From Infoblox 7.x DNS Security Technical Implementation Guide
Part of SRG-APP-000516-DNS-000103
Associated with: CCI-000366
Infoblox NIOS is updated on a regular basis to add feature support, implement bug fixes, and address security vulnerabilities. NIOS is a hardened system with no direct user access to the software components. The review of security vulnerabilities such as MITRE Common Vulnerabilities and Exposure (CVE) can be accomplished by review of the running system NIOS version and published security information. Review of specific or individual software component versions within NIOS is not sufficient validation, as Infoblox modifies these software components and may or may not be subject to vulnerabilities that exist in unmodified publicly available source code.
Infoblox systems utilize a modified version of BIND DNS software which adds features as well as addresses security issues outside of those provided by ISC. Infoblox systems are provided as a hardened appliance, and do not allow user access or upgrading of software components including BIND. The Infoblox support portal is the authoritative source to validate version and applicability of vulnerabilities. Verify the NIOS version by review of "Grid, Upgrade" tab to show all members are at the current version. Utilize the Infoblox support knowledgebase to obtain current version information. If Infoblox NIOS is not at the current approved version level, this is a finding.
Log on to the support site and download the current version of NIOS and perform a Grid upgrade. Refer to the Infoblox NIOS Administration Guide if necessary.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer