Skip to content

Infoblox Acquires IID, Combining Threat Intelligence with Network Context to Deliver Uniquely Actionable Security Insights

Removes obstacles to effective protection, without requiring major infrastructure investments

Infoblox Inc. (NYSE:BLOX), the network control company, today announced the acquisition of privately held IID, a leader in global cyberthreat intelligence. The acquisition of IID makes Infoblox the first enterprise-grade DDI vendor that combines contextual network data with federated threat intelligence and a dedicated threat research team, to provide context-aware security using infrastructure that customers already have in place. Infoblox paid $45 million in cash, subject to customary adjustments, to the former IID stockholders as consideration for the transaction.

Today, many organizations are mired in confusion when it comes to securing their networks and broader IT infrastructure. Threat intelligence services give warnings, but don’t provide a path for translating that information into action. Monitoring systems warn of malicious activity within a network, but don’t give clarity on where to find infected devices, user information, and other metadata. Most important, network and security administrators are drowning in data and alerts, with no easy way to prioritize effective and timely threat response.

Infoblox is the industry leader in managing DNS, DHCP, and IP addressesthe category known as DDI. These services are uniquely at the center of every network, making it possible for Infoblox to spot suspicious activity, instantly block outbound communications to malicious destinations, and prevent exfiltration of intellectual property, customer information, and other sensitive data. The security solutions offered by Infoblox today are designed to complement and work with other security products, meeting the emerging customer demand for integrated heterogeneous security ecosystems.

With the addition of IID’s ActiveTrust federated threat intelligence and big-data analytics platform to Infoblox security solutions, organizations can get true context-aware securityharnessing real-world data from an organization’s IT infrastructure to improve the accuracy and relevance of security decisions.

“Life in enterprise networking and security is changing too fast, and it’s no longer enough to have set-and-forget perimeter protection,” said Simran Sandhu, manager of network infrastructure at Adobe Systems. “Adobe is a customer of both Infoblox and IID, so we’re excited about how this acquisition can create a single platform for greater integration between devices, firewalls, network insights, and threat intelligence in an open ecosystem.”

The combined solution can greatly improve operational control, allowing network and security teams to easily prioritize threat response at scale, based on enterprise context and risk. Also, Infoblox can now go beyond helping protect on-premise devices to help protect company-managed devices that are off-premise.

“By bringing together the deep and very rich threat intelligence from IID with the context and the central control point that Infoblox has in the network through our DDI services, we can deliver a unique value proposition to our customers and the partners that resell our products,” said Jesper Andersen, president and chief executive officer of Infoblox. “Infoblox and IID are also both committed to the emerging standards for automated sharing of threat intelligence information that will help extend our ecosystem.”

Last year, Infoblox and IID partnered in creation of the Infoblox DNS Threat Index, a quarterly report tracking the growth of malicious domains created by cybercriminals.

“Many organizations today are seeking holistic, end-to-end integrated cybersecurity solutions, composed of the optimal technologies, people, and processes,” said Dan Burns, chief executive officer of Optiv, the largest pure-play cybersecurity solutions provider in North America. "The IID acquisition gives Infoblox the opportunity to provide a differentiated offering that integrates threat information with infrastructure context, and position itself as a more valuable part of the security ecosystem. We look forward to working with Infoblox and IID to deliver effective solutions that meet our clients’ needs.”

IID (, based in Tacoma, Washington, collects threat data from thousands of trusted sources including law-enforcement agencies, Internet infrastructure providers, and open-source providers. IID’s threat research team verifies, enhances, and aggregates this data to create clear, high-quality machine-readable threat intelligence (MRTI) that is compatible with automation standards such as STIX and TAXII. This consolidated threat intelligence is distributed to more than 100 customers, among them dozens of Fortune 500 companies and U.S. government agencies, including Microsoft and the U.S. Department of the Treasury. In 2014, IID was one of just five companies named in Gartner’s “Cool Vendors in Security Intelligence” report.

“Enterprise security teams have a difficult time putting threat intelligence into operation,” said Lars Harvey, chief executive officer of IID. “It’s challenging to get machine-readable threat intelligence in formats that are usable, and even harder to directly integrate threat intelligence with devices on the network. The combination of IID with Infoblox puts all these pieces in one package, helping enable enterprises to go from threat discovery to enforcement and mitigation within seconds.”

IID co-founders Lars Harvey and Rod Rasmussen will become members of the Infoblox management team. Infoblox also expects that most IID employees will join Infoblox, including the threat intelligence and engineering teams.

Conference Call and Webcast to Discuss IID Acquisition

Infoblox will host both a conference call and live audio webcast with slides to discuss the transaction today, February 8, at 2 p.m. PST/5 p.m. EST. To access the call, dial (800) 230-1085 (domestic) or (612) 288-0329 (international) at least 10 minutes prior to the scheduled start of the call. A live webcast of the call will also be available on the corporate website at An archive of the webcast will be available on the company’s website, and a taped replay of the conference call will be available for one week at 800-475-6701 (domestic) or 320-365-3844 (international), access code 385184.

About Infoblox

Infoblox (NYSE:BLOX) delivers critical network services that protect Domain Name System (DNS) infrastructure, automate cloud deployments, and increase the reliability of enterprise and service provider networks around the world. As the industry leader in DNS, DHCP, and IP address management, the category known as DDI, Infoblox ( reduces the risk and complexity of networking.

Forward-looking and Cautionary Statements—Infoblox

All statements in this release that are not statements of historical fact, including but not limited to the quotations attributable to Messrs. Andersen and Harvey, the expected benefits of and capabilities enabled by the transaction and the statements regarding IID personnel expected to join the Company, are forward looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. These statements involve risks and uncertainties that could cause our actual results to differ materially, including, but not limited to: whether we will successfully integrate IID and achieve the expected benefits of the acquisition; unexpected delays in the delivery of our solutions, particularly at the end of the quarter; changes in demand for network control solutions; the market acceptance of our products; the fluctuations in our gross margins; the concentration of our customer base; competitive developments including pricing pressures; our ability to manage operating expenses effectively; and the general economic, industry or political conditions in the United States or internationally. For a detailed discussion of these and other risk factors, please refer to our filings with the Securities and Exchange Commission, which are available on our investor relations Web site ( and on the SEC’s Web site All information provided in this release is as of February 8, 2016, and stockholders of Infoblox are cautioned not to place undue reliance on our forward-looking statements, which speak only as of the date such statements are made. Infoblox does not undertake any obligation to publicly update any forward-looking statements to reflect events, circumstances or new information after this February 8, 2016 press release, or to reflect the occurrence of unanticipated events.

Back To Top