What is our primary use case?
Most of the use cases are for the DNS protocols. As 90% or 91% of drivers use DNS, everybody is concerned about securing this protocol.
I am not from the customer side; I am from the vendor side. I give support to various customers here in Pakistan. We have deployments with hybrid data, and we also have purely on-premises deployments.
What is most valuable?
The dossier feature is perfect for starting an investigation.
What needs improvement?
The integration of threat intelligence with other solutions is challenging. If I want to expose threat intelligence, I cannot do it via taxi services. I have to call the API, but the customers are not into creating the APIs. The integration of embedded threat intelligence with other platforms should be better. Infoblox should work on this, and it should be easier for the end user to integrate it. It is very easy to deploy this solution. We should be able to integrate it with other platforms, such as the Next-Generation Firewall, with the same ease.
For how long have I used the solution?
I have been using Infoblox products for more than four years now. I have around one year of experience in monitoring and evaluating Infoblox BloxOne Threat Defense.
What do I think about the scalability of the solution?
Its scalability has no concerns and is perfectly fine. For scalability, I rank Infoblox BloxOne Threat Defense on the top of the line. They have recently introduced the SDLA agreement in which you have as many VMs as you want to have under the same license. It has a good architecture for scalability, so by using the manager, you can add multiple appliances. You can use any tasks.
How are customer service and technical support?
Their technical support is good but not perfect. Things need to be improved. The biggest challenge of Infoblox support is that for troubleshooting any issue, you have to download the support bundle and traffic caption and then upload it to the support site. Someone then looks into it, and it can take them a day or a time like that, but overall, their support is good.
How was the initial setup?
Infoblox BloxOne Threat Defense is very straightforward. The initial setup is easy, but it might be because I have been using it for a quite long time. The viewer is perfectly fine. Reporting is also fine. It is very easy to set up.
The deployment hardly took two days. It also depends on the size of the organization. If you have only four to five instances of DNS servers, four to five VM sets will not take more than two days. If you have a big setup, in which you have multiple instances of DNS, and you have physical appliances, it will obviously take time.
What other advice do I have?
I would highly recommend this solution. I am basically doing the pre-sales of Infoblox, so I highly recommended this solution. If you talk about competitors like F5, BlueCat, no solution is comparable to Infoblox BloxOne Threat Defense. Infoblox is doing VDI and selling VDI solutions for more than a decade. They are experts at the solution.
I would rate Infoblox BloxOne Threat Defense a nine out of ten. It needs tight integration and better support.