DNSFilter Knowledge Base

Introduction to DNSFilter

What is DNSFilter?

DNSFilter is a cloud-based, AI-driven content filtering and threat protection service, that can be deployed and configured in minutes, with no software installation necessary.

If you are eager to get started with implementation, check out our Site Deployment Guide.

How does DNSFilter work?

Our product uses the Domain Name System (DNS) protocol, referred to popularly as the "phonebook of the internet". When applications on your network make domain-name requests, these requests are sent to our servers, where they are matched against our threat feeds and your policy settings. If a request is to a malicious/blocked domain, the user is diverted. This ensures that unwanted activity is cutoff at the root, because the request never makes it to the blocked/infected domain. It also comprehensively covers all devices on your network, from servers and computers to printers and tablets - because DNS is essential for most network connections to be established.

Blocking malicious sites


Content Filtering

Filtering Categories

Select from a wide variety of Filtering Categories to block or allow at your discretion. Unsure which domains fall into which category? Use our Domain Lookup Tool to confirm.

Filtering Categories

Unlimited Blacklists/Whitelists

DNSFilter allows an unlimited number of domains to be added to policy whitelists/blacklists, allowing you to have complete customization over which domains and subdomains you want users to access. CSV import of domain lists is supported.

Real-Time Categorization

Newly seen domains are categorized in real-time by our Artificial Intelligence scanning engine. The average domain is categorized in 5-15 seconds.

Multilingual support

Our categorization scanners support 20 of the world's most-spoken languages, and our user block pages can be displayed in English, Spanish, Portuguese, Italian, French, Turkish, Russian, Ukrainian, or Czech.

Threat Protection

Threat Categories

DNSFilter uses a multi-pronged approach towards security, which results in robust threat intelligence. Users can block sources of Malware and Phishing, as well as next-gen threats such as Botnets and Cryptomining.

Threat Categories

Community Threat Feeds

DNSFilter utilizes threat feeds maintained by the global security community, and reported by humans resulting in highly reliable data.

Government Threat Feeds

DNSFilter works with US and UK-based governmental organizations, so that we're able to prevent dangerous activity, such as:

  • Terrorism
  • Child Pornography (All of our customers have Internet Watch Foundation filtering active)
  • Child Exploitation
  • Hate Speech.

Machine Learning

Newly registered domains, newly seen domains, and domains with suspicious characteristics pass through our rigorous analyzation and scoring process to provide heuristic blocking that other security companies wouldn't catch until after fielding a customer case. This removes the unknown parts of the internet from being a constant threat.

Data Exchange Partnerships

By trading fully anonymized, security and content filtering big data with other security firms, DNSFilter implements trusted data feeds from the world's leading security organizations

Use Cases

DNSFilter can be used in a large variety of scenarios, from a single roaming computer to a multi-national corporation with satellite offices. Any organization that needs filtering and protection from internet threats can be supported by DNSFilter.


We understand that as a business, you want to eliminate time spent disinfecting and reinstalling computers by preventing new malicious threats from being accessed, and neutralize any existing threats already on the computers. You want to block access to employee time-wasters like Reddit, Facebook, and Twitter, as well as bandwidth hogs like YouTube and Netflix.

DNSFilter provides all these features in a simple, easy to use dashboard, which is backed by a global network of fast DNS servers. Let us handle protecting your perimeter and keeping your bandwidth costs low.

Public/Guest WiFi

Coffee shops, Airbnb hosts, churches, and hotels are often rampant for malicious activity because the devices on the network change frequently and users may not have current and effective anti-malware solutions on their devices. Add to this that users may often desire to access inappropriate content while on a guest WiFi. With DNSFilter, you can prevent malicious activity and ensure that your users, no matter what devices they are using, are restricted to online content that you deem appropriate.

Transit WiFi

Public transit providers wish to provide the convenience of internet access to their passengers, but it only takes a few passengers streaming Netflix, Hulu, YouTube, or Vimeo to ruin the experience for everyone else. DNSFilter can reduce bandwidth from these services so that you can provide a good experience for all your passengers across your fleet.


The IT Department is often the last consideration in a school district's budget. Yet, the government mandate of CIPA means that you have a responsibility to protect your students from inappropriate content. DNSFilter can ensure that you stay within regulation and protect your students from the growing list of internet threats.

Our Network

48 Global Locations

Utilizing the largest public Anycast network, our transit provider boasts an impressive 2300+ BGP peers and growing, with 19+ Internet Exchange memberships and an open peering policy.

See our Network page for a complete list.

Roaming protection

Utilizing our Roaming Client, Windows, MacOS, iOS, Android, and Chromebook devices can be protected when outside your organization's network.

What is the hierarchy in which users, devices, Roaming clients, and sites take priority?

The order of priority is as follows:

  1. User-applied policy.
  2. Managed or Manual Collection.
  3. MAC address.
  4. Private IP address.
  5. Roaming Client.
  6. Site configured public IPs.
  7. Fallback DNS.

Updated 3 months ago

Introduction to DNSFilter

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.