OpenDNS

The name "OpenDNS" refers to the DNS concept that queries are accepted from any source. It is not related to open source software; the service is based on closed-source software.

OpenDNS offers DNS resolution as an alternative to using Internet service providers' DNS servers or locally installed DNS servers. OpenDNS has adopted and supports the DNSCurve secure protocol.{{cite web|url=https://blog.opendns.com/2010/02/23/opendns-dnscurve/ |title=OpenDNS adopts DNSCurve, official OpenDNS blog entry |date=23 February 2010 |publisher=Blog.opendns.com |access-date=2011-08-21}}

OpenDNS provides the following recursive nameserver addresses{{cite web|url=https://www.opendns.com/support/article/115|title=OpenDNS > Support > Knowledge Base > Additional (3rd and 4th) OpenDNS Addresses|publisher=OpenDNS|access-date=2011-09-21|archive-url=https://web.archive.org/web/20130527163849/http://www.opendns.com/support/article/115|archive-date=2013-05-27|url-status=dead}} for public use, mapped to the nearest operational server location by anycast routing.

OpenDNS also provides the following recursive nameserver addresses as part of their FamilyShield{{Cite web|url=https://www.opendns.com/setupguide/|title=Setup Guide|website=OpenDNS}} parental controls that block pornography, proxy servers, and phishing sites.

OpenDNS Sandbox is an RFC-compliant DNS service that does not provide any level of filtering.

In July 2013 OpenDNS said that it handled over 50 billion DNS requests daily.{{cite web|url=https://blog.opendns.com/2013/07/30/opendns-turns-seven//|title=Seven Years of Innovation, and Beyond|publisher=OpenDNS|date=2013-07-30|access-date=2016-02-08|archive-url=https://web.archive.org/web/20160316095749/https://blog.opendns.com/2013/07/30/opendns-turns-seven/|archive-date=2016-03-16|url-status=dead}}

In many cases OpenDNS provides only negligible performance gain,{{cite web|url=https://www.pcmag.com/article2/0,2817,2163026,00.asp|title=OpenDNS Review & Rating PCMag.com |publisher=pcmag.com |date=2007-07-26|access-date=2012-02-20}} but may process queries more quickly than an ISP with slow DNS servers.{{cite web |url=http://www.neowin.net/index.php?act=view&id=38726 |title=OpenDNS: What's Your Take? |publisher=Neowin.net |date=2007-03-13 |access-date=2010-04-20 |archive-url=https://web.archive.org/web/20081025111305/http://www.neowin.net/index.php?act=view&id=38726 |archive-date=2008-10-25 |url-status=dead }} DNS query results are sometimes cached by routers (e.g., local ISPs' queries may be cached by ISPs' home routers), the local operating system or applications, so differences in speed may be noticeable only with requests that are not stored in a local cache.

On May 13, 2007, OpenDNS launched a domain-blocking service to block web sites or non-web servers by categories, allowing control over the type of sites that may be accessed. The categories can be overridden through individually managed blacklists and whitelists. In 2008, OpenDNS changed from a closed list of blocked domains to a community-driven list allowing subscribers to suggest sites for blocking; if enough subscribers (the number has not been disclosed) concur with the categorization of a site, it is added to the appropriate category for blocking. {{As of|2014}} there were over 60 categories. The basic OpenDNS service does not require users to register, but using the customizable block feature requires registration.{{cite web|url=http://pctechnotes.com/how-to-protect-your-kids-online-using-opendns/|title=How to Protect your Kids Online using OpenDNS |publisher=PCTechNotes|date=2009-03-17 |access-date=2011-08-22}}

Other free, built-in features include a phishing filter. OpenDNS also run a service called PhishTank for users to submit and review suspected phishing sites.

