Over the past few years, I have been looking trying to secure the home network, since our kids are growing up fast and are needing to use internet-based services, and especially now with COVID necessitating remote access to school services. Besides, my eldest has a phone, which means that any protection applied at home is removed as soon as she leaves the house.
So I was looking for a service that could provide the following services:
- Internet filtering, both inside and outside of the home.
- The ability to filter websites based on categories like Porn, Gambling, etc.
- The ability to block specific sites.
- Use text-based filters that automatically update (used for blocking adverts and malware sites).
- Offers a secure DNS service.
- Ability to control where my data is stored and maintained.
- Ability to view what’s being consumed
You ask: why is secure DNS important? Without writing War and Peace, Mozilla offers a succinct explanation https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https.
In an effort to be brief, it offers the following benefits:
- Prevent man-in-the-middle attacks
- Your DNS isn’t provided solely at the behest of your internet provider, who can then collect and analyse this data.
- Bypasses filters imposed by governments (not an issue in the UK – presently, at least! – but abroad it’s useful)
One other key benefit is the ability to block certain sites using pre-existing filters, which for me is key. Why? Well, we all have smart devices in our homes: phones, TVs, Amazon Alexa… Without wishing to scaremonger, these devices relay information regarding your consumption. For example, Smart TVs record and send information on what you’re watching, how you’re watching and when; Amazon Alexa devices relay voice data; Google via Chrome sends your browsing data, and so on. All of this is well established. For me, it’s about protecting the family and making sure the younger ones are not reduced to commodities and that their information remains safe.
Options:
Having used a home server service called pi-hole, I was looking for something similar, that required less management and was cloud-based, and that had the ability to manage devices while not at home, so I tested the touted solutions below and came to the following conclusions:
CloudFlare 1.1.1.1 for Families – Cost £0
| pros | cons |
|---|---|
| Fastest DNS response time | No mobile client |
| Adult and Malware content filtering | No ability to block specific sites |
| It’s free | No text-based filters |
| Secure DNS with no logging of your IP address | No ability to control where your data is stored |
Cisco OpenDNS – Cost £0
| pros | cons |
|---|---|
| Adult and Malware content filtering | Disappointing DNS response time compared to Cloudflare |
| It’s free | No mobile client (Requires Cisco Umbrella) |
| Great categories filtering | No ability to block specific sites |
| Supports Secure DNS | No ability to control where your data is stored |
| Uknown location of data |
NextDNS – Cost $19.00 or £17.90 per year
| pros | cons |
|---|---|
| Internet filtering both inside and outside of the home. | Limited Categories, Dating, Social Media, Piracy, Porn and Gambling |
| Offers a secure DNS service | Extra client configuration required on each device leaving the home |
| Ability to control where my data is stored and maintained | |
| The ability to filter websites based on Categories like Porn, Gambling etc | |
| The ability to block specific sites. | |
| Use text-based filters that automatically update (used for blocking adverts and malware sites). | |
| DNS Response times have been pretty quick |
Conclusion:
It might not seem fair to draw comparisons between a paid-for service and a free service, but for the relatively low cost of £2 per month, NextDNS offers all of the services that I need. And, from personal experience, I know that it’s super-easy to deploy and to configure for mobile devices.
One other great benefit is the text-based filters and manual website blocks. With the internet already stretched thin in this house because of home-schooling, multiple remote workers having capacity consumed by overzealous adverts and devices sending data to various venders was an unaffordable overload and having these blocks in place saves precious bandwidth.
If you don’t believe me, check out my stats!
If you’re interested in testing NextDNS for yourself, please follow this link: https://nextdns.io/?from=5d6h7y69