ActiveTrust Cloud | DDI (Secure DNS, DHCP, and IPAM) | Infoblox
Select Page

Already an ActiveTrust® Cloud Customer?

Already an ActiveTrust® Cloud Customer?

PROTECT DEVICES EVERYWHERE

On the Premises, Roaming, or in Branch Offices

PROTECT DEVICES EVERYWHERE

On the Premises, Roaming, or in Branch Offices

“In this day and age there is way too much ransomware, spyware, and adware coming in over links opened by Internet users. The Infoblox cloud security solution helps block users from redirects that take them to bad sites, keeps machines from becoming infected, and keeps users safer.”

Ron Washburn, Senior System Administrator and Network Engineer

Prevent DNS-based Data Exfiltration, Detect Malware Early, and Enhance Visibility

Today’s workforce is increasingly mobile and the number of employees working from multiple and remote locations is rising. According to a recent remote and mobile user study, 70% of organizations are concerned with data loss when users are off the network and 75% worry that malware will infiltrate the network due to increased roaming or off-network access.

Infoblox ActiveTrust® Cloud helps raise security to the next level. It blocks DNS-based data exfiltration, stops malware communications with command-and-control (C&C) servers, automatically prevents access to content not in compliance with policy, and shares intelligence with your existing security infrastructure for orchestration and faster remediation. The solution provides these benefits using automated, high-quality threat intelligence feeds, behavioral analytics, and machine learning to catch even zero-day threats.

Delivered as a service, it is easy to use, deploy, and maintain without dedicated IT resources. It provides rapid time to value and enables unified policy management and reporting for on-premises/cloud hybrid deployments. It protects devices everywhere and is ideal for organizations who want to consume services from the cloud, or are concerned with extending protection to remote/branch offices.

With Infoblox ActiveTrust® Cloud, your security teams can:

  • Reduce risk by preventing compromised devices from communicating with malicious Internet destinations
  • Prevent DNS-based data exfiltration that other systems can’t detect
  • Prevent access to objectionable content
  • Improve efficiency of threat intelligence and investigation; take action in minutes not hours
  • Gain deep visibility into infections by unlocking on-premises network context
  • Accelerate remediation using ecosystem integrations and APIs

ActiveTrust® Cloud is available in two tiers:

 

ActiveTrust® Cloud Standard ActiveTrust® Cloud Plus
Recursive DNS Firewall (RPZ Zone) Threat Intel Feeds Standard (6 reputation datasets)

  • Base
  • Anti-malware
  • Ransomware
  • Bogon
  • Automated Indicator Sharing (AIS) data (2)
Threat Intel Feeds Standard (6) + Advanced (7) + SURBL (3)

  • Base, anti-malware, ransomware, bogon, AIS (2)
  • Malware IPs, Bots IPs, Exploit Kit IPs, Malware DGA hostnames, Tor Exit Node IPs, US OFAC Sanctions IPs, EECN IPs
  • SURBL Multi domains, SURBL Multi Lite, SURBL Fresh domains
Content Categorization Not included Restrict access to objectionable content in the cloud
Dossier (Threat Investigation Tool) Not included (Basic threat lookup via Cloud Services Portal only) 32,000 queries/year
Public APIs (for ecosystem)

  • Threats APIs
  • Custom list APIs
Not included

  • Included – Security events available in CEF or JSON format via Cloud APIs– with enhanced security reports
  • Ability to create custom threat feeds via Cloud APIs

Threat Insight (DNS Tunneling/Data Exfiltration, DNSMessenger,
DGA, Inline DGA, Dictionary DGA, Fast Flux)

Not Included Machine learning based analytics
TIDE Infoblox Threat Intelligence Data Exchange (TIDE) license – enabling use in third party security solutions Not included Licensed use for ONE of the following: (for use in any non-Infoblox security solution)

  • Hostnames or
  • IP Addresses or
  • URLs
Reporting Basic—malware blocked, number of hits
  • Integrated reporting with on-premises Grid, enabled by virtual Data Connector utility
  • Enhanced visibility with drill-down reports to identify exact user and device
ActiveTrust Endpoint (client agent – can be deployed using SCCM or McAfee ePO)
Included
Included
DNS Forwarding Proxy
Included
Included
Hosted Recursive DNS with
Geo-Location Response
(Using EDNS)

 Included

 Included

Prevent DNS-based Data Exfiltration That Other Systems Can’t Detect

Infoblox ActiveTrust® Cloud automatically stops DNS-based data exfiltration using Infoblox Threat Insight, a unique streaming analytics solution that automatically adds domains associated with data exfiltration to Response Policy Zone (RPZ) blacklists.

