In this guide, you will find all the information you need to begin migrating your account from OpenDNS for MSPs to DNSFilter. Here we will discuss how to:
- Migrate your policies from OpenDNS to DNSFilter
- Switch to DNSFilter roaming clients
- Sync users from your Active Directory (AD) using our AD Sync tool
- Set up an admin account as an MSP partner
Migrating your policies from OpenDNS for MSPs to DNSFilter
Each content/threat category in OpenDNS maps to a corresponding content/threat category on DNSFilter.
To see how these two categorization sets relate, we have developed a table where we map each category on OpenDNS with the corresponding DNSFilter equivalent.
Importing your network policies over to DNSFilter is as simple as taking the following steps:
- Export your policy’s Allow and Block list from your OpenDNS account
- Create a new policy in DNSFilter
- In your policy settings on DNSFilter, go to the Allow List section and use the CSV import utility to import your Allow list from OpenDNS.
- Do the same for your policy’s Block list and repeat the process for all your OpenDNS polices
DNSFilter’s bulk Allow list and Block list CSV import tool will read an OpenDNS export with no alterations
For more details on adding a policy on DNSFilter, you can refer to these articles:
Installing DNSFilter Roaming Clients
For offsite protection, you need to replace all your OpenDNS roaming clients with that of DNSFilter. You will need to uninstall all your OpenDNS roaming clients from all your endpoint devices before you install roaming clients for DNSFilter (do not install/run them side by side).
DNSFilter currently has roaming clients for the following platforms:
DNSFilter supports (and encourages) the use of Remote Monitoring and Management (RMM) tools and Mobile Device Management (MDM) tools for managing and automating the deployment of its roaming clients.
To get started with DNSFilter’s roaming clients and for more information on deploying roaming clients for different platforms, check out our getting started article.
Migrating users from your On-prem Active Directory or Azure AD
For organizations with on-prem or cloud-based Active Directory (Azure AD), DNSFilter provides a user management synchronization tool, the Active Directory Sync Tool. This tool helps set up accounts for all your Active Directory users on DNSFilter.
When utilizing on-prem Active Directory or cloud-based Azure Active Directory, install the DNSFilter sync tool on a domain join machine for on-prem and on any machine for Azure AD. Also, Active Directory syncing requires DNSFilter’s Windows Roaming Client to be installed on endpoints.
For more details on using DNSFilter’s Sync tool for Active Directory, check out the following articles:
Without Active Directory or for users outside AD, migration of users is still a manual process.
Setting up an Administrative Account as an MSP partner
There are lots of benefits to becoming an MSP partner with DNSFilter, these include a multi-tenant web application for managing different organizations' accounts, global policies that can be shared by sub-organizations, and the ability to white-label the DNSFilter interface.
Below are the steps for setting up an MSP administrative account:
- Signup for the partner program using the link under the main navigation in the dashboard (if you select MSP as your industry during signup) or use this link directly (for any industry) which activates the multi-tenant/MSP dashboard
- Feel free to test policies and deployments in the single organization account created on signup but note that transferring policies, sites, and roaming clients to other sub-organizations after partner activation is not possible
- A sub-organization matching the name of the MSP account is available for internal use and/or testing
- Configure your Whitelabel settings in the MSP Dashboard as desired, this includes:
- Your MSP’s logo
- Any custom “from” email address
- Create your sub-organizations
- Create and configure global policies and global block pages in the MSP dashboard
- Create sites in your sub-organizations and apply a global policy or a unique sub-org-only policy
- Deploy roaming clients via RMM/MDM or custom scripting
- Deploy relay if required
- Sync Active Directory users in AD environments
Please sign in to leave a comment.