ActiveTrust Cloud | DDI (Secure DNS, DHCP, and IPAM) | Infoblox
Select Page

Already an ActiveTrust® Cloud Customer?

Already an ActiveTrust® Cloud Customer?

PROTECT DEVICES EVERYWHERE – ON THE PREMISES, ROAMING, OR IN BRANCH OFFICES

Prevent DNS-based Data Exfiltration, Detect Malware Early, Deny Access to Objectionable Content and Gain Visibility

PROTECT DEVICES EVERYWHERE – ON THE PREMISES, ROAMING, OR IN BRANCH OFFICES

Prevent DNS-based Data Exfiltration, Detect Malware Early, Deny Access to Objectionable Content and Gain Visibility

“In this day and age there is way too much ransomware, spyware, and adware coming in over links opened by Internet users. The Infoblox cloud security solution helps block users from redirects that take them to bad sites, keeps machines from becoming infected, and keeps users safer.”

Ron Washburn, Senior System Administrator and Network Engineer

Today’s workforce is increasingly mobile and the number of employees working from multiple and remote locations is rising. According to a recent remote and mobile user study, 70% of organizations are concerned with data loss when users are off the network and 75% worry that malware will infiltrate the network due to increase in roaming or off-network access.

Infoblox ActiveTrust Cloud blocks DNS based data exfiltration, stops malware communications with command-and-control servers, automatically prevents access to content not in compliance with policy, and shares intelligence with your existing security infrastructure for orchestration and faster remediation. The solution provides these benefits using automated, high-quality threat intelligence feeds, behavioral analytics, and machine learning to catch even zero-day threats. Delivered as a service, it is easy to use, deploy, and maintain without dedicated IT resources. It provides rapid time to value and enables unified policy management and reporting for on-premises/cloud hybrid deployments. It protects devices everywhere and is ideal for organizations who want to consume services from the cloud, or are concerned with extending protection to remote/branch offices.

With Infoblox ActiveTrust® Cloud, your security teams can:

  • Reduce risk by preventing compromised devices from communicating with malicious Internet destinations
  • Prevent DNS-based data exfiltration that other systems can’t detect
  • Prevent access to objectionable content
  • Improve efficiency of threat intelligence and investigation; take action in minutes not hours
  • Gain deep visibility into infections by unlocking on-premises network context
  • Accelerate remediation using ecosystem integrations and APIs

ActiveTrust® Cloud is available in two tiers:

 

ActiveTrust® Cloud Standard ActiveTrust® Cloud Plus
Recursive DNS Firewall (RPZ Zone) Threat Intel Feeds Standard (6 reputation datasets)

  • Base
  • Anti-malware
  • Ransomware
  • Bogon
  • Automated Indicator Sharing (AIS) data (2)
Threat Intel Feeds Standard (6) + Advanced (7) + SURBL (3)

  • Base, anti-malware, ransomware, bogon, AIS (2)
  • Malware IPs, Bots IPs, Exploit Kit IPs, Malware DGA hostnames, Tor Exit Node IPs, US OFAC Sanctions IPs, EECN IPs
  • SURBL Multi domains, SURBL Multi Lite, SURBL Fresh domains
Content Categorization Not included Restrict access to objectionable content in the cloud
Dossier (Threat Investigation Tool) Not included (Basic threat lookup via Cloud Services Portal only) 32,000 queries/year
Public APIs (for ecosystem)

  • Threats APIs
  • Custom list APIs
Not included

  • Included – Security events available in CEF or JSON format via Cloud APIs– with enhanced security reports
  • Ability to create custom threat feeds via Cloud APIs

Threat Insight (DNS Tunneling/Data Exfiltration, DNSMessenger,
DGA, Inline DGA, Dictionary DGA, Fast Flux)

Not Included Machine learning based analytics
TIDE Infoblox Threat Intelligence Data Exchange (TIDE) license – enabling use in third party security solutions Not included Licensed use for ONE of the following: (for use in any non-Infoblox security solution)

  • Hostnames or
  • IP Addresses or
  • URLs
Reporting Basic—malware blocked, number of hits
  • Integrated reporting with on-premises Grid, enabled by virtual Data Connector utility
  • Enhanced visibility with drill-down reports to identify exact user and device
ActiveTrust Endpoint (client agent – can be deployed using SCCM or McAfee ePO)
Included
Included
DNS Forwarding Proxy
Included
Included
Hosted Recursive DNS with
Geo-Location Response
(Using EDNS)

 Included

 Included

Prevent DNS-based Data Exfiltration that Other Systems Can’t Detect

ActiveTrust® Cloud automatically stops DNS-based data exfiltration using Threat Insight, a unique streaming analytics based solution and adds domains associated with the data exfiltration to Response Policy Zone (RPZ) blacklists.