OpenDNS supports the DNSCrypt protocol, which authenticates DNS traffic between the user's computer and the name servers.{{cite web|url=https://dnscrypt.org/|title=DNSCrypt A protocol for securing communications between a client and a DNS resolver|publisher=www.dnscrypt.org |date=2014-08-19|access-date=2014-08-19}} This requires installing free software onto supported devices.{{cite web |url=http://ports.su/net/dnscrypt-proxy |title=net/dnscrypt-proxy: dnscrypt-proxy-1.4.3 – secure communications between a DNS client and resolver |work=OpenBSD ports |date=2015-01-06 |access-date=2015-02-09}}

In December 2007 OpenDNS began offering the free DNS-O-Matic{{Cite web|url=http://dnsomatic.com/|title=DNS-O-Matic | Distribute dynamic IP changes to multiple services (dnsomatic.com)|website=dnsomatic.com}} service to provide a method of sending dynamic DNS (DDNS) updates to several DDNS providers using DynDNS's update API.{{cite web|url=http://www.prweb.com/releases/2007/12/prweb573680.htm |archive-url=https://web.archive.org/web/20081025092331/http://www.prweb.com/releases/2007/12/prweb573680.htm |url-status=dead |archive-date=October 25, 2008 |title=OpenDNS Announces DNS-O-Matic: Free Service to Simplify Residential ISP and Small Businesses' Dynamic DNS Service |publisher=Prweb.com |access-date=2010-04-20}} In October 2009 OpenDNS launched charged-for premium services called Home VIP that offer increased reporting and block features, and other services.

In 2009 OpenDNS launched OpenDNS Enterprise,{{cite web|url=https://blog.opendns.com/2009/10/21/opendns-deluxe-and-opendns-enterprise-have-arrived/ |title=OpenDNS Deluxe and OpenDNS Enterprise have arrived|publisher=OpenDNS |access-date=2009-10-21}} a first foray into enterprise-grade network security. OpenDNS Enterprise included the ability to share management of the product across a team, along with an audit log, expanded malware protection, daily network statistic reports, and a custom block page URL.

OpenDNS expanded on the Enterprise product in July 2012 with OpenDNS Insights.{{cite web|url=http://www.hostsearch.com/news/internet-security-provider-opendns-announces-full-availability-of-enterprise-insights.asp|title=Internet Security Provider OpenDNS Announces Full Availability of Enterprise Insights|publisher=HostSearch |access-date=2012-07-05}} This new service featured integration with Microsoft Active Directory, which allowed admins granular control over creating policies on a per-user, per-device, and per-group basis.

In November 2012 OpenDNS launched its network security product suite called Umbrella,{{cite web|url=https://umbrella.cisco.com/products/features |title=Threat intelligence to see attacks before they launch |publisher=cisco.com |date=2016-06-15}} designed to enforce security policies for mobile employees who work beyond the corporate network using roaming devices such as Windows and Mac laptops, iPhones, and iPads, and provides granular network security for all devices behind the network perimeter.

In February 2013 the company launched the OpenDNS Security Graph{{cite web|url=http://threatpost.com/predictive-security-analytics-tool-available-free-researchers-020513/77490 |title=Predictive Security Analytics ToolAvailable Free to Researchers |publisher=threatpost.com |date=2013-02-05}} to support Umbrella. Security graph is a data-driven threat intelligence engine that automatically updates malware, botnet, and phishing domain and IP blacklists enforced by Umbrella. The data is sourced from the DNS requests OpenDNS receives, plus the BGP routing tables that are managed by OpenDNS's network operations center.

OpenDNS introduced the Investigate feature to Umbrella in November 2013. It allows security teams to compare local to global traffic to help determine the intent of an attack, and help incident response teams prioritize events. In January 2014 the Intelligent Proxy{{cite web|url=https://engineering.opendns.com/2014/05/01/proxy-platform/|title=Proxy as a Platform |publisher=engineering.opendns.com |date=2014-05-01}} feature was added to the Umbrella suite. The OpenDNS Intelligent Proxy only proxies connections if the requested domain is scored as suspicious or tagged as partially malicious by OpenDNS Security Graph.

