblox Threat Defense: Detect Mode
- Ecosystem: Google SecOps SIEM
- Ecosystem: Rapid7 Nexpose Vulnerability Scanner
NETWORKING
Infoblox Universal DDI™ Management: Network Workspace Monitors: DNS Error Responses and DHCP Classifications
Now Available
The Network Workspace now has 2 additional summary monitors offering visibility and insights into the state of DNS and DHCP in your environment.
- DNS Error Responses: Offered as part of the UDDI Reporting token entitlement, this summary monitor reports the number of DNS Responses classified by error state (i.e. NXDOMAIN, SERVFAIL, etc.). Detailed drill-downs showing actionable data are available by clicking on each of the DNS Response types.
- DHCP Classifications: This summary monitor shows the total number of leases that match pre-defined DHCP classifications. Among these insights are Stale Reservations, Rapid Requests, Rogue Assignments and Stale Fixed Addresses. Clicking any of the classifications presents a list of leases that match this criteria.
Infoblox Universal Asset Insights: Cisco Meraki Discovery
Now Available
Infoblox Universal Asset Insights now supports automated discovery of assets in Cisco Meraki environments. This integration provides comprehensive visibility into Meraki hardware, such as access points and switches, as well as connected client devices. It also syncs Meraki IPs and subnets to IPAM, ensuring your network data remains accurate and up to date.
NIOS 9.0.7: Enterprise-Grade DDI Capabilities, Now for Everyone—Including Government Organizations
Now Available
NIOS 9.0.7, the first release in the NIOS 9.X train to be submitted for Federal Information Processing Standards (FIPS)/Common Criteria (CC) validation, is now live. By adding support for FIPS-/ CC-mode operation, any organization—including government agencies with stringent compliance requirements—can gain industry-leading visibility, automation and control for their critical network services. Additionally, this latest release adds new performance and security enhancements for service providers and other large network operators, support for new DNS resource records and new partner integrations, all backed by a longer support life and a simpler, smoother software maintenance experience.
Compared to NIOS 8.X versions, the latest NIOS release is 1.5 times faster, 3 times simpler and includes more than 100 new enhancements. For more details, see the blog: NIOS 9.0.7: Enterprise-Grade DDI, Now for Everyone.
NIOS 9.0.7: Swagger/OpenAPI Documentation for the Latest NIOS APIs
Now Available
We’re making it easier for developers to integrate third-party software and automate NIOS DDI deployments. Last month, we announced support for OpenAPI (Swagger) specifications for Infoblox NIOS WAPI endpoints running NIOS 9.0.6. Now, we’ve extended Swagger support to both the latest NIOS release, NIOS 9.0.7, as well as previous NIOS releases 9.0.1, 9.0.2 and 9.0.3.
Developers using any recent NIOS version can now explore and test the newest features in NIOS APIs directly from their browser using Swagger UI, without having to write a line of code. They can access pre-compiled OpenAPI specifications for all NIOS APIs using interactive API documentation with references that automatically update with new versions. They can browse API endpoints, request/response models and examples, and use automated workflows to simplify API integrations and DevOps processes.
For more information, see NIOS Swagger UI Documentation and the NIOS Swagger GitHub Repository.
NIOS DDI: Expanded Terraform Provider Early Access Program
Now Available
Infoblox continues to expand infrastructure-as-code (IaC) capabilities for DevOps-centric customers seeking to automate NIOS configurations. NIOS already supports a Terraform provider. Now, we’re empowering customers to do even more with Terraform automation. We recently added Swagger support for NIOS and the ability to auto-generate both the Go-SDK and Terraform provider from OpenAPI specifications of the Infoblox Restful APIs. These expanded capabilities will enable high-velocity and low-effort automation for customers.
Expanded Terraform automation capabilities will be released for general availability later this year. For customers who want to try them out now, an early access program (EAP) is now open. To register for the EAP, complete the registration form.
NIOS DDI: vNIOS X6 Series Cloud Platform Updates
Now Available
We’ve released updated specifications for using smaller vNIOS instance sizes in AWS, Microsoft Azure, VMware and now, Google Cloud. NIOS 9.0.7 is now qualified on new Google Cloud N4 instances designed for flexibility and cost optimization. Customers can right-size their cloud spend without sacrificing performance.
Quick Links for Universal DDI
Quick Links for NIOS DDI
Subscribe to the Infoblox Status Page to receive real-time notifications on maintenance upgrades.
SECURITY
As part of Infoblox’s security announcement earlier this month, we are releasing new and enhanced Protective DNS capabilities to preempt sophisticated AI-driven attacks. We are also extending flexible, token-based licensing to Infoblox Threat Defense™ to simplify procurement and drive clearer ROI. These new innovations provide better visibility, present actionable insights and deliver clear metrics on preemptive protection. Read on to learn more about the product updates or check out the launch blog: Infoblox Unveils a Radically Advanced Threat Defense to Preemptively Protect Your Entire Infrastructure Against Sophisticated and AI-Driven Attacks.
Infoblox Threat Defense™: Security Workspaces and Monitors
Now Available
We are introducing Security Workspaces and Monitors, a powerful new addition designed to streamline threat visibility and accelerate security workflows. This includes two new sub-workspaces for viewing key security metrics related to threats and assets.
- Unified Threat View: Gain a holistic, correlated view of threats across your environment, helping you better understand impact, prioritize risks and drive operational efficiency.
