Tuesday, December 29, 2009

Fix Slow Browsing — and More — With OpenDNS

For most small businesses, a reliable connection to the Internet is vital for both communication and commerce.

A key component of Internet access is the Domain Name System (DNS), which allows you to reach sites using familiar and user-friendly names like smallbusinesscomputing.com rather than inscrutable and difficult to remember IP addresses like

Whenever you access a Web site, send or receive e-mail, chat via instant messaging, or use any other type of Internet application, DNS is working behind the scenes matching domain names to IP addresses.

As you read this, your business is probably relying on ISP-provided DNS servers to reach sites and services on the Internet.

They often do an adequate job, but they’re prone to sluggishness (and sometimes outages). Switching your business over to the independent DNS service provider OpenDNS, on the other hand, can make Internet access a bit speedier and safer for everyone on your network, as well as provide added features like content filtering so you can determine which Web sites your employees can and can’t visit.

OpenDNS uses a combination of caching technology and a network of strategically located servers that generally perform DNS lookups much quicker than ISP servers do.

Considering that loading all the components of a single Web page can often involve lots of individual DNS lookups, saving even a fraction of a second on each can really add up.

OpenDNS also provides a phishing filter and checks every site you visit to make sure it’s legitimate before taking you to it.

Best of all, you can take advantage of OpenDNS for free (or at minimal cost) and without having to make any major configuration changes to your network or any of your computers.

Getting Started with OpenDNS

Getting up and running with OpenDNS ranges from easy to very easy.

If you’re a small firm that relies exclusively on ISP-provided DNS — that is, you don’t maintain your own DNS server — all you need to do is make a quick tweak to your router settings so that it uses OpenDNS’s DNS servers rather than your ISP’s.

The exact configuration steps vary by router, but it basically involves logging into it and looking for a screen similar to the one shown in Figure 1 where you can specify custom DNS servers. (The OpenDNS server addresses are and You can also get manufacturer and model-specific setup instructions for consumer and small office routers at the OpenDNS store.

If your company is running a DNS server, you’ll need to configure it to use OpenDNS to look up addresses outside your own network (i.e. on the Internet).

The configuration process is simple, and this page on the OpenDNS Web site will give you step-by-step instructions on how to change your DNS on Windows, Mac or Unix/Linux-based servers.

Regardless of which setup method you use, when you’re finished you’ll have the benefit of OpenDNS’s speed improvements and phishing protection.

You can then verify that OpenDNS is properly configured, and go to the test site to see the phishing filter in action.

Content Filtering
To take advantage of the aforementioned Web content filtering, you’ll need to take the extra step of  creating an OpenDNS Basic account (still free), so that the service can identify your specific network and apply unique settings to it.

OpenDNS identifies your network by the public IP address assigned to it by your ISP.

Although it’s not too common with business-class Internet service, if your network’s public IP address is dynamic — i.e. subject to periodic changes — you’ll need to run a small utility on one of your systems (preferably one that’s left running all the time).

This will detect any changes to your public IP and update OpenDNS accordingly. (You’ll see a link to the Dynamic IP software when you set up your network, but you can also download the utility.)

Once your OpenDNS account is created and your network defined, you’re ready to apply network-specific configuration options via the Settings tab.

For content filtering, you can use general settings —minimal, low, moderate, high — or customized ones to filter almost 60 specific categories of inappropriate or time-wasting content (e.g. adult, games, social networking, Webmail, etc.).

You’ll also have the option to block or allow access to particular domain names, known as whitelisting or blacklisting.  (See Figure 2.)

Other benefits of using OpenDNS with an account include the capability to view statistics about your network’s DNS usage, such as which domains were visited most and which access attempts were blocked.

You’ll also be able to customize the message that’s displayed when the phishing or content filter blocks a site, as well as on the guide page, which presents a list of suggested alternatives when someone types in an invalid or unresponsive address.

It’s worth noting that OpenDNS only knows about your network and not its users, so it won’t allow you to apply different settings to individual employees.

Similarly, OpenDNS collects network stats in aggregate; it will be able to tell you when someone attempts  to access a forbidden site, but not that it was Fred in accounting. (Sorry to narc on you, Fred.)

What’s the Catch?
At this point you might be wondering how OpenDNS manages to provide its service for free. As is so often this case, “free” really means “advertising supported,” and the upshot is that sponsored links will appear on every block and guide page. 

If you’ d rather not deal with the ads and are willing to ante up $5 per user per year — still pretty cheap — to make them go away, you can upgrade to OpenDNS Deluxe.

Aside from being ad-free the Deluxe version offers a handful of additional enhancements including more customization options and a much longer stats history. (See a detailed comparison between Basic and Deluxe.)

Note: Google recently released a DNS service of its own called Google Public DNS, which promises  speed and security benefits similar to OpenDNS, but it doesn’t currently offer any advanced/customizable features.

While switching to OpenDNS isn’t going to make an Internet connection that’s inherently slow lightning-quick, nor will it protect you against every form of Internet-borne malady, if you want Internet access with more speed and security and you want more control and insight over how your small business’s Internet connection is used, it’s worth checking out.

No comments:

Post a Comment