Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Freeware & Evaluations


How can I see the malware activity on my network?

Posts: 26
3086     0

Once you have provisioned the

Not applicable
Posts: 5
3087     0

Once you have provisioned the vApp in your enviornment and spanned the switch port of your production DNS server to the DNS Firewall, it will start seeing the outgoing DNS queries from your network. If any of the queries registers a "hit" with the list of known bad domains (or IP addresses) tracked by the DNS firewall, you will see a corresponding RPZ log entry on the DNS firewall logs. Trace of the malware activity will also be captured by the reporting appliance. Over time (in a few hours or so) a report of the Top RPZ hits as well as Top Infected clients will be available to you when you log into the DNS firewall. 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You