In this top trending article, we focus on the Limited Deployment of NIOS 7.2.201
INTRODUCTION Infoblox NIOS 7.2.200-LD is a Limited Deployment (LD) software release that introduces DNS Threat Analytics as part of the Infoblox Internal DNS Security solution. To mitigate DNS data exfiltration, DNS Threat Analytics employs analytics algorithms to detect DNS tunneling traffic by analyzing incoming DNS queries and responses. These algorithms are developed through an extensive study and analysis of sample DNS statistics within which DNS tunneling data is identified by algorithms that cannot be detected by normal rules and signatures.
This release also adds new DNS tunneling detection rules and reports. DNS tunneling detection rules are implemented to further protect your network from DNS data exfiltration. Some of these rules detect signature-based payload encoding techniques, such as Base32, Base64 and suspicious label lengths, commonly used by tunneling products such as OyzmanDNS, SplitBrain, Iodine, DNS2TCP, TCP-Over-DNS, and others. The DNS tunneling reports gather and display DNS tunneling data so you can track abnormal DNS traffic.
For more information about the new features, see SUPPORTED FEATURES on page 7.
NIOS 7.2.200-LD offers advanced access to new features ahead of the next major release for customers who have an active Infoblox Support maintenance contract in place. LD releases are available and supported until the next major release becomes available. All features in the LD release will then become part of the major release.
NOTE: LD releases have limited lifecycles. Support and maintenance for each LD release end when the next major release becomes available. If you implement NIOS 7.2.200-LD, be prepared to upgrade to NIOS 7.3.0 when it becomes available in order to continue receiving support and maintenance for features offered in this release. If you are currently under an active Infoblox Support maintenance contract, you can download the NIOS 7.2.200-LD software from the Infoblox Support web site at https://support.infoblox.com. Ensure that you select the “Limited Deployment” option on the Downloads page.
Please note the following: NIOS 7.2.200-LD is not supported on the following appliances: IB-250, IB-250-A, IB-500, IB-550, IB-550-A, IB-1000, IB-1050, IB-1050-A, IB-1550, IB-1550-A, IB-1552, IB-1552-A, IB-1852-A, IB-2000, IB-2000-A, IB-VM-250, IB-VM-550, IB-VM-1050, IB-VM-1550, IB-VM-1850, IB-VM-2000, and Trinzic Reporting TR-2000 and TR-2000-A series appliances. You cannot upgrade to NIOS 7.2.x on these appliances. See UPGRADE GUIDELINES on page 11 for additional upgrade information.
RESOLVED ISSUES The following issues were reported in previous NIOS releases and resolved in this release. The resolved issues are listed by severity. For descriptions of the severity levels, refer to Severity Levels. Fixed in 7.2.201-LD ID Severity Summary DNST-442 Major DNS Threat Analytics: Grid Manager did not show the Analytics tab when users configured IB-VM-2220 and IB-VM-2210 appliances as Grid Members.
DNST-444 Major DNS Threat Analytics: Users could not use the following CLI commands: dnst.min.fqdn.payload,dnst.min.series.size, dnst.max.interval.second, and dnst.min.text.payload.
DNST-446 Major DNS Threat Analytics: The appliance failed to detect DNS traffic based on the DNST parameter values.Workaround: You must stop and start the analytics service on the appliance for the DNST parameter values to take effect