Detect Data Exfiltration with DNS-based Analytics

Prevent DNS-based Data Exfiltration that Other Systems Can’t Detect

ActiveTrust® Cloud automatically stops DNS-based data exfiltration using Threat Insight, a unique streaming analytics based solution and adds domains associated with the data exfiltration to Response Policy Zone (RPZ) blacklists.

Detect Data Exfiltration with DNS-based Analytics

Detect Malware Early Without Any Infrastructure Changes

ActiveTrust® Cloud helps in early detection of malware without the need to deploy infrastructure everywhere. It’s DNS Firewall capability disrupts device communications with malicious destinations using advanced threat intelligence. The threat intelligence is regularly updated with malicious Internet destinations and is curated by a dedicated threat intelligence team to deliver fewer false positives.

Unified Policy Management, Analytics, and Reporting

ActiveTrust® Cloud when used in a hybrid deployment model with the on-premises ActiveTrust® solution enables administrators to seamlessly manage policy and get analytics and reporting with a complete lifecycle view of user activity, whether they are on the enterprise network or roaming. The solution also provides enriched reports with on-premises Grid data and deep visibility for prioritizing threat remediation.

Detect Data Exfiltration with DNS-based Analytics
Detect Data Exfiltration with DNS-based Analytics

Unified Policy Management, Analytics, and Reporting

ActiveTrust® Cloud when used in a hybrid deployment model with the on-premises ActiveTrust® solution enables administrators to seamlessly manage policy and get analytics and reporting with a complete lifecycle view of user activity, whether they are on the enterprise network or roaming. The solution also provides enriched reports with on-premises Grid data and deep visibility for prioritizing threat remediation.

THE INFOBLOX DIFFERENCE

Infoblox is a market-leading DDI vendor that offers a hybrid model for security—on-premises solution and/or cloud-delivered security. It provides Actionable Network Intelligence and a comprehensive solution scope to protect against various types of DNS threats including attacks, malware, and data exfiltration.

THE INFOBLOX DIFFERENCE

Infoblox is a market-leading DDI vendor that offers a hybrid model for security—on-premises solution and/or cloud-delivered security. It provides Actionable Network Intelligence and a comprehensive solution scope to protect against various types of DNS threats including attacks, malware, and data exfiltration.

KEY FEATURES

Threat Insight

Prevent DNS-based data exfiltration that other systems can’t detect; DGA and fast-flux detection

DNS Firewall/Response Policy Zones (RPZs)

Disrupt malicious DNS-based communications to C&Cs, prevent malware from propagating

Content Categorization

Prevent access to objectionable content or content not in compliance with policy

TIDE

Aggregate, curate and distribute up-to-date threat intelligence to Infoblox and broader security ecosystem

ActiveTrust® Endpoint and DNS Forwarding Proxy

ActiveTrust Endpoint/DNS Forwarding Proxy – Redirect DNS requests to Infoblox cloud using either the endpoint agent or the agentless DNS forwarding proxy option

Ecosystem Integrations

Respond to threats faster by pulling security event data into ecosystem tools using public APIs or on-premises Infoblox

Integrated and Detailed Reporting

Rich context on infected devices, user activity using Data Connector utility

Infoblox Dossier

Threat investigation tool for fast analysis using threat context to take action in minutes, not hours

KEY FEATURES

Threat Insight

Prevent DNS-based data exfiltration that other systems can’t detect; DGA and fast-flux detection

DNS Firewall/Response Policy Zones (RPZs)

Disrupt malicious DNS-based communications to C&Cs, prevent malware from propagating

Content Categorization

Prevent access to objectionable content or content not in compliance with policy

TIDE

Aggregate, curate and distribute up-to-date threat intelligence to Infoblox and broader security ecosystem

ActiveTrust® Endpoint and DNS Forwarding Proxy

ActiveTrust Endpoint/DNS Forwarding Proxy – Redirect DNS requests to Infoblox cloud using either the endpoint agent or the agentless DNS forwarding proxy option

Ecosystem Integrations

Respond to threats faster by pulling security event data into ecosystem tools using public APIs or on-premises Infoblox

Integrated and Detailed Reporting

Rich context on infected devices, user activity using Data Connector utility

Infoblox Dossier

Threat investigation tool for fast analysis using threat context to take action in minutes, not hours

RELEVANT SOLUTIONS

Data Protection and Malware Mitigation
Protect users and data

Data Exfiltration Prevention
Secure your business data from the network core

IT Compliance
Ensure compliance with automation and intelligence

Get Your Free Report on Malware in Your Network

[contact-form-7 id="10507" title="Contact form 1"]