One month later OpenDNS announced a technology integration partnership with FireEye.{{cite web|url=http://www.securityweek.com/opendns-teams-fireeye-boost-threat-protection |title=OpenDNS Teams with FireEye to Boost Threat Protection|publisher=securityweek.com |date=2014-02-05}} The collaboration allows indicators of compromise to be forwarded from FireEye’s real-time notification system to Umbrella, extending FireEye’s protection to mobile employees and branch offices.

There is a distinct Umbrella package for MSPs.{{cite web|url=http://www.crn.com/news/managed-services/240156097/opendns-launches-platform-to-ease-security-management-for-msps.htm|title=OpenDNS Launches Platform to Ease Security Management for MSPs |publisher=CRN.com |date=2013-06-05}} It features the same protection as the regular business packages, but offers additional MSP features: a centralized multi-tenant dashboard, on-demand monthly licensing, and ConnectWise and Autotask PSA integrations.

In July 2006 OpenDNS was launched by computer scientist and entrepreneur David Ulevitch, providing recursive DNS resolution. It received venture capital funding from Minor Ventures, led by CNET founder Halsey Minor. In October 2006 OpenDNS launched PhishTank, an online collaborative anti-phishing database. Before 2007 OpenDNS was using the DNS Update API from DynDNS to handle updates from users with dynamic IPs.{{cite web|url=https://www.opendns.com/account/dynamic_dns.php |title=Dynamic IP: General Info |publisher=OpenDNS |access-date=2010-04-20}} In June 2007 OpenDNS started advanced web filtering to optionally block "adult content" for their free accounts. Nand Mulchandani, former head of VMware's security group, left VMware to join OpenDNS as new CEO in November 2008, replacing founder David Ulevitch, who remained as the company's chief technology officer.{{cite web|url=http://www.computerworld.com.au/article/268359/vmware_security_chief_leaves_run_opendns |title=VMware security chief leaves to run OpenDNS |publisher=Computerworld.com.au |date=2008-11-21 |access-date=2010-04-20}} David Ulevitch resumed his post as CEO of OpenDNS in late 2009.{{cite web|last1=Frommer|first1=Dan|title=OpenDNS Founder David Ulevitch Takes Back Reins As CEO |url=http://www.businessinsider.com/opendns-founder-david-ulevitch-takes-back-reigns-as-ceo-2009-12|website=Business Insider|access-date=8 September 2014}}

Sequoia Capital and Greylock purchased the majority of shares held by Halsey Minor in July 2009 in a secondary transaction. Then, in conjunction with DAG Ventures, all remaining shares held by Minor were purchased in a similar fashion in early 2010.Arrington, Michael. [https://techcrunch.com/2009/07/07/sequoia-opendns-greylock/ "Sequoia, Greylock Take Stake In OpenDNS"], TechCrunch, July 7, 2009, accessed February 4, 2011. In June 2010 OpenDNS launched "FamilyShield", a service designed to filter out sites with pornographic content. The service uses the DNS addresses 208.67.222.123 and 208.67.220.123.{{cite web |url=https://blog.opendns.com/2010/06/23/introducing-familyshield-parental-controls/ |title=Introducing FamilyShield Parental Controls |publisher=OpenDNS |date=2010-06-23 |access-date=2010-09-19}} The World Economic Forum announced the company as a Technology Pioneer for 2011.{{Cite web|url=http://www.weforum.org/en/media/Latest%20News%20Releases/NR_TP2011|title=Thirty-One Visionary Companies Selected as Technology Pioneers 2011}} In March 2012 Dan Hubbard, former CTO at Websense, joined OpenDNS as CTO.{{cite web |url=http://itknowledgeexchange.techtarget.com/security-bytes/opendns-hires-away-websense-cto-to-guide-enterprise-dns-security-services/ |title=OpenDNS hires Websense CTO to guide enterprise DNS security services |publisher=TechTarget |date=2012-03-02}} The OpenDNS Security Labs were founded in December 2012, serving as a hub for research at the company. OpenDNS launched Security Graph, a security intelligence and threat detection engine in February 2013, followed by a Series B funding round.{{cn|date=July 2021}} In May 2014 OpenDNS announced a Series C funding round totaling {{US$|35 million}}, with new investors Glynn Capital Management, Northgate Capital, Mohr Davidow Ventures, Lumia Capital, Evolution Equity Partners, Cisco, Chris Sacca, Naval Ravikant, Elad Gill, as well as previous backers Greylock Partners, Sequoia Capital, and Sutter Hill Ventures.{{cn|date=July 2021}}

