@Breffni-Potter said in Do we need Dyn or OpenDNS if we have firewall with IDS/IPS and if so, how about Dyn free ?:
@scottalanmiller said in Do we need Dyn or OpenDNS if we have firewall with IDS/IPS and if so, how about Dyn free ?:
@Breffni-Potter said in Do we need Dyn or OpenDNS if we have firewall with IDS/IPS and if so, how about Dyn free ?:
A DNS level approach is very resource efficient because your gateway box does no heavy lifting. So you gain a lot of security without affecting performance.
Is that true? DNS requests still go out and fail, causing traffic on the router and delays for the users. Blocking on the router is actually less resource intensive because the router blocks the traffic entirely.
But how does that work with processing lists of URLs? Hundreds of thousands of URLs in a black list (potentially)
I suppose if you are still allowing and getting lookups but only then blocking and put that on your firewall instead of on the proxy, then that would be a small hit.