I'm in search of some solid DNS security services to enhance our web traffic and email link security. We previously used OpenDNS before Cisco took over, and now I'm hoping to find alternatives. A key aspect for us is the reporting functionality. I want better insights into how our users are engaging with AI sites as we're forming an AI committee and establishing policies. It would be great to have data on usage and an effective way to block AI sites without relying solely on the web filters in our firewalls or our EDR solution.
5 Answers
Consider blocking HTTPS/TLS/QUIC-based DNS using pfBlocker and managing browser configurations. You can disable root hints on your domain controllers and set pfSense DNS as a forwarder. For monitoring user web activity, I found success using Sysmon with Elastic Agent and Security Onion over just DNS server logs. Good luck with your initiatives!
Honestly, just using Google DNS might solve your problems. It’s straightforward and reliable!
I work with FlashStart Internet Filtering and would love for you to give us a try! We're quick and have specific categories for filtering AI providers, so you can easily track and block DNS activity related to them. Feedback would be appreciated!
You should definitely check out Cisco Umbrella again. It offers robust features like content categories, application allow/block lists, and a web proxy with full decryption. Plus, if you're managing S3 bucket logs, it's accessible with all your other security tools. It's not a cloud firewall, but it's really strong in DNS and web proxy capabilities, plus it doesn't slow things down in our setup.
Check out DefensX! It covers all your needs and can even report on browser extensions in use, which should help with your AI site management.
I've heard good things about DNSFilter for similar purposes.