We are using our fantastic Balance One core in our School and we’re very satisfied about it’s capabilities. 
We are using the Firewall content blocking system, however I am aware of hundreds proxies out there that allow easily to bypass blocking system. Check out this 300 proxies list! https://www.trickseek.org/free-proxy-sites-list-top-proxy-servers-for-school/
I wonder if is there a way to efficiently block those without being required to enter them one by one. I am afraid that this may also significantly affect performance.
Your thoughts?
Hello @ReeXNeeX,
Three things we do:
- use the router as the only DNS server (see first image)
- setup a firewall rule to block acess to external DNS servers (see second image)
- block access to DNS servers that are not from the router (see third image)
You may wish to add to this list “All supported Security/Tunnelling Protocals” as these are often used to circumvent network security settings, add into to exception list the domain name or IP server of only approved VPNs that the school needs to use.
Only the higher end Balance Routers have a full list of over 30 types of content filtering, this is due to the a combination of processor resources and storage of the list (the list of domains is a large file you can download from the status page of our router)
If this has a link to Update the list beside the download, we highly recommend you do that and recheck for updates once a month.
There are also postings within the Forum from other colleagues and members on additional Domain based content filtering options if you are interested to implement with your solution.
Happy to Help,
Marcus 
1 Like
Marcus great help! Thanks!
A few comments:
- we are using the router’s DNS for two VLANs while the third VLAN is assigned to a Windows Server 2021 DNS… This scenario would require using the router as the unique forwarder for Windows DNS server adding a further “hop” in the chain…
- What is the overhead using the content filtering DB?
- How often is it updated
Thanks!
