Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

BloxOne Threat Defense and Threat Intelligence

Reply

B1TD and NIOS Reporting integration

Techie
Posts: 3
560     1

For a deployment where on-prem NIOS DNS members are forwarding queries to B1TD using DFP - and all analysis and action is being done in the B1TD cloud ...

 

Is there any real benefit to integrating the on-prem NIOS Reporting server with B1TD?

Assuming this is possible with the Data Connector?

 

Or is it just better/easer to use the B1TD CSP reporting to review events processed by B1TD, and on-prem NIOS Reporting for general on-prem DNS reporting?

 

I'm trying to figure out if it's worth integrating or not!

-Kier.

Re: B1TD and NIOS Reporting integration

Superuser
Posts: 105
561     1

i think it depends on your needs. if you want to consolidate the data between cloud and onprem so you can correlate the data from NIOS and the b1td event. or if you want to have a longer data retention you can integrate the b1td logs to nios reporting since you will only about 1 month data retention in csp CMIIW and so on. but again if you think all the data provided by csp portal is enough then you can decide not to integrate it. 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

AI Powered DNS FIrewall - A Webinar Presentation by Dr. Bin Yu, Chief Data Scientist, Infoblox