On August 27, 2015{{According to whom|date=September 2020}}, Cisco acquired OpenDNS for {{US$|635 million|link=yes}} in an all-cash transaction, plus retention-based incentives for OpenDNS.{{cite web|title=Cisco Announces Intent to Acquire OpenDNS|url=http://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1667697|website=Cisco|access-date=1 July 2015}}{{cite web |url=https://blog.opendns.com/2015/08/27/cisco-and-opendns-cloud-security/ |title=Cisco and OpenDNS: A New Day in Cloud Security |website=OpenDNS |date=27 August 2015 |author=David Ulevitch, OpenDNS Founder/CEO|access-date= 16 March 2016}} OpenDNS's business services were renamed Cisco Umbrella; home products retained the OpenDNS name. Cisco said that it intended to continue development of OpenDNS with its other cloud-based security products, and that it would continue its existing services.{{cite web |url=https://www.opendns.com/cisco-opendns/ |title=Cisco OpenDNS |website=OpenDNS |date=August 2015 |access-date= 16 March 2016}}

OpenDNS previously earned a portion of its revenue by resolving a domain name to an OpenDNS server when the name is not otherwise defined in DNS. This had the effect that if a user typed a non-existent name in a URL in a web browser, the user saw an OpenDNS search page. Advertisers paid OpenDNS to have advertisements for their sites on this page. This behavior is similar to VeriSign's previous Site Finder or the redirects many ISP's place on their own DNS servers.{{cite web|url=https://www.opendns.com/support/article/29 |title=OpenDNS knowledge base: OpenDNS is not like Site Finder |publisher=Opendns.com |access-date=2010-04-20|archive-url=https://web.archive.org/web/20100329134424/http://www.opendns.com/support/article/29|archive-date=March 29, 2010}} OpenDNS said that the advertising revenue paid for the free customized DNS service.{{cite web|url=http://www.opendns.com/support/article/14 |title=OpenDNS knowledge base: How does OpenDNS make money? |publisher=Opendns.com |date=April 21, 2010 |archive-url=https://web.archive.org/web/20110606004808/https://www.opendns.com/support/article/14 |archive-date=2011-06-06}} It was discontinued on June 6, 2014; OpenDNS said this was because of their move towards a security focus in their business.{{cite web|last1=Keizer|first1=Gregg|title=OpenDNS to yank ads from its free consumer services|url=http://www.computerworld.com/article/2490088/internet/opendns-to-yank-ads-from-its-free-consumer-services.html|website=Computerworld|date=30 May 2014|access-date=8 September 2014}}

• {{cite web|title=A new reason to love OpenDNS: no more ads|url=http://www.opendns.com/no-more-ads/|website=OpenDNS|date=29 May 2014|access-date=8 September 2014}}/{{cite web|url=https://www.pcmag.com/article2/0,2817,2163029,00.asp |title=OpenDNS is a free, ad-based service |publisher=Pcmag.com |date=2007-07-26 |access-date=2011-08-21}}

In 2007, David Ulevitch explained that, in response to Dell installing "Browser Address Error Redirector" software on their PCs, OpenDNS started resolving requests to Google.com. Some of the traffic is handled by OpenDNS typo-correcting service that corrects mistyped addresses and redirects keyword addresses to OpenDNS's search page, while the rest is transparently passed through to the intended recipient.David Ulevitch. [https://blog.opendns.com/2007/05/22/google-turns-the-page/ OpenDNS Blog » Google turns the page... in a bad way]. May 22, 2007. Retrieved 2008-07-04.

