skip to Main Content

Cybersecurity Ecosystem

Reduce threat response time and cost, with enhanced productivity and automation

Accelerate security
response
with
data enrichment

With vast on-premises and public/hybrid cloud enterprise environments, and a plethora of defense-in-depth tools, it becomes an overwhelming process for the cybersecurity teams to manually manage dozens of security tools and respond to hundreds or thousands of alerts every day. Infoblox’s Ecosystem Exchange offers a highly interconnected set of integrations that enable security teams to eliminate silos, optimize their security orchestration automation and response (SOAR) solution and improve the ROI of their entire cybersecurity ecosystem. It reduces the time and cost of threat response through enhanced automation and real-time, two-way data sharing across the ecosystem enabled by extensive APIs.

Key benefits

Gain visibility

Gain visibility

Gain centralized visibility across on-premises, virtual and cloud deployments, including VMWare, AWS, Azure, Cisco ACI and OpenStack

Speed remediation

Speed remediation

Decrease time to remediation by up to two-thirds

Improve threat analyst productivity

Improve threat analyst productivity

Make threat analysts up to 3x more productive

Reduce costs

Reduce costs

Reduce costs associated with manual intervention and human error

Infoblox Ecosystem Exchange as part of BloxOne® Threat Defense

To speed up incident response, organizations need to remove silos, achieve near real-time visibility, and gain critical forensic insights and network data on incidents . BloxOne Threat Defense taps into DNS, DHCP and IPAM data for such valuable network context on incidents, automatically shares it with the broader security ecosystem and triggers automated responses to security events.

DNS data

Malicious activity inside the security perimeter
Includes BYOD and IoT device
Profile device & user activity

DHCP

Device audit trail and fingerprinting
Device info, MAC, lease history

IPAM Application and Business Context

“Metadata” via extended attributes: owner, app, security level, location, ticket number
Context for accurate risk assessment and event prioritization

Advanced Threat Detection

BloxOne Threat Defense automatically shares information with advanced threat detection solutions on incidents involving Advanced Persistent Threat (APT) activity and malicious domains. Infoblox then automatically blocks, logs events or takes appropriate action on these threats.

Benefits:

  • Enables flexible policy enforcement
  • Rapidly identifies infected devices
  • Builds defense and remediation into IT systems and processes
Infoblox-FireEye joint solution brief

Threat Intelligence Platform (TIP)

Infoblox Threat Intelligence Data Exchange (TIDE) automatically sends information on malicious hostnames, IP addresses and URLs to the threat intelligence platform (TIP). TIP enables blocking and monitoring of more threats.

Benefits:

  • Reduces the number of alerts that require review
  • Improves situational awareness for network and security organizations
  • Improves overall security posture
Infoblox-Check Point joint solution brief

Security Information and Event Management (SIEM)

Infoblox sends information on IP addresses, infected devices and suspicious DNS requests and responses to SIEM. SIEM can use this information to perform analysis and take action.

Benefits:

  • Provides consolidated visibility into device activity regardless of where log data was generated
  • Provides context for more accurate prioritization of security events
  • Improves operational efficiency of network ops and IT teams
Infoblox-McAfee joint solution brief

Vulnerability management

Infoblox sends information on IP addresses, network devices and malicious events to vulnerability management. Vulnerability management uses that information to automatically trigger scans, enabling easier compliance and faster remediation.

Benefits:

  • Provides near-real-time visibility into new devices as they join the network
  • Automates and accelerates response to network changes and malicious events
  • Improves ROI of existing security investments
Infoblox-Rapid7 joint solution brief Infoblox-Qualys joint solution brief Infoblox-Tenable joint solution brief

Network Access Control (NAC)

Infoblox provides information on IP addresses, network devices and DNS security events. NAC solutions can use that information to get context to better prioritize threats and take more immediate action (such as taking the device off the network) to shorten time to containment.

Benefits:

  • Expands visibility into network infrastructure, users and devices
  • Provides vital context for threat prioritization
  • Enables consistent policy enforcement
Infoblox-Cisco ISE joint solution brief Infoblox-Aruba ClearPass joint solution brief Infoblox-ForeScout joint solution brief

Next-Generation Endpoint Security

Infoblox detects DNS-based malware communications and informs next-generation endpoint security technologies. These products can identify malicious processes, quarantine the endpoint or take other actions. For added protection, endpoint security solutions can incorporate Infoblox client agents.

Benefits:

  • Quickly identifies and prevents DNS-based endpoint communications to malicious domains
  • Automatically responds to endpoint threats, reducing dwell time
  • Enables mass deployment of Infoblox endpoint agent for DNS security and streamlines workflows
Infoblox-McAfee joint solution brief Infoblox-Carbon Black joint solution brief

Next-Generation Firewall (NGFW)

NGFW receives malicious hostnames, IP addresses and URLs from Infoblox TIDE. NGFW enables customers to block or monitor threats.

Benefits:

  • Reduces the number of alerts security teams must review
  • Improves situational awareness for network and security organizations
  • Improves overall security posture
Fortinet and Infoblox security solution Infoblox-Palo Alto Networks joint solution brief

Web Gateway

BloxOne Threat Defense blocks DNS-based data exfiltration, as well as DNS requests to malicious domains before forwarding the traffic to McAfee Web Gateway. The web gateway then scans traffic for further inspection with URL filtering, SSL and more.

Benefits:

  • Unifies domain blocking and HTTP security for broader protection
  • Speeds detection of malicious traffic originating from infected endpoints, regardless of its location
  • Compliments web gateway with DNS based threat intelligence
Infoblox-McAfee joint solution brief

ITSM, ITOM and Security Operations

Infoblox sends information on new devices, networks and IP addresses to ITSM, ITOM and Security Operations. Network and security administrators gain a consolidated view of all the device and event information Infoblox discovers.

Benefits:

  • Provides at-a-glance dashboard views into devices and endpoints joining and leaving the network
  • Enables proactive identification of network issues to accelerate response to network changes and security events
Infoblox and ServiceNow Integration joint solution brief Infoblox-ServiceNow Security Operations joint solution brief

Security Orchestration, Automation and Response (SOAR)

SOAR solution receives information on IP address, network devices and malicious events from Infoblox. SOAR uses that information to block/unblock/check domain and check information about IP/host/network/domain in IPAM. Infoblox automatically enriches IPAM with data from security tools and events.

Benefits:

  • Integrates disparate security tools and provide vendor-neutral threat intelligence for all devices
  • Automates and produces faster response with the full set of threat intelligence APIs
  • Enhances and improves incident response with better threat intelligence
  • Improves security processes by integrating with other systems via SOAR

Explore and learn more

BloxOne® Threat Defense

Quickly deploy on-premises, cloud or hybrid DNS-layer security everywhere

BloxOne® Threat Defense

Quickly deploy on-premises, cloud or hybrid DNS-layer security everywhere

NIOS DDI

Unify DNS, DHCP and IPAM across on-premises and cloud data centers

NIOS DDI

Unify DNS, DHCP and IPAM across on-premises and cloud data centers

Advanced DNS Protection

Protect enterprise DNS infrastructure to ensure maximum uptime

Advanced DNS Protection

Protect enterprise DNS infrastructure to ensure maximum uptime

Dive a little deeper

Learn how Infoblox can help with your cybersecurity

Back To Top