• Configuring RPZ Feeds
• Network Discovery
• AWS Route53 Integration
• Cricket's Best Practice DNS
• DFP Best Practice on NIOS

• vNIOS for Hyper-V is not recommended as a Grid Master or Grid Master Candidate. Specifications
  • When running NIOS in MS Hyper-V with dynamic memory allocation enabled, your system might experience high memory usage. To avoid this issue, Infoblox recommends that you disable dynamic memory allocation.
  • For optimal performance, vNIOS for Hyper-V is not recommended as a Grid Master or Grid Master Candidate.
• DNS forwarding proxy is not supported on any appliance that is running on a memory lower than 4 GB. source
• There might be a significant performance impact on your appliance and network during the DNS forwarding proxy installation process depending on the network connectivity between NIOS and BloxOne Threat Defense. Every node will have to install the DNS forwarding proxy before serving DNS recursive queries, which includes the HA nodes. source

• Deploying BloxOne Hosts
• Deploying BloxOne Hosts
• Deploying BloxOne Endpoint

NOTE: The following notes do not reflect official Infoblox best practice. These are just notes that I've made along the way.

• BloxOne DNS zone should be assigned to an IPSpace. Failure to do so can result in licence issues as “used IP addresses” may be counted twice.
• OPH should be assigned to an IPSpace. Failure to do so can result in licence issues as “used IP addresses” may be counted twice.
• Consider adding cloudfront.net to the allow list. Cloudfront is a CDN. Unlike other CDN's (e.g. Fastly and Akamai) Cloudfront (used to?) allow uses to visit their URL's directly rather than through the original website using them as a CNAME. This can lead to URL filtering platforms (e.g. SURBL FP) to mark the cloudfront.net sub-domains as phishing, etc.