- It fails-unsafe. If your external IP changes and not immediately updated in OpenDNS then all previously blocked sites become available
- It logs all your DNS requests by default.
- It can be easily circumvented, by simply setting a different static DNS server on a box instead of using one provided by DHCP
- It’s owned by Cisco. Cisco is known to care very little about your security
A better alternative is to have an internal DNS blackhole, like pi-hole