Also, a user's search request from the address bar of a browser that is configured to use the Google search engine (with a certain parameter configured) may be covertly redirected to a server owned by OpenDNS (which is within the OpenDNS Terms of Service).{{cite web|last1=Agarwal|first1=Amit|title=Prevent OpenDNS From Redirecting Google Searches - Fix for Firefox & IE Address Bar|url=http://www.labnol.org/software/browsers/prevent-opendns-google-redirects-firefox-address-bar-ie/2662/|website=Digital Inspiration|access-date=31 July 2017|date=21 March 2008}} Users can disable this behavior by logging into their OpenDNS account and unchecking "OpenDNS proxy" option;{{cite web|url=https://www.opendns.com/support/article/111 |title=Is OpenDNS running a proxy? |publisher=Opendns.com |date=2009-03-17 |access-date=2011-10-09}} Mozilla users can instead install an extension,[http://cotcaro.blogspot.com/2008/07/im-feeling-lucky-problem-fix-for.html I'm Feeling Lucky Problem Fix for OpenDNS users], July 3, 2008. or change or remove the navclient sourceid from their keyword search URLs.

This redirection breaks some non-Web applications that rely on getting an NXDOMAIN response for non-existent domains, such as e-mail spam filtering, or VPN access where the private network's nameservers are consulted only when the public ones fail to resolve. Breaking local name resolution can be avoided by configuring the DNS addresses only in the forwarders of the local DNS server or router (the WAN/Internet configuration of a router or other gateway). For other purposes, or when the DNS addresses cannot be configured in a forwarder, domains for which an NXDOMAIN response is expected should be added to the Exceptions for VPN Users section of the OpenDNS Dashboard.

Most of the issues above were resolved when OpenDNS discontinued their advertising service, and started responding with NXDOMAIN and SERVFAIL instead of redirecting non-existing domains.{{cite web|url=https://www.opendns.com/no-more-ads/ |title=A NEW REASON TO LOVE OPENDNS: NO MORE ADS |publisher=Opendns.com |date=2014-06-06 |access-date=2016-06-01}}

• DNSCrypt
• EDNS Client Subnet
• PhishTank
• Public recursive name server
• Response policy zone

{{Reflist|30em}}

• {{official website|https://www.opendns.com/}}
• [http://www.darkreading.com/mobile-security/167901113/security/news/240142186/opendns-goes-mobile.html Dark Reading: OpenDNS Goes Mobile Nov. 15, 2012]
• [http://www.pcworld.com/article/2013945/opendns-introduces-vpn-content-filtering-for-mobile-devices.html PC World: OpenDNS introduces VPN, content filtering for mobile devices Nov. 13, 2012]
• [http://securitywatch.pcmag.com/none/304938-opendns-extends-company-security-to-mobile-devices PC Magazine: OpenDNS Extends Company Security to Mobile Devices Nov. 13, 2012] {{Webarchive|url=https://web.archive.org/web/20190625141357/http://securitywatch.pcmag.com/none/304938-opendns-extends-company-security-to-mobile-devices |date=2019-06-25 }}

{{Cisco Systems}}

{{DEFAULTSORT:Opendns}}

Category:Cisco software

Category:Companies based in San Francisco

Category:Alternative Internet DNS services

Category:Internet properties established in 2006

Category:Content-control software

Category:Cisco acquisitions

Category:2015 mergers and acquisitions

Category:Software companies established in 2006

Category:Software companies of the United States