Building on our collaboration with AWS, we’re announcing the availability of Infoblox managed rules on AWS Marketplace, part of AWS Marketplace managed rules for AWS Network Firewall. This integration delivers predictive, DNS-based threat intelligence directly within AWS Network Firewall, enabling organizations to strengthen their AWS Cloud network perimeter and stop threats before they impact workloads.
This launch represents more than new functionality; it marks a major step toward advancing preemptive protection for AWS customers. By combining Infoblox’s predictive Threat Intel intelligence with AWS Network Firewall’s native policy enforcement, organizations can block malicious domains earlier in the attack chain, reduce operational complexity and accelerate their journey toward proactive, automated cloud protection.
Figure 1. AWS Network Firewall console showing Infoblox managed rules subscription activation
From Reactive to Predictive: A Shift in Mindset
For too long, security has been defined by reaction, where organizations wait for alerts, chase incidents and remediate after compromise. But attackers have changed the game.
They use automation, AI and rapidly shifting infrastructure to stay ahead of static defenses. In this new era, waiting for patient zero to detect an attack or breach is a losing game and no longer an option in the modern cloud environment. Security must become predictive, powered by intelligence that identifies malicious domains and infrastructure before they are weaponized to be blocked.
Infoblox Threat Intelligence detects and blocks threat actor infrastructure an average of 68.4 days earlier than traditional detection and response tools, helping organizations move from reacting to predicting and from predicting to preempting.
This shift from reactive to proactive security is not just a change in philosophy; it delivers practical benefits for AWS users and security teams today.
Why It Matters for Cloud Engineers and Security Teams
For AWS Cloud Engineers
Infoblox managed rules let you activate predictive, DNS-based threat protection directly from AWS Network Firewall, with no additional infrastructure, agents or manual rule writing required. This gives engineers a fast, native way to secure Amazon Virtual Private Cloud (VPC) traffic and cloud workloads against domain-based threats while maintaining full AWS-native control and visibility.
For Security Teams
The Infoblox integration delivers earlier visibility into DNS-layer threats, fewer false positives and stronger alignment with Zero Trust principles. Its predictive intelligence maintains a false-positive rate as low as 0.0002 percent, ensuring protection doesn’t come at the expense of performance or accuracy. This preemptive protection integrates naturally into existing AWS workflows, allowing teams to enforce consistent policy across on-prem and cloud environments with the same predictive intelligence.
How the Integration Works
Infoblox managed rules available on AWS Marketplace allow customers to easily subscribe to curated, DNS-based threat intelligence directly from the AWS Network Firewall console.
Each rule group, built on Infoblox’s predictive intelligence, helps firewalls block connections to malicious domains used for phishing, command-and-control (C2) communication, data exfiltration and other attacks.
These rules receive automated feed updates, keeping protections current without manual maintenance and ensuring continuous defense against emerging threat actor infrastructure.
Defense-in-Depth for AWS Environments
The AWS Well-Architected Framework Security Pillar emphasizes defense-in-depth and multiple reinforcing layers of protection across workloads. Infoblox’s managed rules integration strengthens that strategy by adding the domain layer, a high-leverage control that can disrupt an attacker’s infrastructure before it reaches workloads.
When DNS-based intelligence blocks a domain, it prevents connections at every level: applications, endpoints and workloads. The result is fewer alerts downstream and greater resilience upstream. According to IBM’s Cost of a Data Breach Report 2025,1 the average global cost of a data breach is $4.44 million, and $10.22 million in the United States—proof that early prevention delivers measurable savings when it matters most.
Part of a Broader Vision: Preemptive Security Everywhere
At Infoblox, we believe DNS is more than a network utility; it’s a strategic control point for modern cybersecurity.
Our innovations in Infoblox Threat Defense™ and now this collaboration with AWS enable us to help organizations implement a consistent, predictive layer of protection across both on-premises and cloud environments.
This is another step in our mission to make preemptive protection accessible wherever your workloads live, from the edge to the core to the cloud.
Get Started
Infoblox managed rules for AWS Network Firewall are now available in the AWS Marketplace for public preview. The Limited Preview version allows customers to quickly enable the capability and provide feedback, and it has a subset of Infoblox threat intelligence signals optimized for the AWS Network Firewall. A full set of Infoblox threat intelligence signals for AWS Network Firewall is planned for availability at GA.
Activate Infoblox’s Protective DNS intelligence directly in AWS Network Firewall to strengthen your cloud perimeter protection today. Learn more at our AWS Marketplace listing for Infoblox’s managed rules.
Footnotes
- Cost of a Data Breach Report 2025, IBM, 2025. https://www.ibm.com/reports/data-breach
