Re: OpenDNS Users

[Kevin Wilcox <wilcoxkm () APPSTATE EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, May 24, 2013 at 09:48:53AM -0400, Greg Schmalhofer wrote:

>    Does anyone use the DNS service OpenDNS, either the free version or the
>    purchased product called Umbrella, for their campus DNS service? If so I'd
>    appreciate it if you could provide your thoughts on service. Or info if
>    you are using another similar product.

Greg -

we do NOT use it for campus services, we do our own sinkholing.

That said, I HAVE used it for personal use and I DO have my family members
use it if they ask me for help. I'm hesitant to use outside DNS because
of the risk of credential leakage from wonky applications, leaking
infrastructure details to outside parties, data exfiltration to OpenDNS
due to compromised hosts, increased difficulty in detecting
malware-infected hosts, etc., but in non-sensitive areas I think it's a
great service and I have seen, first-hand, OpenDNS catch malicious
traffic.

If you aren't comfortable with doing your own client DNS for whatever
reason -- lack of expertise, DR/BCP, lack of infrastructure -- then
certainly take a look at them. If you want DNS filtering and you aren't
comfortable with doing your own sinkholing then DEFINITELY take a look
at them. Having them as a sponsor/vendor at the SPC was a good thing for
a lot of schools without that expertise (says the guy who gave a
presentation on...doing your own sinkholing).

kmw

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAlGfekYACgkQsKMTOtQ3fKEcxACgiWPGTbTqX/gxQV+MNQ7HRK2c
S8MAoJ9f0XmIWlo6O9PE+n5fTEDggXCc
=Bs+f
-----END PGP SIGNATURE-----