Sold by
Infoblox Threat Defense
Infoblox Threat Defense delivers preemptive DNS security to stop malware, ransomware, command-and-control (C2) communications, and DNS-based data exfiltration before they impact users or cloud workloads. It enriches SIEM, SOAR, and SOC operations with threat intelligence and automation.
Reviews (13)
Sanchit Makkar
Advanced DNS defense has blocked malicious domains and has improved threat investigation
Reviewed on May 05, 2026
Review provided by PeerSpot
What is our primary use case?
Our main use case for Infoblox BloxOne Threat Defense is blocking malicious domains over the internet for our customers.
A specific example of how we use Infoblox BloxOne Threat Defense to block malicious domains is that we have DNS firewall policies which inspect all DNS queries from end users in different locations, blocking any malicious DNS queries that match our DNS firewall policy to prevent users from reaching harmful sites.
We majorly interact with Infoblox BloxOne Threat Defense for on-prem users as well as roaming users using Infoblox agents.
How has it helped my organization?
Infoblox BloxOne Threat Defense has positively impacted our organization by effectively preventing any kind of DNS attack or zero-day attack that users are not aware of.
Since using Infoblox BloxOne Threat Defense, we have seen a significant number of malicious domains getting blocked, and we have sent this data to our security analysis team to check the trend of user behavior.
We have saved a lot of time by not digging into multiple tools for DNS threats because Infoblox BloxOne Threat Defense can log malicious queries on its own and send them to a security SIEM tool, which then triggers an incident, improving our timing on detecting malicious DNS queries in the environment.
What is most valuable?
Infoblox BloxOne Threat Defense offers a wide range of security feeds including malware, ransomware, domain generation algorithms, and many more types of feeds, along with security over category blocking of domains.
A unique feature in Infoblox BloxOne Threat Defense is the ability to identify look-alike domains, where we can input our own domains and public domains that may confuse users.
Security feeds such as malware, ransomware, and domain generation algorithms have helped our organization when an end user received a spam email containing a non-secure URL or a malicious domain, which was successfully blocked by Infoblox BloxOne Threat Defense, protecting our assets.
What needs improvement?
If I had to think of an area of improvement for Infoblox BloxOne Threat Defense, it would be for the support team to be more proactive, as normal questions could often be answered by a level one support team more effectively, given that they usually take a lot of time to respond to certain queries.
While customer support is pretty good, the knowledge of the support staff needs to be refreshed regularly, and they should be able to respond quickly when a case is locked with them, as I have noticed delays in response on a few occasions.
For how long have I used the solution?
I have been using Infoblox BloxOne Threat Defense for three years.
What do I think about the stability of the solution?
Infoblox BloxOne Threat Defense is a very stable solution.
What do I think about the scalability of the solution?
Since it is a SaaS solution, Infoblox BloxOne Threat Defense is highly scalable, allowing us to configure users to use DNS firewall policies and protect their DNS queries regardless of their location.
How are customer service and support?
Customer support is good, but sometimes there is a lack of clarity that the technical assistant team struggles to deliver, leading us to escalate cases for a more in-depth understanding of the tool.
Which solution did I use previously and why did I switch?
We previously used the open DNS security features from Cloudflare, but it was not a paid subscription, so we could not maximize the benefits, which is why we switched to Infoblox BloxOne Threat Defense.
How was the initial setup?
The licensing subscriptions come based on our usage, and we are using the BloxOne Threat Defense Advanced license to enable the best security standards for our enterprise, and the setup process was easy and smooth since it is subscription-based.
What about the implementation team?
While customer support is pretty good, the knowledge of the support staff needs to be refreshed regularly, and they should be able to respond quickly when a case is locked with them, as I have noticed delays in response on a few occasions.
What was our ROI?
Infoblox BloxOne Threat Defense is one of the best industry standards and one of the easiest tools to operate in the DDI and DNS security field, and I appreciate the features they provide, such as research, reporting, and the ease of configuring the DNS firewall.
What's my experience with pricing, setup cost, and licensing?
While customer support is pretty good, the knowledge of the support staff needs to be refreshed regularly, and they should be able to respond quickly when a case is locked with them, as I have noticed delays in response on a few occasions.
Which other solutions did I evaluate?
We did not evaluate any other options before choosing Infoblox BloxOne Threat Defense; it was our first and final product that we implemented.
What other advice do I have?
Infoblox BloxOne Threat Defense is deployed in our organization in the public cloud.
Since it is a SaaS solution, Infoblox BloxOne Threat Defense is highly scalable, allowing us to configure users to use DNS firewall policies and protect their DNS queries regardless of their location.