Detect Data Exfiltration with DNS-based Analytics

Prevent DNS-based Data Exfiltration That Other Systems Can’t Detect

Infoblox ActiveTrust® Cloud automatically stops DNS-based data exfiltration using Infoblox Threat Insight, a unique streaming analytics solution that automatically adds domains associated with data exfiltration to Response Policy Zone (RPZ) blacklists.

Detect Data Exfiltration with DNS-based Analytics

Detect Malware Early—without Changing Infrastructure

ActiveTrust® Cloud helps detect malware early, and without the need to deploy infrastructure everywhere. Through its Infoblox DNS Firewall capability and the use of advanced threat intelligence, it disrupts device communications with malicious destinations. Threat intelligence feeds are regularly updated with malicious Internet destinations and curated by a dedicated threat intelligence team to deliver fewer false positives.

Unify Policy Management, Analytics, and Reporting across On-Prem and Cloud Infrastructure

When used along with the on-premises ActiveTrust® solution, Active
ActiveTrust® Cloud empowers administrators to seamlessly manage policy and get analytics and reporting with a complete lifecycle view of device activity, whether users are on the enterprise network or roaming. The solution also provides centralized reports enriched with on-premises Grid data that provides deep visibility for better understanding and prioritizing threats.

Detect Data Exfiltration with DNS-based Analytics
Detect Data Exfiltration with DNS-based Analytics

Unify Policy Management, Analytics, and Reporting across On-Prem and Cloud Infrastructure

When used along with the on-premises ActiveTrust® solution, Active
ActiveTrust® Cloud empowers administrators to seamlessly manage policy and get analytics and reporting with a complete lifecycle view of device activity, whether users are on the enterprise network or roaming. The solution also provides centralized reports enriched with on-premises Grid data that provides deep visibility for better understanding and prioritizing threats.

THE INFOBLOX DIFFERENCE

Infoblox is the market-leader in delivering next level DDI to organizations the world over. Unique in the industry, our ActiveTrust and ActiveTrust Cloud solutions support a hybrid model that bridges on-prem and cloud security deployments. With Infoblox, you can centrally and efficiently protect against the broadest range of DNS-based threats, including malware, ransomware and data exfiltration, regardless of your particular security infrastructure requirements.

THE INFOBLOX DIFFERENCE

Infoblox is the market-leader in delivering next level DDI to organizations the world over. Unique in the industry, our ActiveTrust and ActiveTrust Cloud solutions support a hybrid model that bridges on-prem and cloud security deployments. With Infoblox, you can centrally and efficiently protect against the broadest range of DNS-based threats, including malware, ransomware and data exfiltration, regardless of your particular security infrastructure requirements.

KEY FEATURES

Threat Insight

Prevent DNS-based data exfiltration that other systems can’t detect (e.g., DGA and fast-flux)

DNS Firewall/Response Policy Zones (RPZs)

Prevent malware from propagating by disrupting malicious DNS-based communications to C&C servers .

Content Categorization

Prevent access to objectionable content or content not in compliance with policy.

TIDE

Aggregate, curate and distribute up-to-date threat intelligence to Infoblox and broader security ecosystem.

ActiveTrust® Endpoint and DNS Forwarding Proxy

Redirect DNS requests to Infoblox cloud using either the endpoint agent or the agentless DNS forwarding proxy option.

Ecosystem Integrations

Respond to threats faster by pulling security event data into ecosystem tools using public APIs or on-premises Infoblox.

Integrated and Detailed Reporting

Access rich context on infected devices and user activity through the Data Connector utility.

Infoblox Dossier

Take action in minutes, not hours with a threat investigation tool that provides fast analysis based on threat context.

KEY FEATURES

Threat Insight

Prevent DNS-based data exfiltration that other systems can’t detect (e.g., DGA and fast-flux).

DNS Firewall/Response Policy Zones (RPZs)

Prevent malware from propagating by disrupting malicious DNS-based communications to C&C servers.

Content Categorization

Prevent access to objectionable content or content not in compliance with policy.

TIDE

Aggregate, curate and distribute up-to-date threat intelligence to Infoblox and broader security ecosystem.

ActiveTrust® Endpoint and DNS Forwarding Proxy

Redirect DNS requests to Infoblox cloud using either the endpoint agent or the agentless DNS forwarding proxy option.

Ecosystem Integrations

Respond to threats faster by pulling security event data into ecosystem tools using public APIs or on-premises Infoblox.

Integrated and Detailed Reporting

Access rich context on infected devices and user activity through the Data Connector utility.

Infoblox Dossier

Take action in minutes, not hours with a threat investigation tool that provides fast analysis based on threat context.

RELEVANT SOLUTIONS

Data Protection and Malware Mitigation
Protect users and data

Data Exfiltration Prevention
Secure your business data from the network core

IT Compliance
Ensure compliance with automation and intelligence

Get Your Free Report on Malware in Your Network

[contact-form-7 id="10507" title="Contact form 1"]