Home Internet Security – Ad-blocker and DNS Security as a Service

Over the past few years, I have been looking trying to secure the home network, since our kids are growing up fast and are needing to use internet-based services, and especially now with COVID necessitating remote access to school services. Besides, my eldest has a phone, which means that any protection applied at home is removed as soon as she leaves the house.

So I was looking for a service that could provide the following services:

  • Internet filtering, both inside and outside of the home.
  • The ability to filter websites based on categories like Porn, Gambling, etc.
  • The ability to block specific sites.
  • Use text-based filters that automatically update (used for blocking adverts and malware sites).
  • Offers a secure DNS service.
  • Ability to control where my data is stored and maintained.
  • Ability to view what’s being consumed

You ask: why is secure DNS important? Without writing War and Peace, Mozilla offers a succinct explanation https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https.

In an effort to be brief, it offers the following benefits:

  • Prevent man-in-the-middle attacks
  • Your DNS isn’t provided solely at the behest of your internet provider, who can then collect and analyse this data.
  • Bypasses filters imposed by governments (not an issue in the UK – presently, at least! – but abroad it’s useful)

One other key benefit is the ability to block certain sites using pre-existing filters, which for me is key. Why? Well, we all have smart devices in our homes: phones, TVs, Amazon Alexa… Without wishing to scaremonger, these devices relay information regarding your consumption. For example, Smart TVs record and send information on what you’re watching, how you’re watching and when; Amazon Alexa devices relay voice data; Google via Chrome sends your browsing data, and so on. All of this is well established. For me, it’s about protecting the family and making sure the younger ones are not reduced to commodities and that their information remains safe.

Options:

Having used a home server service called pi-hole, I was looking for something similar, that required less management and was cloud-based, and that had the ability to manage devices while not at home, so I tested the touted solutions below and came to the following conclusions:

CloudFlare 1.1.1.1 for Families – Cost £0

proscons
Fastest DNS response timeNo mobile client
Adult and Malware content filteringNo ability to block specific sites
It’s freeNo text-based filters
Secure DNS with no logging of your IP addressNo ability to control where your data is stored

Cisco OpenDNS – Cost £0

proscons
Adult and Malware content filteringDisappointing DNS response time compared to Cloudflare
It’s free No mobile client (Requires Cisco Umbrella)
Great categories filtering No ability to block specific sites
Supports Secure DNSNo ability to control where your data is stored
Uknown location of data

NextDNS – Cost $19.00 or £17.90 per year

proscons
Internet filtering both inside and outside of the home.Limited Categories, Dating, Social Media, Piracy, Porn and Gambling
Offers a secure DNS serviceExtra client configuration required on each device leaving the home
Ability to control where my data is stored and maintained
The ability to filter websites based on Categories like Porn, Gambling etc
The ability to block specific sites.
Use text-based filters that automatically update (used for blocking adverts and malware sites).
DNS Response times have been pretty quick

Conclusion:

It might not seem fair to draw comparisons between a paid-for service and a free service, but for the relatively low cost of £2 per month, NextDNS offers all of the services that I need. And, from personal experience, I know that it’s super-easy to deploy and to configure for mobile devices.

One other great benefit is the text-based filters and manual website blocks. With the internet already stretched thin in this house because of home-schooling, multiple remote workers having capacity consumed by overzealous adverts and devices sending data to various venders was an unaffordable overload and having these blocks in place saves precious bandwidth.

If you don’t believe me, check out my stats!

If you’re interested in testing NextDNS for yourself, please follow this link: https://nextdns.io/?from=5d6h7y69