Infoblox BloxOne Threat Defense is one of the best industry standards and one of the easiest tools to operate in the DDI and DNS security field, and I appreciate the features they provide, such as research, reporting, and the ease of configuring the DNS firewall.
I have not noticed any use case where Infoblox BloxOne Threat Defense needs improvement; it is a very robust tool with all the good features built in from the vendor.
My advice for others looking into using Infoblox BloxOne Threat Defense is that it is a powerful tool, and they should take a demo from the vendor to understand their own use cases; the overall implementation is easy and accurate, and once you have hands-on knowledge, day-to-day management on BloxOne Threat Defense becomes straightforward.
Overall, Infoblox BloxOne Threat Defense is a wonderful tool—one of the best we have used for DNS security, and if any enterprise needs such a solution, they should definitely consider this product to find value in the platform. I give this product a rating of 10 out of 10.
AwaisSajid
Improved threat visibility has strengthened DNS security and automated real-time policy decisions
Reviewed on Mar 31, 2026
Review provided by PeerSpot
What is our primary use case?
I have not integrated Infoblox BloxOne Threat Defense with other security tools, but recently, I believe I have integrated it with a SIEM solution.
What is most valuable?
I find all the features of Infoblox BloxOne Threat Defense, including asset discovery as well as DNS security, most valuable. Most importantly, they are introducing universal DDI and NIOSx. These are all very beneficial for organizations looking for DDI solutions.
The real-time analytics feature of Infoblox BloxOne Threat Defense is a good one as well.
The threat intelligence feature, specifically predictive threat intelligence, is one of the core selling features of Infoblox BloxOne Threat Defense. The automated policy enforcement in minimizing human error is quite easy as well. However, I would like to mention that if you block those lists which are whitelisted in your organization by mistake, then nobody is going to access that because it is working on the DNS layer.
What needs improvement?
I believe that blacklisting in Infoblox BloxOne Threat Defense cannot be simplified. From the perspective of what I can modify, there is nothing and no improvement needs to be required. You need to be cautious when you are deploying the policy. Otherwise, it is quite easy to deploy. With just a single click, you can deploy it, and with just a single click you can set whether you are allowing the traffic or blocking it.
For how long have I used the solution?
I have been dealing with Infoblox BloxOne Threat Defense for more than a year.
How are customer service and support?
I rate my experience with their technical support above ten. They are really good at it.
How was the initial setup?
Integrating Infoblox BloxOne Threat Defense was quite easy. You just need to deploy a single VM and you need to start a service on it and then you are good to go.
What's my experience with pricing, setup cost, and licensing?
I find the pricing of Infoblox BloxOne Threat Defense reasonable. They have recently changed the pricing model and shifted to a token-based system. I believe that this is a more modern method being utilized by all the security vendors nowadays.
What other advice do I have?
I believe that there is no improvement needed for Infoblox BloxOne Threat Defense. I believe that it is a really up-to-date product. Regarding additional features in the future to make Infoblox BloxOne Threat Defense even better, we contact Infoblox regarding different features. Looking at their labs feature, they are introducing those features as well. You can now discover new assets regarding Oracle as well. You can integrate your vulnerability assessment tools with it. There are a lot of things that are coming up in Infoblox, so I believe there is nothing that I would add at this moment. I rate this product 9.5 out of 10.
reviewer2703357
Valuable analytics integration improves data insights but needs fewer restrictions
Reviewed on May 16, 2025
Review provided by PeerSpot
What is our primary use case?
I can describe some of the use cases for the product in general. I'm working with the Infoblox BloxOne Threat Defense for the government, but I'm not sure if I can provide much information about that because it's secret-related.
What is most valuable?
What is valuable about the Infoblox BloxOne Threat Defense is especially the monitoring and reporting, which provides valuable information. The integration with any SIEM is very valuable for getting DNS query analytics, and this is very important.
The threat analytics tools in the Infoblox BloxOne Threat Defense improve security response through integration with another platform, allowing you to gain insights on your own data happening within your own Infoblox BloxOne.
What needs improvement?
Many things can be improved with the Infoblox BloxOne Threat Defense. I don't have specific improvements in mind, but there are many tools that can be enhanced.
I can give you an example: having too many restrictions in a platform is not a good thing for the developers.
For how long have I used the solution?
I have had 4 years of experience with the Infoblox BloxOne Threat Defense.
How are customer service and support?
I would rate their customer service or technical support as not always good. You can be fortunate if you meet someone knowledgeable because most people try and get you to a certain point. It depends on your level of technical expertise. From my perspective, I would say it's not good. From my experience, it seems to vary, and it's less relevant from an objective perspective.
