02-19-2023 02:58 AM
I was wondering if we can install any type of EDR / Antivirus agents like symantec, kaspersky, or crowdstrike on the NIOS 8.3 vitual appliance itself, since it is linux based ? and if so, what is the linux kernal or distro the NIOS virtual appliance is based on so we can chose the correct agent ?
I would appreciate your help on the matter if anyone encountered a similar situation.
Solved! Go to Solution.
02-21-2023 11:29 AM
Thank you for your inquiry. The response to your question is no, there is no provision for customers adding anything into Infoblox NIOS as it is a closed system.
Infoblox is currently offering NIOS 8.6.2. and has a variety of DNS, DHCP and IPAM (DDI)-integrated security solutions available to help you secure your infrastructure including Advanced DNS Protection (ADP), BloxOne® Threat Defense, TIDE, Dossier, and Cybersecurity Ecosystem.
Advanced DNS Protection automatically detects and stop DNS attacks and protect your network against the widest range of DNS attacks for maximum uptime. With Infoblox Advanced DNS Protection, your business is always up and running, even under a DNS-based attack. Infoblox ADP blocks the widest range of attacks, such as volumetric attacks, NXDOMAIN, exploits and DNS hijacking. Unlike approaches that rely on infrastructure overprovisioning or simple response-rate limiting, ADP intelligently detects and mitigates DNS attacks while responding only to legitimate queries by using constantly updated threat intelligence, without the need to deploy security patches. Infoblox ADP enables you to:
* Reduce business disruptions, even while under attack
* Maintain DNS integrity
* Adapt to evolving threats
* Gain clear visibility into all DNS and network operations
BloxOne® Threat Defense includes Infoblox’s Ecosystem Exchange (noted below) to help accelerate incident response, remove silos, achieve near real-time visibility, and gain critical forensic insights and network data on incidents . BloxOne Threat Defense taps into DDI data for such valuable network context on incidents, automatically shares it with the broader security ecosystem and triggers automated responses to security events.
Infoblox TIDE and Dossier™ use highly accurate machine-readable threat intelligence data via a flexible Threat Intelligence Data Exchange (TIDE) to aggregate, curate, and enable distribution of data across a broad range of infrastructures.
TIDE enables organizations to ease consumption of threat intelligence from various internal and external sources, and to effectively defend against and quickly respond to cyberthreats. TIDE is backed by the Infoblox threat intelligence team that normalizes and refines high-quality threat intelligence data feeds. Infoblox TIDE has powerful REST API. The API allows to access indicators of compromise in TIDE database in formats like json, xml, stix, cef, cvs, etc. This allows easily do integrations with other solutions without additional transformation/mediation layers. SIEM, NGFW, SWG are good examples where the indicators can be applied to improve overall security in an organization.
Dossier™ is a threat indicator research tool that gives contextual information from a dozen sources (including TIDE) simultaneously, empowering users to make accurate decisions quicker and with greater confidence.
Cybersecurity Ecosystem offers a highly interconnected set of integrations that enable security teams to eliminate silos, optimize their security orchestration automation and response (SOAR) solution and improve the ROI of their entire cybersecurity ecosystem. It reduces the time and cost of threat response through enhanced automation and real-time, two-way data sharing across the ecosystem enabled by extensive APIs.
For more information on Infoblox’s NIOS core network platform and security solutions, please contact your Infoblox account team, Solution Architect, or visit us online at Infoblox.com.
We hope you find this information helpful. Thank you again for your inquiry.
Principal Product Marketing Manager
Infoblox NIOS DDI & Value-Added Services
M: +1 360.584.8360 | My I.D.TM is 7553<>
Secure, Cloud-First Network Experience
[Shape Description automatically generated with medium confidence]