Infoblox DDI
  • 20 Dec 2023
  • 4 Minutes to read
  • Dark
    Light
  • PDF

Infoblox DDI

  • Dark
    Light
  • PDF

Article Summary

Infoblox DDI consolidates DNS, DHCP, IP address management, and other core network services into a single platform, managed from a common console.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Infoblox Domain (required) - The hostname or IP address of the Infoblox DDI server.
  2. API version (required, default: 2.5) - Select the API version from the dropdown.
Note:

Additional discovery device objects are fetched, depending on the API version selected. For example, fetching chassis serial number information requires configuring at least API version 2.10.5 and selecting that version from the API version dropdown.

  1. Username and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets.

  2. Verify SSL - Select whether to verify the SSL certificate offered by the value supplied in Infoblox Domain. For more details, see SSL Trust & CA Settings.

  3. HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Infoblox Domain.

For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

InfobloxDDI


Advanced Settings

Note:

From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. CIDR exclude list (optional) - Specify a comma-separated list CIDR blocks to exclude (for example: 192.168.20.0/24,192.168.30.0/24).

  2. CIDR include list (optional) - Specify a comma-separated list of CIDR blocks to include (for example: 192.168.20.0/24,192.168.30.0/24).

  3. Fetch using Infoblox database download - Select this option to reduce fetch time by downloading a backup of the database instead of making API requests. Note that admin permissions are required for this option. This option only applies to the DHCP Lease and DNS Host Record asset types, the other asset types are still fetched via API requests.

  4. Filter results by the Discovered Data field - Specify whether to collect devices from Infoblox if their Discovered Data field has data.

  5. Results per page (required, default: 1000) - Set the number of results per page received for a given query to the Infoblox wAPI, to gain better control on the performance of all connections for this adapter.

  6. Time in seconds to sleep between each request (optional) - Specify sleeping time in seconds between each API request Axonius sends to Infoblox.

  7. Fetch lease information (required, default: true) - Select whether to fetch information from the 'lease' API endpoint. The 'lease' API endpoint is slower than 'ipv4address' API endpoint, but fetches much more information like 'Fingerprint' and discovery information.

  8. Fetch used addresses information - Select whether to fetch information from the 'ipv4address’ API endpoint. The 'ipv4address’ API endpoint is faster than the 'lease' API endpoint.

  9. Fetch A records - Select whether to fetch A records from Infoblox.

  10. Fetch HOST records - Select whether to fetch data from WAPI/record:host

  11. Fetch fixed addresses - Select whether to fetch data from WAPI/fixedaddress

  12. Fetch discovery device objects (optional) - Select to fetch discovery device objects. Additional discovery device objects are fetched, depending on the API version selected.

  13. Fetch IPAM statistics - Select to fetch data from WAPI/ipam:statistics.

  14. Do not parse Last Seen of A Records - Select to not parse Last Seen of A Records.

  15. Ignore A records discovered by NetMRI - Select to ignore A records discovered by NetMRI. If cleared, the adapter connection will fetch all A records if the Fetch A records is enabled.

  16. Use start time as last seen - Select to set the device Last Seen field value based on the fetched device's DHCP start time. If cleared, the adapter connections will use the fetched device's DHCP end time.

Note:

If Use start time as last seen is selected, you must also select Fetch lease information.

  1. Include lease states (optional) - By default, the following lease states of devices are not fetched: ‘ABANDONED', ‘BACKUP', 'EXPIRED', 'FREE', 'RELEASED'. If you want to include one or more of these lease states in the fetch, select the relevant lease states from the dropdown.
  2. Ignore all devices without last seen value - Select to ignore all devices without last seen value.

Note:

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

APIs

Axonius uses Infoblox APIs.

Required Permissions

The value supplied in Username must have at least Read-only permissions to access the devices.
To create a user with Read-only permissions

  1. Login to Infoblox as an administrator and select Administration > Roles.
    image.png
  2. Click the Plus sign on the right part of the page to add a new role.
    image.png
  3. Give this role an indicative name, and click Next. In the Extensible Attributes page, click Next again, then click Save & Add Permissions.
    image.png
  4. In the Permissions page, click the Plus sign to add permissions to the newly-created role.
    Axonius needs read-only permissions to the items displayed in the image. Select them and click Save & Close.
    image.png
  5. Navigate to "Groups" and click the Plus sign to create a new group.
    image.png
  6. Specify an indicative name for this group, and click Next.
    image.png
  7. Select the API option to enable API access for this group, and click the Plus sign to add a role to it.
    image.png
  8. Navigate to Custom Roles and click the newly created role.
    image.png
  9. Verify that the role is currently displayed in the Roles list. Verify that "API" is selected, and click Save & Close.
    image.png
  10. Click the newly created group, and then click the Plus sign to create a new user. Fill in the details and click Save & Close.
    image.png



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.