Which other solutions did I evaluate?
The main differences between BlueCat and Infoblox BloxOne depend on your licensing, and there are various aspects to consider.
I think the pricing for the Infoblox BloxOne Threat Defense is very expensive. I believe the competitor, BlueCat, offers better prices.
What other advice do I have?
I know that the Infoblox BloxOne Threat Defense supposedly has AI integrated according to suppliers, but personally, I don't use any AI tool to work with it. That being said, it's a black box, and it's not a Linux machine that you can add features to at will.
Overall, I would rate the Infoblox BloxOne Threat Defense as 8.5 out of 10.
reviewer2702031
User-friendly interface and powerful analytic reporting enhance threat defense capabilities
Reviewed on May 06, 2025
Review provided by PeerSpot
What is our primary use case?
I primarily use Infoblox BloxOne Threat Defense in the banking sector and oil and gas industries.
What is most valuable?
The most useful aspect of Infoblox BloxOne Threat Defense is its user-friendly interface and its powerful analytic reporting. The product has been implemented in the banking sector.
What needs improvement?
If Infoblox invests in network observability, especially from the perspective of DNS and IP address observability, it could be a significant improvement.
For how long have I used the solution?
I have experience with this product for eight months.
What do I think about the stability of the solution?
I have faced quite a few problems in my eight months of experience with the product in GTS, despite it being a relatively short period.
What's my experience with pricing, setup cost, and licensing?
Infoblox BloxOne Threat Defense can be expensive for the commercial sector, particularly in Egypt, as this sector does not have a huge budget compared to banking or oil and gas, as the regulations are not as strict.
What other advice do I have?
My overall rating for Infoblox BloxOne Threat Defense is eight out of ten.
reviewer2183721
Improving DNS security posture with comprehensive threat detection
Reviewed on Mar 12, 2025
Review provided by PeerSpot
What is our primary use case?
We use Infoblox BloxOne Threat Defense for protecting against DNS tunneling, malware detection, DGA, and other threats. All our requests in the direction to the internet go through Infoblox BloxOne Threat Defense.
What is most valuable?
The most valuable features include malware detection, phishing, DNS tunneling detection, DGA, and DNS firewall feeds. Our network's DNS security posture has improved because of these features. It is important for us because the tool helps us handle security issues effectively.
What needs improvement?
The UI performance could be better in the future, as sometimes there are delays. Additionally, DNS resolution speed could be improved to match that of Google DNS or Cloudflare DNS.
For how long have I used the solution?
We have used the solution for more than a year.
What was my experience with deployment of the solution?
We did not face any challenges during the initial setup. The setup is quite easy, and the implementation took about two to three months. We simulated all traffic and spent time tuning rules before full deployment.
What do I think about the stability of the solution?
The stability of Infoblox BloxOne Threat Defense is near perfect at a rating of ten. Stability is critical for us because each DNS call is crucial for our services, and any issues with Infoblox BloxOne Threat Defense would impact our services.
What do I think about the scalability of the solution?
Infoblox has to manage scalability, so we can't do much about it. However, it is quite scalable, with a rating of eight or nine.
How are customer service and support?
Customer service is rated as an eight. They responded quickly and effectively when we experienced some over-blockings recently.
Which solution did I use previously and why did I switch?
We previously used solutions from Spamhaus and others. We switched to increase our security maturity, as many attacks are related to DNS, and we needed to detect such issues.
How was the initial setup?
The initial setup was rated an eight, indicating it was mostly easy with no significant challenges.
What about the implementation team?
Two people were involved in the deployment process.
What's my experience with pricing, setup cost, and licensing?
Infoblox BloxOne Threat Defense is quite expensive, especially due to the significant increase in the subscription fee after the first year. This unexpected increase was a problem for us.
Which other solutions did I evaluate?
We evaluated other vendors, but Infoblox BloxOne Threat Defense was chosen. Specifics on other evaluations were outside my scope.
What other advice do I have?
I rate Infoblox BloxOne Threat Defense as an eight overall. While the tool offers valuable features and stability, the unexpected subscription price increases remain a concern.
Akshay B.
Tough Security Solution with Some Setup Challenges
Reviewed on Sep 03, 2024
Review provided by G2
What do you like best about the product?
"BloxOne Threat Defense is great for spotting and reacting to cyber threats instantly, so you stay protected without slowing things down.
It works well with your existing tools and uses the latest threat info to keep your network safe." It's easy to use.
Customer support is top-notch and I used to use frequently.
