====== NIOS Setup ======
  * Enable logon message.
  * Enable top of page banner.
  * Enable Grid backup to SCP server on a schedule.
  * Enable NTP.
  * Enable RPZ logging.
  * Enable protection for DNS records marked as protected (prevents dynamic updates overwriting them).
  * Enable ACL for recursive queries.
  * Mark all RFC1918 address PTR zones as either authoritative or forwarders. [[infoblox_threat_defense:endpoints#ptr_and_internal_zones|This page]] lists Private Zones for both IPv4 and IPv6. You may want to assign [[networking:ipv4|other]] as well.
  * Enable DNSSEC for recursion and install root keys.
  * Configure internal zones in list of Negative Trust Anchors.
  * Enable query monitoring.
  * Enable forwarding of log messages to SYSLOG server.
  * Enable SNMP.
  * Create proper FQDN for GM and install proper web certificate (signed by internal PKI).
  * Retrict ciphers on web server on Grid Manager.
  * Prep Dashboards for useful summary data of Grid Members.
  * Enable SSH on members.
  * Set DHCP to use modern records to DDNS ("standard" instead of "Interim").
  * Enable DNS scavending to mark dynamic DNS not queried in 90 days as reclaimable and static DNS records not quried in 365 days (mark, not delete).
  * Create Smart Folder to show DNS records marked as reclaimable.
  * Adjust user setting to show 254 rows per page instead of the default 20.
  * Forward Audit log to System log.
  * Create support account and make sure all appliances are registered, licensed and have host names noted down in the hostname column.