Powerful threat prediction, prevention, detection, and response along with compliance in a scalable, simple managed solution.
All-in-one networking solution that combines network connectivity, agility, security, and compliance in an affordable managed solution.
Accelerate business growth through our award-winning partner program.
Applies To: Infoblox DDI (DHCP, DNS, and IPAM) with NIOS version 7.0.x and later
Infoblox DDI is a critical technology with DNS, DHCP, IPAM functionalities which provides maximum protection and offers minimum attack surface. Infoblox DDI forwards logs to EventTracker via syslog. EventTracker receives DNS, DHCP, and IPAM logs from Infoblox DDI. EventTracker Infoblox DDI report provides information about DHCP IP assignment and DHCP IP lease expiration of the systems.
These reports help to track, client’s events receiving suspicious responses by the DNS response policy zone.
Dashboards display a graphical representation of the object management, user logon activities, DHCP activities. For e.g. Object management events include, new object (DHCP range, a record, MX record, etc.) creation, existing object modification or deletion.
Alerts are triggered when a user performs any of the following activities: new object creation, old objects modification or deletion, user login fails, etc.
After Infoblox DDI is configured to deliver events to EventTracker, alerts, dashboards, and reports can be configured into EventTracker.
The configuration details are consistent with EventTracker version 9.x and later, and Infoblox DDI with NIOS version 7.0.x and later.
For more information please refer the Infoblox DDI Integration guide
To configure Infoblox DDI to send logs to EventTracker, refer the How to Guide.