What You Need to Know On March 21, 2024 Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint distributed denial-of-service (DDoS) attack guidance for federal, state, local, tribal, and territorial government entities to serve as a comprehensive resource to address the specific needs and challenges faced by government agencies in defending against DDoS attacks. Distributed denial-of-service attacks typically originate from multiple sources, making them difficu ..read more

Do I Really Need DDI? First, let’s address the obvious: The answer to this question isn’t going to surprise you, coming from an employee of a company that sells DDI solutions. So maybe the better question is Why do I really need DDI? DDI, of course, is the abbreviation1 for DNS, DHCP and IPAM, which are, respectively, the Domain Name System, the Dynamic Host Configuration Protocol, and IP Address Management.2 Almost anyone likely to read this blog is familiar with DNS and DHCP, so I’ll take it as a given that I don’t need to argue why they’re critical. But DDI solutions do more than deliver DN ..read more

The Transformation of Infoblox Threat Intel – Part 1 Certain life events are unforgettable – your first kiss, your first date, and more! For those of us in the world of computer networking and cybersecurity, there are other special moments. These might include your first computer, your first computer game, your first encounter with a virus, your first firewall, and your first time dealing with Conficker. Yes, I know, I’ve been around for a while! When I embarked on this journey, there was no such thing as “cyber” anything, let alone the Internet. Then came networks, followed by the Internet, v ..read more

Disclaimer: This blog offers general information and should not be considered legal advice. Consult your own legal counsel for specific advice. The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) was signed into law by President Biden in 2022. Its goal is to strengthen the cybersecurity posture of the United States by establishing more robust incident reporting requirements for critical infrastructure entities. A key requirement of CIRCIA is for the Cybersecurity and Infrastructure Security Agency (CISA) to develop regulations to implement the law. On April 4, 2024, C ..read more

Author: Jeevan Sharma   Seamless Connectivity with Infoblox IPAM for Hybrid Multi-cloud Environments When an organization has cloud and on-premises networks operating independently in their own silos, IP address allocation is localized in each environment, and there is no need for awareness of IP allocations elsewhere. Overlapping IP addresses can coexist when the cloud and on-premises network are isolated. Such configurations demand minimal coordination between cloud and on-premises IT teams. Many organizations operated in this manner while they were moving into the cloud. Silos among pu ..read more

Are we there yet? American baseball legend Yogi Berra once said, “We’re lost, but we’re making good time.”  As funny as that sounds, he made a great point.  If you don’t know where you are going, how do you know how far you’ve gone or how far it is to your destination?  Similarly, if you don’t have a good idea of what success looks like you might not be aiming in the right direction and putting effort toward those activities that will result in the achievement of the goal. The same concern holds true for the journey from IPv4 to IPv6.  Virtually all enterprise organizations ..read more

DNS Early Detection – Proof of Value Study In this blog, we present a proof of value study demonstrating the value of detecting attempted DNS exfiltration and Command and Control (C2) communications. Our focus is on two anonymized customers: a large e-commerce/retail company (Customer #1) and an educational institution (Customer #2). This study shows how the use of both our Suspicious Domain feeds and our Threat Insight capability that inspects customer network DNS traffic can work to protect the enterprise. The intriguing aspect of this proof of value study lies in the diverse decisions made ..read more

When talking with network and cloud professionals, one of the most frequent questions I hear is, “How can we automate our IPAM and networking for hybrid and multi-cloud environments?” . IP Address Management (IPAM) for the cloud can be challenging and the tools provided by the cloud providers vary; most public clouds don’t even have services for IPAM. Those that do are limited to management of IPs in their cloud alone, leaving you with multiple disparate systems for IPAM across your hybrid and multi-cloud networks. This makes things complicated, especially for companies at the beginning of the ..read more

DNS (short for Domain Name System) is an extremely vital function for any telecommunications provider. It acts like the Internet’s phonebook, converting human-readable domain names into machine-readable IP addresses. It functions as a vast tree structure, starting from the root domain indicated by a single dot (.). This hierarchical database spreads into top-level domains (TLDs), including Generic TLDs (such as .COM or .EDU) and Country Code TLDs (like .UK or .DE). Below TLDs are Second-Level Domains (SLDs), the main domains individuals or organizations register, such as google.com or Infoblox ..read more

Infoblox’s DNS Early Detection Program offers a unique approach to identifying potentially harmful domains. By utilizing our proprietary techniques, we can detect these domains early, giving defenders a significant advantage over threat actors. We flag these domains as suspicious at the earliest stage and make them available for immediate blocking. This proactive approach allows defenders to thwart attacks days, weeks, or even months before they appear in OSINT or threat intelligence feeds. Threat actors continually adjust their techniques and very often use malicious domains to quickly launch ..read more