Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API & Integration, DevOps,NetOps,SecOps

Reply

INFOBLOX & EXTREME NETWORK INTEGRATION TEMPLATES, DEPLOYMENT GUIDE & DEMO VIDEO.

Moderator
Moderator
Posts: 69
2554     0

Hello,

 

Infoblox and Extreme Networks now have a new integration that allows customers to share data on devices to help prioritize threats. This integration allows customers to break silos between network and security tools and improve ROI on existing security investments.

Benefits:

  • Context for prioritization of threats to revoke access to devices with information shared between platforms, which in turn reduces administrative tasks.
  • Eliminates silos between network and security tools to automatically authenticate assets and manage devices across vendors for a complete network picture.
  • Improved ROI on existing security investments through automation and product teamwork to remove threat actors as they are found.

Overview:

Asset Use Case: Infoblox manages and discovers new devices on the network. These devices and information about these devices are shared with Extreme Network Management Center. Extreme Networks can then use preset policies to manage the devices network access.

Security Use Case: Infoblox discovers incidents of DNS firewall hits, DNS exfiltration/tunneling/ infiltration, and DDoS/DoS attacks. Infoblox shares the devices that triggered these security events with Extreme Network Policy Manager enabling Extreme Networks to manage the device network access based on preset polices.

 

 

 

 

In the attached documents you will find txt format templates for the Extreme Networks Management Center integration. The templates are provided as-is and with no actual or implied warranties. The templates should be tested in your lab environment and modified as needed before implementing them into production.

 

The templates require extensible attributes described in the table below. It is recommended to inherit attributes with the default values from the network view level.

Extensible Attributes Description

Extensible Attributes Description

XMC_End_System_Group

Custom field. Determines the End-System Group to add assets to for non-security events.

XMC_Location

Custom field. Determines the location field for the Extreme Networks End- System Entry custom field upon creation.

XMC_RemediateGroup

Custom field. Determines the End-System Group to add assets to for security events

XMC_RemediateOnEvent

True or False. Defines if security event or log should be added to Extreme Networks.

XMC_RemediatedAt

Provides the last time a security event was sent to Extreme Networks.

XMC_Sync

True or False. Defines if devices should be updated/added to End-System

XMC_SyncAt

Provides the last time an asset was added/modified on Extreme Networks.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Demo: Infoblox IPAM plug-in integration with OpenStack Newton