Skip to main content

InfoBlox DDI

InfoBlox DDI (DHCP, DNS, and IP address management) is a network management tool that monitors several network services, such as DHCP, DNS, and IP address activity. You can bring host and network data from InfoBlox DDI into Brinqa to gain a comprehensive view of your network's attack surface, thus strengthening your cybersecurity posture.

This document details the information you must provide for the connector to authenticate with InfoBlox DDI and how to obtain that information from InfoBlox. See create a data integration for step-by-step instructions on setting up the integration.

info

The InfoBlox DDI connector has been tested and verified with InfoBlox DDI v8.6.2 and above. Compatibility and functionality may differ if you are using other versions of InfoBlox DDI.

Required connection settings

When setting up a data integration, select InfoBlox DDI from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate InfoBlox DDI with Brinqa:

  • InfoBlox server: Your organization's InfoBlox DDI server URL. The default format is https://<servername>.

  • Username and Password: The username and password associated with the InfoBlox user, which must have permissions to log in to the API server and return data.

InfoBlox DDI permissions

For the InfoBlox DDI connector to access the InfoBlox API and retrieve data, the account used in the integration configuration must have the appropriate permissions and API access.

To create the necessary role and user group with the required permissions, follow these steps:

  1. Log in to your organization's InfoBlox DDI portal as an administrator.

  2. Navigate to Administration > Administrators > Roles and click + to create a new role.

  3. Enter a Name for the new role and click Next.

  4. On the Extensible Attributes page, click Next, then click Save & Add Permissions.

  5. On the Permissions page, click + and add the following Read-Only permissions to the new role:

    • All Hosts
    • All IPv4 Host Addresses
    • All IPv4 Networks
    • All IPv6 Host Addresses
    • All IPv6 Networks
    • All Network Views
    • Port Control
  6. Click Save & Close.

  7. Navigate to Administration > Administrators > Groups and click + to create a new group.

  8. Enter a Name for the new group and click Next.

  9. Under Allowed Interfaces, select API, then click +.

  10. Click Custom Roles, select the custom role you created in the earlier steps, and then click Save & Close.

  11. Navigate to Administration > Administrators > Users.

  12. Select the user you want to add to the group, and then click Edit.

    This should be the user whose credentials are entered in the integration configuration.

  13. In the Available User Groups table, select the group you created in the earlier steps.

  14. Click Save & Close.

note

If you do not have permissions to create a new role and group, contact your InfoBlox DDI administrator. For additional information, see the InfoBlox DDI documentation on Creating Roles, Creating User Groups, and Editing Users.

Additional settings

The InfoBlox DDI connector contains an additional option for configuration:

  • Skip certificate verification: Select this option to allow for untrusted certificates.

Types of data to retrieve

The InfoBlox connector can retrieve the following types of data from the InfoBlox API:

Table 1: Data retrieved from InfoBlox DDI

Connector ObjectRequiredMaps to Data Model
HostNoHost
NetworkNoIP Range
info

For detailed steps on how to view the data retrieved from InfoBlox DDI in the Brinqa Platform, see How to view your data.

Attribute mappings

Click the tabs below to view the mappings between the source and the Brinqa data model attributes.

Table 2: Host attribute mappings

Source Field NameMaps to Attribute
_REFuid
ASSET_CATEGORY_HOSTcategories
DNS_NAMEdnsNames, publicDnsNames, privateDnsNames
NAMEname

Operation options

The InfoBlox DDI connector supports the following operation options. See connector operation options for information about how to apply them.

Table 4: InfoBlox DDI connector operation options

Connector ObjectOptionAll Possible ValuesDescriptionExample
HostQUERYAny valid query expressionFilter hosts based on specific query conditions as supported by InfoBlox NIOS API.Key: QUERY Value: disable=false. This key and value combination only retrieves active hosts.
NetworkQUERYAny valid query expressionFilter networks based on specific query conditions as supported by InfoBlox NIOS API.Key: QUERY Value: network:~ = localdomain&platform=VNIOS. This key and value combination only retrieves networks matching the localdomain and platform=VNIOS.
ATTRS_TO_GETAny valid attribute namesA comma-separated list of attributes. Specify the attributes to retrieve for networks.Key: ATTRS_TO_GET Value: [network,comment,email_list,disable,netmask]. This key and value combination only retrieves the specified attributes for networks.

APIs

The InfoBlox DDI connector uses the InfoBlox NIOS API v1.

Table 5: InfoBlox DDI API Endpoints

Connector ObjectAPI Endpoints
HostGET /wapi/v{version}/record:host
GET /wapi/v{version}/extensibleattributedef
NetworkGET /wapi/v{version}/network
GET /wapi/v{version}/extensibleattributedef

Changelog

The InfoBlox DDI connector has undergone the following changes:

3.0.0