2804 - Managing BloxOne Endpoints
Cloud Services Portal (CSP) is now Infoblox Portal
In early September, Cloud Services Portal (CSP) became Infoblox Portal with a new look-and-feel, and a new URL (https://portal.infoblox.com). As a result of this change, the layout and organization of several menus have been updated.
Unfortunately, this means that our video courseware and lab guides no longer match the new user interface. However, we are currently in the process of updating them, and they should be ready soon.
In the meantime, we have some resources to help you navigate the new interface:
We have created a mapping of the previous menu locations and their new breadcrumb location.
Additionally, you can find a walkthrough video of the new User Interface on Launchpad.
We apologize for any inconvenience this may cause and kindly ask for your patience as we work through this transition.
Scenario
You're tasked to deploy a BloxOne endpoint in your organization, you decided to test the process out in a lab environment before you start the production deployment, you will add the endpoint into a newly created endpoint group and add that group into an already existing policy to test if the endpoint will police the traffic as expected.
Estimate Completion Time
40-45 mins
Course Reference
2101: B1TDC Architecture
2102: BloxOne Security Policies
Prerequisites
Administrative access to the CSP
Lab 2803: Configuring BloxOne Security Policies
Tasks
Task 1: Download BloxOne Endpoint
Task 2: Create an Endpoint Group and add the windows endpoint to the Endpoint group
Task 3: Add the endpoint group to the Security Policy
Task 4: Test the security Policy on the Windows endpoint
Task 1: Download BloxOne Endpoint
Download the correct Endpoint version for your windows machine.
install it on your lab's windows-testing machine.
Task 2: Create an Endpoint Group and add the windows endpoint to the Endpoint group
Create an endpoint group and name it Techblue Endpoints and add the windows endpoint into it.
Task 3: Add the endpoint group to the Security Policy
Add the endpoint group into the Techblue policy security policy as a data source.
Task 4: Test the security Policy on the Windows endpoint
Using your windows-testing machine, verify your policy rules are behaving as expected against the endpoint:
infoblox.com should be allowed and queried.
vanglabbeek.us should not be accessible.
Gambling.com should be redirected.
streamthembase.top a known malware domain should not be accessible.
Use security activity reports in CSP to verify the correct rules were triggered and the data source was your endpoint.
If you're using Firefox, the browser will block the domain before the request is sent out to any DNS servers and you will get the browser's own warning page and switch over to edge.
Solutions
Task 1 solution: Download BloxOne Endpoint
Switch to the testing-windows machine, and log in using Infoblox as your password.
Using your preferred web browser, navigate to *https://csp.infoblox.com* and log in with the credentials provided to you.
In your CSP browser window, navigate to Administration > Downloads, and click Download Windows Endpoint Client in the Endpoint section of the screen.
Once the download is complete, navigate to the Downloads folder and extract the zip file we just downloaded (make sure all the extracted items are in the same location).
Double-click BloxOneEndpoint.msi and click through the installation process.
Verify that BloxOne Endpoint software is installed, it should be visible in the icon tray.
Task 2 solution: Create an Endpoint Group and add the windows endpoint to the Endpoint group
Switch back to jump-Desktop and in your CSP browser window, navigate to Manage > Endpoints > Endpoint Groups.
Click Create Endpoint Group, give the name Techblue Endpoints then click Save & Close.
Navigate to Manage > Endpoints, select the windows endpoint, and click on the Move button.
Select Techblue Endpoint Group and click Move.
Task 3 solution: Add the endpoint group to the Security Policy
In your CSP window, navigate to policies > Security policies, select the policy we created in the previous lab Techblue-Policy, and click Edit.
Click the Network Scope section, click Add Source and choose Endpoint groups from the drop-down menu.
Click the arrow next to Techblue Endpoint Group to move it to the selected column then click Save & Close.
Task 4 solution: Test the security Policy on the Windows endpoint
Switch over to the testing-windows machine and open a browser window.
To test that AllowList is working we will look up infoblox.com, the domain should open normally.
To test that DenyList is working we will look up vanglabbeek.us, the domain should be inaccessible.
To test if our category filter Unwanted Content is working, we will look up gambling.com, we should be redirected to the default Infoblox redirect page, it looks like this:
To test our threat Insight & feeds rule we will look up streamthembase.top which is a known malware download domain using the web browser, the domain should be inaccessible.