Infoblox BloxOne Threat Defense Reviews

We use this solution for DNS defense, against DNS tunneling and data exfiltration.

The most valuable feature of this solution is the granularity for which you can categorize what you want to block versus what you don't want to block.

You have a direct connection with Infoblox support for everything that they're hosting at the in the bloxonecloud at the moment. You don't have to go through a partner.

This solution integrates with the Infoblox appliances, so you don't need Excel sheets or external databases to administer what you've got deployed. All of the IP addresses are known.

The documentation needs to be improved. This solution is being rapidly developed at the moment and the documentation is lagging behind. The integration examples in NIOS guide and online threatdefense online documentation don't always match up. To the current gui of the CSP platform.

We would like to see more reporting capabilities that are now offered only with the on-premises reporting appliance.

This is a stable solution and we haven't had an outage here yet.

In the cloud, this solution is very scalable. Especially for the data exfiltration part because you don't have to rely on your on-premises CPU capacity, as it is done from Infoblox itself.

You don't even see how much it scales, although you have to adjust your subscription accordingly. It's actually a gentleman's agreement in terms of the license, so if you don't oversubscribe on your connections then they don't enforce the targets.

We have about four hundred mobile users who are being protected while they are off-premises, and internally we are defending about twenty-five hundred users.

It is used on a daily basis. All of our internal DNS queries are passed through this solution and we have approximately twenty thousand active IP addresses.

The technical support is good.

For everything in the cloud, support is called BloxOne. You get a reaction within one hour. They're experts at their own products and you get the right experts straight away.

I have experience with several firewall vendors including F10, Infoblox, Palo Alto, Cisco ACI, ASUS, and Nexus.

The initial setup of this solution is very straightforward.

In regards to on-premises appliances, the cloud solution is very straightforward.

With the internal infrastructure complete, the basic setup should be up and running in about an hour.

I performed the deployment.

One person is sufficient for deployment and maintenance.

The licensing is set up such that you pay for the number of active users that you're defending at the moment. It is similar to the model used by Cisco Umbrella.

One of the main differences between Infoblox and Cisco Umbrella is that Infoblox supports the DNS check completely, whereas Cisco Umbrella does not. You can also see the original client IP address and not just the outgoing IP address.

In terms of scalability, Infoblox is the better solution.

This is a solution that I recommend.

I would rate this solution a nine out of ten.

The solution is primarily used for protecting DNS and customers from malware.

DNS Firewall can protect the DNS from DNS exploitation.

The dashboard and reporting features need improvement. The user needs more informative dashboards so they can get to the results directly without having to search deep into the report to pull out information.

The solution is very stable.

With the model we have, we are able to scale very easily if we need to.

We rarely need to contact technical support, but when we do they are very helpful.

The initial setup is straightforward. It's not trivial or easy to implement it, but it's also not that complicated. It's somewhere in between. Deployment typically takes two to three days. You don't need more than one or two people for deployment and maintenance.

We handled the implementation ourselves.

The solution offers two types of licensing options.

You can get a license on a one-year or three-year term. The cost depends on the services that you want to use and the number of users you have. 

They now also have a subscription where you can pay on a monthly basis. 

Usually, there is a cost for implementation either via the vendor or a local partner. 

We use the on-premises deployment model.

I would advise others to take the whole DNS Firewall subscription because it will add value to their solution.

I would rate the solution at nine out of ten.

Our primary use case for Infoblox is to ensure DNS security.

Infoblox DNS Firewall improved our organization by checking that all traffic came from a proper IP address.

The most important features for us are preventing DDOS DNS attacks.

Endpoint solutions need to improved.

So far the solution is really helping. The stability looks okay.

There are currently no users since we are in the POC state. Eventually, we will have around 1,000 users.

The setup was fairly straightforward. Deployment took about two days.

The implementation was done by the company itself.