It works well with your existing tools and uses the latest threat info to keep your network safe." It's easy to use.
Customer support is top-notch and I used to use frequently.
What do you dislike about the product?
One thing to watch out for with BloxOne Threat Defense is that it can be a bit complex to set up and might be more expensive than some other options. It might take a bit of work to get everything just right.
What problems is the product solving and how is that benefiting you?
BloxOne Threat Defense keeps your network safe by catching cyber threats before they become serious issues. It works well with your current security setup, making it easier to protect your systems without a lot of extra effort.
Igor Van Den Ouden
A hybrid solution for DNS security with insights and security reports
Reviewed on Mar 28, 2024
Review from a verified AWS customer
What is our primary use case?
We use the solution for DNS security.
How has it helped my organization?
The solution provides insights into what’s happening on the network. It enriches the information internally.
What is most valuable?
The most valuable feature is policy redirecting and security reports. It detects threats and blocks them. Also, it offers DNS handling and data extraction. It provides a centralized view of connected users and incoming data sources. It is integrated via the API to different monitoring systems that send out alerts. We haven't had any false positives due to this solution.
What needs improvement?
The product could be cheaper.
For how long have I used the solution?
I have been using Infoblox BloxOne Threat Defense as a consultant. We are using the latest version of the solution.
What do I think about the stability of the solution?
The product is very stable.
I rate the solution’s stability a ten out of ten.
What do I think about the scalability of the solution?
We have no issues with the scalability. 10-15 users are using this solution. It is suitable for medium and enterprise users.
I rate the solution’s scalability a ten out of ten.
How are customer service and support?
Technical support is very good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Cisco Umbrella is more flexible and a very good competitor.
How was the initial setup?
The initial setup is very straightforward. It is a SaaS solution designed for cloud security. The on-premises part is easily implemented. It facilitates a complete migration for comprehensive use cases. It takes about a month to get everything migrated, with fine-tuning and thorough testing.
Deployment involves planning, testing scenarios, defining acceptance policies, and then gradually migrating small network parts to utilize them effectively.
I rate the initial setup a nine out of ten, where one is difficult and ten is easy.
What's my experience with pricing, setup cost, and licensing?
The product is expensive depending on all features.
I rate the product’s pricing an eight out of ten, where one is cheap, and ten is expensive.
What other advice do I have?
I recommend the solution for extra insights and protection.
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Som Dutt S.
BloxOne Threat Defense
Reviewed on Nov 22, 2023
Review provided by G2
What do you like best about the product?
This is an excellent tool for managing threat which may be external and internal with reporting feature. It is easy to implement and use and it has nice customer support. We use it daily and very to integrate for API implementation.
What do you dislike about the product?
There is nothing which I disliked about this tool.
What problems is the product solving and how is that benefiting you?
BloxOne Threat Defense helping to solve issues for client for managing various services. It is available on cloud which makes it easy to login from anywhere.
Andrew S.
Great customer service!
Reviewed on Nov 22, 2023
Review provided by G2
What do you like best about the product?
We recently had some minor with BloxOne Threat Defense and needed some immediate assistant. When we contacted them, they were swift, friendly and answered our questions within minutes!
What do you dislike about the product?
I have not yet had any ready complaints about BloxOne Threat Defense. They have helped keep ourselves secure and have provided assistance when we needed it.
What problems is the product solving and how is that benefiting you?
Using their unique analytics platform, they help monitor and stop communication between potential threats and provide overall DNS security.
Ahmed Hesham
The tool is stable and scalable and is one of the best DNS solutions in the market
Reviewed on Nov 06, 2023
Review provided by PeerSpot
What is our primary use case?
The solution can be used for DNS security. We sold it to a bank.
What is most valuable?
The product is stable. It’s the best DNS solution.
What needs improvement?
The product is slightly more expensive compared to other DNS solutions.
For how long have I used the solution?
I have been selling the solution for a year. I have sold it only once.
What do I think about the stability of the solution?
I have never heard a negative comment about the tool’s stability from the customer.
What do I think about the scalability of the solution?
The tool is scalable. Most of our customers use Infoblox. I have sold it to one customer. The others had it already.
Which solution did I use previously and why did I switch?
Infoblox is more expensive than Palo Alto.
How was the initial setup?
The initial setup is easy. We provide both cloud and on-premise solutions. The deployment takes one to two weeks.
What's my experience with pricing, setup cost, and licensing?
The license fee can be paid annually, once in three years, or once in five years.
What other advice do I have?
I would recommend the solution to others. If someone has the budget, it’s a very good product. Overall, I rate the tool an eight out of ten.