Get superfast AT&T Fiber internet
Home_Tech_Guy's profile

New Member

 • 

5 Messages

Fri, Feb 7, 2020 9:04 PM

DNS Network Layer Security (i.e., Cisco Umbrella - AKA: OpenDNS)

Hello, Everyone:

This is my first posting here in the AT&T Community Forums... I am looking forward to learning from everyone or anyone who is willing to take the time to share their specific insights of knowledgeable experience.

With that said, here is my specific question(s):

Is there anyone here in the AT&T Community Forum that has setup DNS Layer Security for their home network? Mostly, I would like to know the following:

1) What type of benefits does DNS Network Layer Security offer?

2) Is it something that just about anyone (including home internet consumers) can setup?

3) What about Cisco Umbrella (AKA: OpenDNS) ... Has anyone here in this forum used Cisco Umbrella (either currently, or in the past)?

4) Is there anything I should consider knowing and/or educate myself about prior to me setting anytype of DNS Network Layer Security program for my home (i.e., possible issues, complications and conflicting interferences (such as with my personal home network security program: McAfee Total Protection), etc.)?

5) Anything else you can offer of IT and DNS related substance is much appreciated...

Thank You!

Transponder

ACE - Scholar

 • 

465 Messages

2 y ago

I don't believe ATT will allow users to change the DNS settings in your ATT provided gateway. There is a work-around where you could put your gateway into bypass and buy another router to use behind the gateway. The problem is you will be double NATed with this solution and routinely shut down from buggy ATT firmware updates.

Another solution that only works with the BGW210 gateway is to turn off DHCP in the gateway and use your own DHCP server where you can specify DNS setting for your clients. Other ATT provided gateways do not allow turning off DHCP.

New Member

 • 

5 Messages

@Transponder Yes, the bypass was another option I had been flirting with as well. But the problem that I had been challenged with, was just as you had alluded to as well, that the I may run into the possibility of being "double NATed". How can I validate that the current firmware version is indeed the correct/most up to date firmware version? Do I need to get with AT&T Internet or is there a specific site I can go to?

Hey! Thanks for taking the time to lead me in the right direction. You've been quite helpful!

Transponder

ACE - Scholar

 • 

465 Messages

The best place I have found for the latest firmware is dslreports.com under the ATT thread. I don't think ATT publishes this and just pushes firmware out without telling us what has changed.

The latest firmware for the BGW210 is 2.5.6 and for the 5268ac it's 11.5.1

Award for Community Excellence 2021 Achiever*
*I am not an AT&T employee, and the views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

New Member

 • 

5 Messages

@Transponder Very Good! I'll take a look. Again, I appreciate your time and help.

New Member

 • 

1 Message

10 m ago

I actually work for a Cisco MSSP (Managed Security Services Provider) here in the UK. We sell Cisco Umbrella and I stumbled across this thread so I wanted to provide some free advice for you and anyone else who reads this.

The key stats are: 90% of Cyber Attacks begin with phishing. And 80% of Malware attacks use DNS at some point of the 'kill chain'. Therefore, DNS-level security is a cheap and very effective way of giving you some broad extra protection against key threats.

It's important to remember that OpenDNS is now Cisco and that means Cisco threat intelligence which is of course invaluable.

OpenDNS have consumer services, and if you can't change your router DNS then consider setting up a PiHole. You can use this to proxy client DNS requests to OpenDNS, and also adds handy ad blocking too!

I hope this helps - best of luck...

Dave

Need help?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.