Infoblox DNS Firewall Review

Good granularity for control and checks DNS queries completely


What is our primary use case?

We use this solution for DNS defense, against DNS tunneling and data exfiltration.

What is most valuable?

The most valuable feature of this solution is the granularity for which you can categorize what you want to block versus what you don't want to block.

You have a direct connection with Infoblox support for everything that they're hosting at the in the bloxonecloud at the moment. You don't have to go through a partner.

This solution integrates with the Infoblox appliances, so you don't need Excel sheets or external databases to administer what you've got deployed. All of the IP addresses are known.

What needs improvement?

The documentation needs to be improved. This solution is being rapidly developed at the moment and the documentation is lagging behind. The integration examples in NIOS guide and online threatdefense online documentation don't always match up. To the current gui of the CSP platform.

We would like to see more reporting capabilities that are now offered only with the on-premises reporting appliance.

For how long have I used the solution?

We have been using this solution for about one and a half years.

What do I think about the stability of the solution?

This is a stable solution and we haven't had an outage here yet.

What do I think about the scalability of the solution?

In the cloud, this solution is very scalable. Especially for the data exfiltration part because you don't have to rely on your on-premises CPU capacity, as it is done from Infoblox itself.

You don't even see how much it scales, although you have to adjust your subscription accordingly. It's actually a gentleman's agreement in terms of the license, so if you don't oversubscribe on your connections then they don't enforce the targets.

We have about four hundred mobile users who are being protected while they are off-premises, and internally we are defending about twenty-five hundred users.

It is used on a daily basis. All of our internal DNS queries are passed through this solution and we have approximately twenty thousand active IP addresses.

How are customer service and technical support?

The technical support is good.

For everything in the cloud, support is called BloxOne. You get a reaction within one hour. They're experts at their own products and you get the right experts straight away.

Which solution did I use previously and why did I switch?

I have experience with several firewall vendors including F10, Infoblox, Palo Alto, Cisco ACI, ASUS, and Nexus.

How was the initial setup?

The initial setup of this solution is very straightforward.

In regards to on-premises appliances, the cloud solution is very straightforward.

With the internal infrastructure complete, the basic setup should be up and running in about an hour.

What about the implementation team?

I performed the deployment.

One person is sufficient for deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

The licensing is set up such that you pay for the number of active users that you're defending at the moment. It is similar to the model used by Cisco Umbrella.

Which other solutions did I evaluate?

One of the main differences between Infoblox and Cisco Umbrella is that Infoblox supports the DNS check completely, whereas Cisco Umbrella does not. You can also see the original client IP address and not just the outgoing IP address.

In terms of scalability, Infoblox is the better solution.

What other advice do I have?

This is a solution that I recommend.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email