- Key Security Metrics: Easily view key metrics on security workspaces including threats blocked, threats allowed, threats by level, first to detect and bandwidth savings.
- Visibility into At-Risk Assets: Identify assets driving the most threat activity. View breakdowns by threat class, threat level, location and more to help pinpoint unusual activity and better prioritize your response.
- Streamlined Workflows: See how centralized, intuitive access to critical security data can elevate your threat investigation speed and decision-making confidence.
Drill-downs are also available for each of these monitors, showing details, such as the number of attempts, threat class and last detected timestamp, letting users see what’s happening in their environment and fine-tune policies accordingly.
Threat Defense preemptively blocks malicious, high-risk and unwanted traffic, leading to optimized performance, lower infrastructure costs and improved overall network efficiency. The bandwidth savings monitor enables you to easily see these savings quantified by threat type.
Infoblox Threat Defense: Protection Before Impact
Now Available
The Protection Before Impact feature helps customers understand the time advantage of Infoblox’s early detection in staying ahead of threats. It highlights the average number of days Infoblox proactively blocked threats before users ever accessed the associated domains. It includes two metrics:
- Infoblox Time Advantage: Highlights how much sooner Infoblox identified an indicator before the rest of the industry.
- Protection Time Advantage: Highlights how much sooner Infoblox identified an indicator before it was first detected in a customer environment.
Infoblox Threat Defense: Predictive Intelligence
Now Available
This monitor showcases indicators initially flagged as suspicious in customer environments that are later confirmed as malicious. It includes drill-downs to show the details of the associated indicators. Customers can now easily see the value of Infoblox’s early threat detection and accurate classification, highlighting the ability to provide predictive intelligence before threats fully materialize.
Infoblox Threat Defense: Asset Discovery and Asset Inventory Access
Now Available
Asset Discovery and Asset Inventory Access are now integrated into Threat Defense to allow for faster triage with contextual investigations. Asset Discovery includes on-prem, cloud (AWS, Azure, Google Cloud) and third-party (CrowdStrike, ServiceNow) discovery sources. On-prem discovery for NIOS is simplified with auto-configured discovery jobs for ‘NIOS Grid Connector,’ which can be enabled as needed. Threat Defense users also benefit from unified asset threat views using Asset Workspace for a more confident response.
Infoblox Threat Defense: Retrospective Detection
Now Available
Retrospective Detection is a new insight on SOC Insights that retrospectively detects if any newly classified malicious domains were allowed access in a customer’s environment over the last 30 days, before they were known to be malicious. This allows SOC teams to be aware of such access in their environments and to monitor the assets involved to take appropriate action as needed.
Infoblox Threat Defense: Detect Mode
Coming Soon: August 16
Threat Defense (TD) Detect Mode eliminates technical challenges that IT or network architects often face when trying to prove the value of the Threat Defense product without redirecting external queries to the cloud for resolution. This allows security teams to learn the value of Protective DNS practices with Threat Defense without infrastructure changes. Detect Mode is available on all supported Infoblox NIOS versions and works by forwarding DNS query/response logs (not queries) to Threat Defense in the cloud for full threat detection capability. Any detected threats and context can then be sent to SOC tools, such as SIEM/SOAR, for investigation and response.
Quick Links for Security
Subscribe to the Infoblox Status Page to receive real-time notifications on maintenance upgrades.
ECOSYSTEM
Ecosystem: Google SecOps SOAR Playbooks
Now Available
Infoblox Threat Defense now has a supported integration with Google SecOps SOAR to deliver a unified, automated and intelligence-driven approach to modern security operations. By combining deep network visibility with powerful analytics and orchestration, organizations can detect threats earlier and respond faster and in a more automated way to reduce operational overhead. This joint solution enables security teams to stay ahead of evolving threats while maximizing the value of their existing investments. This new integration leverages Infoblox Cloud APIs to share Threat Defense, DNS, DHCP, SOC Insights and security event logs with Google SecOps and comes with a set of playbooks on how to use Infoblox to enhance visibility, streamline triage and case management, and improve threat containment and prioritization.
Ecosystem: Google SecOps SIEM
Coming Soon
Infoblox has worked with Google Security Operations SIEM (SecOps) to fully update event parsing. Our partnership has produced a supported deployment guide for syslog integration with Google SecOps SIEM using the Infoblox Cloud Data Connector (CDC). This integration will enable sending Infoblox IPAM asset data, threat data and insights to the SIEM for enrichment, assessment and response. Once available, customers will be able to access the deployment guide with clear integration steps and assurance of integration support from the Ecosystem portal.
Ecosystem: Rapid7 Nexpose Vulnerability Scanner
Coming Soon
Infoblox will soon provide a supported integration with Rapid7 Nexpose Network Vulnerability Scanner, allowing organizations to automatically trigger targeted vulnerability scans when high-confidence threats are detected, such as internal systems attempting to connect to known command-and-control sites or when Infoblox DDI assigns a new IP address. This integration can also ensure investigations begin with up-to-date asset and vulnerability data, automating manual scans and significantly reducing mean time to resolution (MTTR). In addition, this integration enables automatic detect and scan of any new device as soon as it receives a DHCP lease from Infoblox. No manual effort needed—your network stays continuously discovered and protected, even as new endpoints come online. Once released, customers can access a deployment guide and receive integration support directly through the Ecosystem portal.
