The World's First Intelligent Proxy

Most but not all threats lie on the surface.

The vast majority of malware, botnet, phishing and advanced persistent threats are hosted at domains that are classified as entirely malicious. Yet some domains are linked to Web servers and sites that host both malicious and safe content, or are classified as suspicious.

Blocking Internet connections at the domain-level (“on the surface”) introduces no extra network latency or complexity when using recursive DNS services. However, blocking specific Web content at the URL-level (“below the surface”) requires proxying the connection, which adds latency and often complexity.

Despite most threats residing on the surface, traditional security solutions redirect all Web connections through a proxy, negatively impacting your network performance and availability. Also, proxies do not detect compromised systems that use multi-protocol callbacks to botnet command and control networks to exfiltrate data.

How our faster, easier and smarter proxy works.

OpenDNS delivers the first cloud security service that avoids sending every Web connection through a proxy. OpenDNS’s intelligence platform—Security Graph—predicts which Internet origins (domains and IPs) are malicious, partially malicious, suspicious or safe. And OpenDNS’s enforcement platform—Umbrella—is powered by Security Graph. All connections to malicious origins are instantly blocked at the surface. Web connections to partially malicious or suspicious domains are transparently routed through OpenDNS’s globally-distributed Intelligent Proxy for deeper inspection below the domain-level.

Boost threat protection not network latency and complexity.

Organizations achieve the security benefits of pure-proxy solutions without degrading the performance and availability of corporate networks. And unlike Web-only solutions, Umbrella secures every Web and non-Web connection*, and every device on or off the network, everywhere.

*Any protocol (e.g. HTTP/S, FTP, P2P, IRC) over any port (1-65535) via any application (e.g. browser, file transfer, malware).

“Performance and availability are overriding SWG requirements because, without them, the SWG can have a large negative impact on end users and the organization as a whole. Customers must choose between in-line or proxy network deployment topologies and decide whether to decrypt SSL traffic with an eye on performance versus protection trade-offs.” — Gartner

“To be effective, network traffic monitoring must have visibility across all ports and protocols. However, proxies are often limited to HTTP traffic only. Proxies must have other means to inspect non-HTTP/s traffic.” — Gartner