Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Trending KB Articles


Support Central: KB #4424: NIOS 7.2.201 Limited Deloyment Release

In this top trending article, we focus on the Limited Deployment of NIOS 7.2.201


Infoblox NIOS 7.2.200-LD is a Limited Deployment (LD) software release that introduces DNS Threat Analytics as part of the Infoblox Internal DNS Security solution. To mitigate DNS data exfiltration, DNS Threat Analytics employs analytics algorithms to detect DNS tunneling traffic by analyzing incoming DNS queries and responses. These algorithms are developed through an extensive study and analysis of sample DNS statistics within which DNS tunneling data is identified by algorithms that cannot be detected by normal rules and signatures.


This release also adds new DNS tunneling detection rules and reports. DNS tunneling detection rules are implemented to further protect your network from DNS data exfiltration. Some of these rules detect signature-based payload encoding techniques, such as Base32, Base64 and suspicious label lengths, commonly used by tunneling products such as OyzmanDNS, SplitBrain, Iodine, DNS2TCP, TCP-Over-DNS, and others. The DNS tunneling reports gather and display DNS tunneling data so you can track abnormal DNS traffic.


For more information about the new features, see SUPPORTED FEATURES on page 7.

NIOS 7.2.200-LD offers advanced access to new features ahead of the next major release for customers who have an active Infoblox Support maintenance contract in place. LD releases are available and supported until the next major release becomes available. All features in the LD release will then become part of the major release.


NOTE: LD releases have limited lifecycles. Support and maintenance for each LD release end when the next major release becomes available. If you implement NIOS 7.2.200-LD, be prepared to upgrade to NIOS 7.3.0 when it becomes available in order to continue receiving support and maintenance for features offered in this release.
If you are currently under an active Infoblox Support maintenance contract, you can download the NIOS 7.2.200-LD software from the Infoblox Support web site at Ensure that you select the “Limited Deployment” option on the Downloads page.


Please note the following:
NIOS 7.2.200-LD is not supported on the following appliances: IB-250, IB-250-A, IB-500, IB-550, IB-550-A, IB-1000, IB-1050, IB-1050-A, IB-1550, IB-1550-A, IB-1552, IB-1552-A, IB-1852-A, IB-2000, IB-2000-A, IB-VM-250, IB-VM-550, IB-VM-1050, IB-VM-1550, IB-VM-1850, IB-VM-2000, and Trinzic Reporting TR-2000 and TR-2000-A series appliances. You cannot upgrade to NIOS 7.2.x on these appliances. See UPGRADE GUIDELINES on page 11 for additional upgrade information.

The following issues were reported in previous NIOS releases and resolved in this release. The resolved issues are listed by severity. For descriptions of the severity levels, refer to Severity Levels.
Fixed in 7.2.201-LD
ID                           Severity                                           Summary
DNST-442              Major             DNS Threat Analytics: Grid Manager did not show the Analytics tab  when users configured IB-VM-2220 and IB-VM-2210 appliances as Grid Members.


DNST-444              Major               DNS Threat Analytics: Users could not use the following CLI           commands: dnst.min.fqdn.payload,dnst.min.series.size, dnst.max.interval.second, and dnst.min.text.payload.


DNST-446              Major               DNS Threat Analytics: The appliance failed to detect DNS traffic based on the DNST parameter values.Workaround: You must stop and start the analytics service on the appliance for the DNST parameter values to take effect

Showing results for 
Search instead for 
Did you mean: