InfoBlox DDI

InfoBlox DDI (DHCP, DNS, and IP address management) is a network management tool that monitors several network services, such as DHCP, DNS, and IP address activity. You can bring host and network data from InfoBlox DDI into Brinqa to gain a comprehensive view of your network's attack surface, thus strengthening your cybersecurity posture.

This document details the information you must provide for the connector to authenticate with InfoBlox DDI and how to obtain that information from InfoBlox. See create a data integration for step-by-step instructions on setting up the integration.

info

The InfoBlox DDI connector has been tested and verified with InfoBlox DDI v8.6.2 and above. Compatibility and functionality may differ if you are using other versions of InfoBlox DDI.

Required connection settings

When setting up a data integration, select InfoBlox DDI from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate InfoBlox DDI with Brinqa:

• InfoBlox server: Your organization's InfoBlox DDI server URL. The default format is https://<servername>.

• Username and Password: The username and password associated with the InfoBlox user, which must have permissions to log in to the API server and return data.

InfoBlox DDI permissions

For the InfoBlox DDI connector to access the InfoBlox API and retrieve data, the account used in the integration configuration must have the appropriate permissions and API access.

To create the necessary role and user group with the required permissions, follow these steps:

1. Log in to your organization's InfoBlox DDI portal as an administrator.

2. Navigate to Administration > Administrators > Roles and click + to create a new role.

3. Enter a Name for the new role and click Next.

4. On the Extensible Attributes page, click Next, then click Save & Add Permissions.

5. On the Permissions page, click + and add the following Read-Only permissions to the new role:

   • All Hosts
   • All IPv4 Host Addresses
   • All IPv4 Networks
   • All IPv6 Host Addresses
   • All IPv6 Networks
   • All Network Views
   • Port Control

6. Click Save & Close.

7. Navigate to Administration > Administrators > Groups and click + to create a new group.

8. Enter a Name for the new group and click Next.

9. Under Allowed Interfaces, select API, then click +.

10. Click Custom Roles, select the custom role you created in the earlier steps, and then click Save & Close.

11. Navigate to Administration > Administrators > Users.

12. Select the user you want to add to the group, and then click Edit.

    This should be the user whose credentials are entered in the integration configuration.

13. In the Available User Groups table, select the group you created in the earlier steps.

14. Click Save & Close.

note

If you do not have permissions to create a new role and group, contact your InfoBlox DDI administrator. For additional information, see the InfoBlox DDI documentation on Creating Roles, Creating User Groups, and Editing Users.

Additional settings

The InfoBlox DDI connector contains an additional option for configuration:

• Skip certificate verification: Select this option to allow for untrusted certificates.

Types of data to retrieve

The InfoBlox connector can retrieve the following types of data from the InfoBlox API:

Table 1: Data retrieved from InfoBlox DDI

Connector Object	Required	Maps to Data Model
Host	No	Host
Network	No	IP Range

info

For detailed steps on how to view the data retrieved from InfoBlox DDI in the Brinqa Platform, see How to view your data.

Attribute mappings

Click the tabs below to view the mappings between the source and the Brinqa data model attributes.

Host

Table 2: Host attribute mappings

Source Field Name	Maps to Attribute
_REF	uid
ASSET_CATEGORY_HOST	categories
DNS_NAME	dnsNames, publicDnsName, privateDnsName
NAME	name

Network

Table 3: Network attribute mappings

Source Field Name	Maps to Attribute
_REF	uid
ASSET_CATEGORY_NETWORK	categories
COMMENT	description
EMAIL_LIST	emails
NETWORK	name

APIs

The InfoBlox DDI connector uses the InfoBlox NIOS API v1.

Changelog

The InfoBlox DDI connector has undergone the following changes:

3.0.0

• Initial Integration+ release.