OpenDNS Umbrella – Safety or Zombies?
Umbrella breaks down into 3 major components: Laptop/Desktop protection, Mobile device protection, and Administrative/Dashboard. I’ll address each piece, but first I want to make something clear. Umbrella is the corporate version of what you may have been using with OpenDNS for years already. A lot of the feature set is basically just relabeled from their old services (this is not a bad thing). For example, they talk about web filtering and malware protection. If you’ve used
OpenDNS (now “for home”) before via their public DNS IPs, you may be aware that you can do web filtering (or “parental controls”) along with the built in malware protection. This is the same stuff you get under Umbrella, just amped up… and all… enterprise-y.
I’ve been running the Umbrella Client on my computers for a couple months now and I haven’t had a single issue related to DNS. I have some administrative issues with it, but that’s a story for another day (when I’m in full IT Manager mode). One of the greatest features of the client is, as you can see in the screenshot, that there is nothing to do with it. Your users can’t fiddle with it, can’t screw it up, can’t change anything. The only thing you can do with the client (as a user) is install it and uninstall it (and I’m sure any enterprising IT person could figure out how to prevent the latter).
Mobile devices, cell phones, tablets, etc. The protection concept is much the same as with the computer but, of course, you can’t change just the DNS servers on a cellphone. Unfortunately the support is for iOS only right now, but all you need is to install the Umbrella app for iOS and provide a username & password. Alternatively they’ve added an “invite via email” feature. When activated the app installs an iOS profile for VPN. This adds a VPN connection that is always-on when on WiFi. All of your traffic is tunneled up to the OpenDNS cloud then bounced out to your destination. This adds a tiny bit of latency, but the slow down is next to non-existent especially when talking about the vagaries of iPhone data speed on WiFi.
So, it turns out all this Umbrella-ness is useful for myself and my users. A fair portion of my sales & support crew are “road warriors”, which is who this product really kicks butt for. If all of my users were in the office, I probably wouldn’t consider the full Umbrella treatment (since the “change your DNS” would get me 80% of the way there, for base protection). As more and more of the corporate world becomes mobile, and telecommuting becomes more common — Umbrella will be more useful. I wish they’d do a little more with it beyond just “protect DNS requests”, but I think it is a really good start.