From an Infoblox perspective, it's interesting because it is pretty much about dedicated security-focused customers who are looking for advanced technology. It wouldn't be suitable for a customer who hasn't addressed their web security or firewall needs. So it's mainly targeted toward larger enterprise customers, and there are only a handful of the customers who are for Infoblox in New Zealand.
Security Engineer at a energy/utilities company with 501-1,000 employees
Real User
Top 20
2022-11-23T20:46:00Z
Nov 23, 2022
BloxOne is the first layer of the onion. The first layer is DNS, which is the easiest place to block something. That's what the CSP does. We have a couple of block lists with domains to screen out. The simplest way to stop a TLS tunnel from your organization is to prevent them from resolving the IP address. If they honestly try to make a TLS connection to an IP address, it's going to get bucked straight away. It's a cloud service. We don't have an agent. Our on-prem DNS servers reach out to the CSP.
Virtualization/Datacenter Engineer at a healthcare company with 10,001+ employees
Real User
2021-10-19T17:45:00Z
Oct 19, 2021
It looks at all our DNS queries and activity going out of the company. Anytime that someone is looking up CNN or something like that, this cloud solution looks at it and decides if it's a known spam, malware, virus, or phishing site. If it is any of those things, it will just simply not allow the DNS query. So, it is a great addition to our firewall and network security. It is just another layer. Why let the PC go to the bad website or access the bad IP address when it can just block it right there in the DNS? That is basically what it is doing. What makes it fancy is its updates and live algorithm. It can continually stop all our DNS queries that we don't want. We do everything in the cloud. We send all our information to their cloud solution, then it does all our filtering and protection.
We were already an Infoblox customer for IP address management, DNS, and DHCP and we decided to beef up our security in another avenue as far as the company and its network. So this is one area we got into with Infoblox because of their DNS security. I previously worked for another company in Boston that was an Infoblox customer, and on DNS security originally you had to set up a connection with Infoblox. The threat feeds that analyze the traffic, the customer had to receive those feeds. This is some years back when they first got into this. So now, with Pegasystems we're doing the same thing, however, Infoblox is doing this in the cloud, which is infinitely better for a customer like us, meaning that they take in all the threat information and analyze our traffic. All we have to do is set up normal connections to the internet. It's like talking to another website. There's firewall security involved, but that's the most important thing for analyzing Infoblox, the fact that they provide this service out on the internet, in the cloud, is huge for us because they have the ability to synthesize a number of different sources for DNS security, put it in their secret sauce in their portal, and all we have to do is communicate with it and then they inspect our traffic. That is the most important thing for us as a customer. I realize that other companies do that as well, but because Infoblox is an important part of our network infrastructure it makes a lot of sense to do our DNS security with Infoblox. We're also a Palo Alto Firewall customer, and we have traffic that goes out to the internet. All of our traffic going out to the internet gets inspected by Palo Alto firewalls. They have a similar service, but we chose to partner with Infoblox because they're already in the DNS arena and have been for a number of years.
Learn what your peers think about Infoblox BloxOne Threat Defense. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Network Engineer at a recruiting/HR firm with 10,001+ employees
Real User
2021-08-26T23:20:00Z
Aug 26, 2021
We use BloxOne for their threat defense product, where basically it acts as a firewall in DNS traffic. So, if a domain has malware on it, it can intercept that even before it gets to our firewall. We don't give any response to dangerous domains. It is web-based. So, we have the current version. It connects to their traditional Infoblox application. Those traditional applications have to basically point to forward to request to BloxOne.
Senior Network Architect at a university with 10,001+ employees
Real User
2021-07-18T11:45:00Z
Jul 18, 2021
BloxOne is for DNS protection. We point our local domain name servers to it and it has a feed for "bad character" domain names. We protect our end-users that way. The way we're using it, that's all it does. It fits in somewhere in the middle of our security stack. DNS is the most important part of networking. Not so many people see it that way, but if you can't resolve, say, "cnn.com", nothing works. If your DNS doesn't work correctly, nothing is going to work correctly on your network. It is one of the first layers that comes into play when going to a website or using email. It's a SaaS solution, a service that InfoBlox provides. All the systems are run by them and they maintain it.
DNS Guru at a healthcare company with 10,001+ employees
Real User
2021-06-28T18:03:00Z
Jun 28, 2021
We use this product as our intermediate between our internal DNS servers and the split-brain model and the internet so that queries don't appear to come directly from inside our network. They're filtered through BloxOne.
Our primary use case is for all security-type query activities. So, if somebody is trying to hack or infiltrate us, that is why we use Threat Defense in the cloud. We use it to monitor queries coming in and out of our company.
Senior Pre-sales consultant at a tech services company with 11-50 employees
Consultant
2020-11-05T05:12:27Z
Nov 5, 2020
Most of the use cases are for the DNS protocols. As 90% or 91% of drivers use DNS, everybody is concerned about securing this protocol. I am not from the customer side; I am from the vendor side. I give support to various customers here in Pakistan. We have deployments with hybrid data, and we also have purely on-premises deployments.
