How to choose the right DNS provider for the job

As mentioned in our earlier blog post, DNSFilter is focused on servicing MSP’s and operators of multiple networks. We will discuss how and why DNSFilter is right for this job. However, what if you are not a managed service provider? Here are our picks for the best DNS content filtering solutions out there depending on your need:

Home:


Home users typically have the most basic requirements. As a home user, you are most likely simply trying to secure your home network against being able to visit adult web sites and inappropriate content, in order to keep the internet safer for your children. In this case, I would suggest OpenDNS’s Family Shield service. This is a “set it and forget it” method. Simply point your home router to their DNS servers and filtering will occur against adult content. If you need something more involved than this, or want to see statistics then perhaps it’s time to look at DNSFilter, or OpenDNS’s next level product — HomeVIP. HomeVIP is essentially the deprecated version/pre-cursor to Umbrella.

Where DNSFilter Excels:


DNSFilter is focused on providing the best solution for managed service providers (MSPs), operators of multiple networks, wireless ISPs (WISPs), ISPs and small and mid-level organizations. These networks are typically bring-your-own-device (BYOD) networks.

Essentially, any customer looking to provide content filtering and threat protection that must be backed by analytics and a strong anycast network for global or regional reach is the perfect customer for DNSFilter. Our strong suit is the ability to provide transparent pricing, a clean interface and the ability to get you up and running faster than any other provider on the market.

Enterprise:


Where DNSFilter currently starts to become a second choice is in the Enterprise market, in my opinion. This is not due to scale — we can handle billions of requests. The situation in which DNSFilter may not be the primary choice for an Enterprise really only comes into play if the Enterprise is looking to provide on-device protection by deploying user agents/programs that control the device’s DNS settings and force requests through a DNS content filter even when the device is out of the network. In most cases, OpenDNS’s umbrella solution is best for this.

However, that being said, DNSFilter can provide the same functionality using third party software. Here are a few examples of software that can be used on your devices to stick with DNSFilter for content filtering while traveling outside of your network:

iOS: DNS Override

Mac OS: Updater client, such as DynDNS Updater and manually setting DNS.

Windows: Updater client, such as DynDNS Updater and manually setting DNS.

Android: DNS Changer and Dynamic DNS Updater

Linux: Updater client, such as DynDNS Updater and manually setting DNS.

What about local/hardware based filtering options:

While appliance based content filtering devices such as those produced by Barracuda, Websense, Palo Alto Networks or Fortinet can be functional, I simply cannot recommend them for most of our target customers. It is my feeling that any appliance-based service is moving towards deprecation industry-wide, at least as a majority. The downsides of an appliance is that it costs a lot of money upfront, you must maintain it, there are license fees and support fees forever. Finally, it can also become a point of slowdown on your network as traffic increases.

That being said, DNS filtering does have its limits. It’s part of the ‘onion layers of security’. For a BYOD network, having Network Address Translation (NAT) in place, along with a DNSFilter, is a great first step. Since you don’t control the end-points, you can’t force them to have anti-virus protection; but DNSFiltering can help limit the extent of damage infected nodes can do to the network. By limiting Command and Control botnet connectivity, you can prevent infected nodes from participating in Denial of Service attacks, sending spam, and other malicious actions which can degrade the performance of your network, and cause you to deal with notices from your ISP.

Corporate networks, where they own and control end-points have more control, and have additional layers of security to consider, but often fall victim to those protections being at the office. When increasingly mobile staff is on the road, at a hotel with their company laptop, they also need protection. This is where you need to make sure your only layers of protection are not ‘big boxes’ looking at network traffic at the office.

 

 

Search
  • There are no suggestions because the search field is empty.
Latest posts
2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025 2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025

Earlier this month I joined Mikey Pruitt, our Global Partner Evangelist, on the DNSFilter podcast dnsUNFILTERED to discuss my 2025 cybersecurity predictions. We had a lot of fun and covered all of the points I’ll outline here, but I wanted to go deeper. My 30 years of cybersecurity experience have given me a strong sense of where we’re heading as an industry—the shift to the cloud in many ways is a precursor in the adoption of AI and the future...

From Reactive to Proactive: How to Create a DNS Security Strategy that Stops Attacks From Reactive to Proactive: How to Create a DNS Security Strategy that Stops Attacks

Most businesses only think about DNS security after an attack has already occurred. By then, the damage is done - downtime, lost revenue, compromised data, and a tarnished reputation. In an environment where cyber threats are constantly evolving, a reactive approach to DNS security simply isn’t enough.

How MSPs Can Enhance Customer Experience with Technology How MSPs Can Enhance Customer Experience with Technology

Customer experience is the secret sauce that sets successful Managed Service Providers (MSPs) apart from the rest. In a market teeming with competition, you need to offer more than the best technology or the lowest prices. It's about how clients feel when they interact with your services. A stellar customer experience can transform a one-time client into a loyal advocate, while a poor one can send them running to your competitors. According to a ...

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.