For operators
- A security and parental-control service under your own brand
- A new revenue stream on infrastructure you already run
- Regulatory blocklists and compliance reporting handled in one place
DNS security & parental control for internet service providers
KernoDNS is a DNS filtering and parental-control platform for internet service providers. It runs on your infrastructure — subscriber data never leaves your network.
In development. Built by network engineers from the ISP industry.
The dominant DNS security model routes every query through the vendor’s cloud — someone else’s infrastructure sees every domain your subscribers visit. KernoDNS takes the opposite approach. Resolution, filtering policies and analytics all run inside the operator’s network. Our cloud ships threat-intelligence updates and nothing else; it never sees a single subscriber query.
What it does
Changing subscriber DNS is a sensitive move, and operators are right to be careful. KernoDNS is designed to start in observation mode: it shows what is actually happening in your DNS traffic — how much malware, phishing and botnet activity your subscribers run into — before a single query is blocked. Enforcement comes gradually, with a preview of how many subscribers each rule would affect. The platform deploys on your own VMs, inside your own perimeter.
KernoDNS is in development. There is no GA product to buy today, and we won’t pretend otherwise. What exists: the architecture, a working prototype of the traffic-analytics pipeline, and ongoing conversations with operators about their real constraints. If you run an ISP network and any of this resonates, our contact is in the footer.
Who’s building it
KernoDNS is built by network engineers with 20+ years in the ISP industry — building and operating carrier-grade networks, CCIE-level engineering, based in Warsaw, EU. It comes from the operator side of the table: the same regulatory pressure, the same subscriber-data sensitivity, the same reasons to keep filtering in your own network.
FAQ