Infoblox BloxOne Threat Defense strengthens and optimizes your security posture from the foundation up, giving you the visibility, control and automation to secure the hybrid workplace. Operating at the DNS level, BloxOne Threat Defense uncovers threats that other solutions do not and stops attacks earlier in the threat lifecycle. Through pervasive automation and ecosystem integration, it drives efficiencies in SecOps, increases the effectiveness of the existing security stack, secures...
We use the solution for DNS security.
The solution can be used for DNS security. We sold it to a bank.
From an Infoblox perspective, it's interesting because it is pretty much about dedicated security-focused customers who are looking for advanced technology. It wouldn't be suitable for a customer who hasn't addressed their web security or firewall needs. So it's mainly targeted toward larger enterprise customers, and there are only a handful of the customers who are for Infoblox in New Zealand.
BloxOne is the first layer of the onion. The first layer is DNS, which is the easiest place to block something. That's what the CSP does. We have a couple of block lists with domains to screen out. The simplest way to stop a TLS tunnel from your organization is to prevent them from resolving the IP address. If they honestly try to make a TLS connection to an IP address, it's going to get bucked straight away. It's a cloud service. We don't have an agent. Our on-prem DNS servers reach out to the CSP.
It looks at all our DNS queries and activity going out of the company. Anytime that someone is looking up CNN or something like that, this cloud solution looks at it and decides if it's a known spam, malware, virus, or phishing site. If it is any of those things, it will just simply not allow the DNS query. So, it is a great addition to our firewall and network security. It is just another layer. Why let the PC go to the bad website or access the bad IP address when it can just block it right there in the DNS? That is basically what it is doing. What makes it fancy is its updates and live algorithm. It can continually stop all our DNS queries that we don't want. We do everything in the cloud. We send all our information to their cloud solution, then it does all our filtering and protection.
We were already an Infoblox customer for IP address management, DNS, and DHCP and we decided to beef up our security in another avenue as far as the company and its network. So this is one area we got into with Infoblox because of their DNS security. I previously worked for another company in Boston that was an Infoblox customer, and on DNS security originally you had to set up a connection with Infoblox. The threat feeds that analyze the traffic, the customer had to receive those feeds. This is some years back when they first got into this. So now, with Pegasystems we're doing the same thing, however, Infoblox is doing this in the cloud, which is infinitely better for a customer like us, meaning that they take in all the threat information and analyze our traffic. All we have to do is set up normal connections to the internet. It's like talking to another website. There's firewall security involved, but that's the most important thing for analyzing Infoblox, the fact that they provide this service out on the internet, in the cloud, is huge for us because they have the ability to synthesize a number of different sources for DNS security, put it in their secret sauce in their portal, and all we have to do is communicate with it and then they inspect our traffic. That is the most important thing for us as a customer. I realize that other companies do that as well, but because Infoblox is an important part of our network infrastructure it makes a lot of sense to do our DNS security with Infoblox. We're also a Palo Alto Firewall customer, and we have traffic that goes out to the internet. All of our traffic going out to the internet gets inspected by Palo Alto firewalls. They have a similar service, but we chose to partner with Infoblox because they're already in the DNS arena and have been for a number of years.
We use BloxOne for their threat defense product, where basically it acts as a firewall in DNS traffic. So, if a domain has malware on it, it can intercept that even before it gets to our firewall. We don't give any response to dangerous domains. It is web-based. So, we have the current version. It connects to their traditional Infoblox application. Those traditional applications have to basically point to forward to request to BloxOne.
BloxOne is for DNS protection. We point our local domain name servers to it and it has a feed for "bad character" domain names. We protect our end-users that way. The way we're using it, that's all it does. It fits in somewhere in the middle of our security stack. DNS is the most important part of networking. Not so many people see it that way, but if you can't resolve, say, "cnn.com", nothing works. If your DNS doesn't work correctly, nothing is going to work correctly on your network. It is one of the first layers that comes into play when going to a website or using email. It's a SaaS solution, a service that InfoBlox provides. All the systems are run by them and they maintain it.
We use this product as our intermediate between our internal DNS servers and the split-brain model and the internet so that queries don't appear to come directly from inside our network. They're filtered through BloxOne.
We use it for DNS, DHCP, IPAM in general, and DNS Threat Defense. I administrate the DDI feature set. We use Azure and AWS as our cloud providers.
Our primary use case is for all security-type query activities. So, if somebody is trying to hack or infiltrate us, that is why we use Threat Defense in the cloud. We use it to monitor queries coming in and out of our company.
Most of the use cases are for the DNS protocols. As 90% or 91% of drivers use DNS, everybody is concerned about securing this protocol. I am not from the customer side; I am from the vendor side. I give support to various customers here in Pakistan. We have deployments with hybrid data, and we also have purely on-premises deployments.
We use this solution for DNS defense, against DNS tunneling and data exfiltration.
The solution is primarily used for protecting DNS and customers from malware.
Our primary use case for Infoblox is to ensure DNS security.