Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

BloxOne Threat Defense and Threat Intelligence

Reply

Local RPZ VS CSP
ahmed_elharty
New Member
Posts: 1

‎12-10-2023 02:14 AM

1378     0

i added a suspicious domain to a local block list RPZ  on my local DNS. However, my local DNS is forwarding quries to the CSP, when i check  CSP, istill see that blocked domain in the logs, even though it's supposed to be blocked on my on-premises DNS. i am wondering why the CSP is receiving the query for that domain if it's blocked.

Reply
0 Kudos

Re: Local RPZ VS CSP
Layer8
Techie
Posts: 34

‎02-15-2024 07:22 AM

1379     0

Can you validate your RPZ setting is not in log-only mode? https://docs.infoblox.com/space/nios90/280760177/Configuring+Local+RPZs

 

Also are you using NIOS Grid Connector (NGC) to forward logs?

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements

Infoblox Experts Community

You have reached the maximum number of topics allowed as a visitor. Please Login or Join the community to continue to read.

Join for free

TOPICS REMAINING

Register for unlimited browsing. Registration is FREE.

Join Community