Here

Here

• Live threat feeds in DNS RPZ format
• DNS Firewall capable of stopping threats at your GRID
• Threat Insight to detect advanced threats and data exfiltration
• Threat Lookup to research basic attacker data (Dossier is not included in BloxOne Threat Defense Essentials)
• Predefined Reports (Infoblox reporting appliance is required if On-Prem)

• Dossier advanced threat research portal
• Security Ecosystem to integrate Infoblox data with your 3rd party security tools
• (Cloud Only) Endpoint Protection for your roaming Windows and Mac computers
• (Cloud Only) Web Content Filtering
• Access to the Active indicators tool

• Threat Intelligence Data Exchange (TIDE) Manage and share threat intelligence between all of your security environment in multiple machine-readable formats
• Access to Application Discovery tool
• Application filtering

Feed Description.

Remember, always put the FQDN only feeds above the IP only feeds to improve performance.

• Base hostnames (FQDN)
• Anti-malware (FQDN)
• Ransomware (?)
• Bogon (IP)
• DHS AIS_IP (IP)
• DHS AIS_Hostname (FQDN)
• DHS AIS NCCIC Watch list Hostnames and Domains (FQDN)
• DHS AIS NCCIC Watch list IPs (IP)
• Public_DoH (FQDN)
• Public_DoH_IP (IP)

Essentials Feeds +

• Malware IPs (IP)
• Bot IPs, Exploit kit IPs (IP)
• Malware DGA hostnames (FQDN)
• Tor Exit Node IPs (IP)
• SURBL Multi domains (FQDN)
• SURBL Multi Lite domains (FQDN)
• SURBL Fresh domains (FQDN)
• US OFAC Sanctions IPs (IP)
• EECN IPs (IP)
• Cryptocurrency hostnames and domains (FQDN)

Essentials Feeds + Business Feeds +

• Extended base & anti-malware (FQDN)
• Extended malware IPs (IP)
• Extended TOR Exit Node IPs (IP)
• Extended ransomware IPs (IP)
• Extended exploit kit IPs (IP)
• Spambot IPs (IP)
• Spambot IPs DNSBL (FQDN)
• Suspicious Domains (FQDN)
• Suspicious Emergent Domains (FQDN)
• Suspicious Lookalikes (FQDN)