DNS-based security
Some Plume Guard features such as Online Protection, Content Access, and Adblocking rely on DNS (Domain Name System) requests sent from devices. When a device such as your laptop or mobile phone tries to connect to a website or an application tries to access an online resource, Plume Guard checks these DNS requests and determines to implement these DNS-based security services.
DNS Encryption
Recently many popular web browsers (Chrome, Safari, and Mozilla) have introduced a feature called secure DNS to provide extra privacy through DNS encryption. Secure DNS uses DNS over HTTPS (DoH) and DNS over TLS (DoT) standards to encrypt all DNS queries sent from the browser. Encrypted DNS can also be enabled at the device level on Android 9 or higher devices and individual iOS and macOS applications can also use encrypted DNS to access resources on the Internet.
Guard compatibility with DNS encryption
Today Plume security features don't support DNS encryption. That's why browsers with secure DNS enabled can be used to bypass Content Access and other Guard features. The temporary workaround would be to disable secure DNS from web browsers to ensure DNS-based security services function. We are currently testing the next version of Plume Guard which will be compatible with DNS Encryption.
Not all Guard features rely entirely upon DNS requests. Because Inbound and Outbound IP-based protection are not reliant on DNS requests, they will not be affected by the use of DNS encryption.