Infoblox BloxOne Threat Defense

Infoblox’s scalable, cloud-based platform allows you to maximise your threat protection while continuing to utilise your existing investments. BloxOne Threat Defense protects data and devices everywhere: on the corporate network, at branch offices and outside your corporate network. Delivered as Software as a Service (SaaS), Infoblox BloxOne Threat Defense is easy to configure and use immediately, without the need for a costly rollout. With its hybrid architecture, it provides comprehensive protection and also supports SOAR solutions (Security Orchestration, Automation and Response). This greatly reduces the time needed to analyse and eliminate cyber threats, improves the performance of the entire security ecosystem and drives down the overall cost of threat protection in a business.

Why are dependable, scalable security solutions in demand today?


Network boundaries have shifted. Nowadays, your users access cloud-based applications directly – from anywhere.

SD-WAN is driving network transformation and branches connect directly to the internet without being able to pass through the full security stack at head office.

The Internet of Things (IoT) has led to an explosion of devices that can’t be protected using traditional endpoint security.

Most security systems are complex and don’t easily scale up or down to protect these dynamic environments. Your company needs a simple, scalable, automated security solution that provides the best possible protection for your entire network and your sensitive data, wherever it is.

The most important features

Protect existing networks

Protect existing networks and transformative technologies such as SD-WAN, IoT and cloud using existing infrastructure

Prevent data theft

Detect and block DNS-based data theft, domain generation algorithms (DGA), DNS messenger and fast flux attacks using analysis-based machine learning.

Detect and block malware activity

Block malicious communications to C&Cs, prevent the spread of malware


Categorise Web content and enforce Web access policies: Restrict user access to certain categories to filter out websites involving things like gaming, drugs and violence.

Automated incident response

Rectify faults and respond to threats even faster, as they are first blocked and then shared with the rest of the ecosystem via API or local integration.

Access to data via S3 bucket

Export activity logs to Amazon S3 buckets and use data easily in common formats (CSV, JSON and CEF)

Fast, straightforward threat investigation

Automated research of threat data from different sources, meaning more efficient evaluation and thus even faster threat analysis.

Improved transparency

High transparency and useful contextual information about the network, including IPAM and asset metadata relating to your network systems, enabling you to better classify events.

Extensive reporting

A clear, visual overview of your security status with company-level information for management.

Infoblox provides critical network services. These services secure the DNS (domain name system) infrastructure, automate cloud deployments, and help make corporate and service provider networks more available worldwide. Infoblox is the market leader in DDI (DNS, DHCP, IP address management) and reduces risk and complexity in network operations.