2805 - Utilizing BloxOne Country-Based Response Policy Zones (RPZ)
Cloud Services Portal (CSP) is now Infoblox Portal
In early September, Cloud Services Portal (CSP) became Infoblox Portal with a new look-and-feel, and a new URL (https://portal.infoblox.com). As a result of this change, the layout and organization of several menus have been updated.
Unfortunately, this means that our video courseware and lab guides no longer match the new user interface. However, we are currently in the process of updating them, and they should be ready soon.
In the meantime, we have some resources to help you navigate the new interface:
We have created a mapping of the previous menu locations and their new breadcrumb location.
Additionally, you can find a walkthrough video of the new User Interface on Launchpad.
We apologize for any inconvenience this may cause and kindly ask for your patience as we work through this transition.
Scenario
You're tasked to deploy BloxOne country-based RPZs to block traffic from certain countries, this is to keep your organization in line with new regulatory demands, you will add Russia, North Korea and China to your RPZ and test out the RPZ functions as intended.
Estimate Completion Time
30-50 mins
Course Reference
2104: Creating Custom and Country Based RPZ with BloxOne TIDE
Prerequisites
Administrative access to the CSP
Lab 2804: Managing BloxOne Endpoints
Tasks
Task 1: Create a Country based RPZ
Task 2: Add the country-based RPZ to the security policy
Task 3: Verify Country-Based RPZ work
Task 1: Create a Country based RPZ
Create a new country based RPZ and name it blocked-countries
Add Russia, China and North-Korea to the RPZ
Task 2: Add the country-based RPZ to the security policy
Add the county based RPZ into the techblue Policy security policy
Task 3: Verify Country-Based RPZ work
Verify that the feed has been populated on CSP
Using your testing-windows machine browse dzen.ru to verfiy the RPZ is working.
Please wait for 20-30 minutes for the records to be synchronized, the feed will display no records immediately after creation.
Solutions
Task 1 solution: Create a Country based RPZ
Switch to jump-Desktop, in your CSP browser, and navigate to Manage > TIDE Data > Country-based RPZ.
Click the Add Country Based RPZ button and set the feed name to blocked-countries.
Add the countries Russia, China, and North Korea to the Include list by clicking the arrow next to each of them, then click Save & Close.
Task 2 solution: Add the country-based RPZ to the security policy
In your CSP browser, navigate to Policies > Security Policies, check the policy we have been working with in previous labs Techblue-Policy, and click Edit.
Click on the policy rules section, click on Add Rule, and choose Feeds and Threat Insight (this should be the fifth rule on the list).
Set the name to be your country-based RPZ feed name blocked-countries and with the action Block-Default Redirect, then click finish and Save & Close.
Task 3 solution: Verify Country-Based RPZ work
In your CSP browser, navigate to Policies > On-Prem DNS Firewall and click the Feed Configuration Values button, your created RPZ should be at the bottom of the list
Switch to the testing-windows machine, surf dzen.ru using your web browser, and you should be redirected to a page like this:
Please wait for 20-30 minutes for the records to be synchronized, the feed will display no records immediately after creation.
