Switchy
Sign up
otherapi_key

Control D

Control D is a customizable DNS filtering and traffic redirection platform that allows users to manage internet access, enforce policies, and monitor usage across devices and networks.

Verdict

Control D is a DNS-level filtering service that blocks ads, trackers, and malware across your network. In Switchy, @mentioning Control D lets your team manage profiles, devices, and filtering rules without opening the dashboard — you can provision new devices, toggle filter categories, create custom block/allow rules, and check enforcement status from chat. Most useful for IT admins provisioning endpoints or security teams auditing DNS policies. Requires an API key from your Control D account; each action targets your organization's live configuration, so test changes carefully before bulk updates.

Common use cases

  • Provision DNS resolvers for new remote employees
  • Bulk enable malware filters across all profiles
  • Audit which devices enforce which DNS policies
  • Create custom block rules for phishing domains
  • Schedule content filters for school hours only

Integration

Vendor
Control D
Category
other
Auth
API_KEY
Tools
48
Composio slug
control_d

Tools

  • Bulk Update Profile Filters

    Tool to bulk update filters on a specific profile. Use when you need to enable or disable multiple filters at once. Provide a list of filter IDs with desired states.

  • Create Custom Rules for Profile

    Tool to create custom rules for a profile. Use after confirming the profile ID and preparing rule definitions. Provide a list of rule objects matching the API schema.

  • Create Custom Rules in Profile Folder

    Tool to create custom rules within a specific folder for a profile. Use after confirming the profile and folder IDs and preparing rule definitions.

  • Create Device

    Tool to create a new device. Use when you need to provision devices and retrieve their DNS resolvers.

  • Create Profile

    Tool to create a new blank profile or clone an existing one. Use when you need to provision a profile before assigning rules or devices.

  • Create Profile Schedule

    Tool to create a new schedule within a specific profile. Use after gathering profile_id and schedule details.

  • Delete Device by ID
    destructive

    Tool to delete a Control-D device. Use when you need to remove a device by its identifier after confirming the device_id.

  • Delete Profile by ID
    destructive

    Tool to delete a profile. Use when you need to remove a profile by its ID after ensuring it is not enforced by any device.

  • Delete Profile Rule by Hostname
    destructive

    Tool to delete a specific custom rule by hostname from a profile. Use after confirming profile_id and hostname.

  • Delete Profile Rule by Rule ID
    destructive

    Tool to delete a specific custom rule by its ID within a profile. Use after confirming profile_id and rule_id.

  • Delete Profile Rule in Folder
    destructive

    Tool to delete a specific custom rule within a folder. Use after confirming profile_id, rule_id, and folder_id.

  • Delete Profile Schedule
    destructive

    Tool to delete a specific schedule within a profile. Use after confirming profile_id and schedule_id.

  • Get Analytics Endpoints

    Tool to list analytics storage regions and their endpoints. Use after authenticating to retrieve available analytics regions.

  • Get Analytics Log Entry

    Tool to retrieve a specific analytics log entry by its ID. Use when you need details of an analytics log for a given profile.

  • Get Custom Rule by Rule ID

    Tool to retrieve details of a specific custom rule by its ID. Use after confirming the profile_id and rule_id to fetch that rule's metadata.

  • Get Devices

    Tool to list all devices associated with the account. Use when you need to retrieve device inventory after authentication.

  • Get Organization Details

    Tool to view the authenticated organization's details. Use after confirming a valid API token.

  • Get Profile Analytics

    Tool to retrieve analytics data for a specific profile. Use after the profile has accrued usage data to fetch analytics.

  • Get Profile Analytics Logs

    Tool to list analytics log entries for a given profile. Use after confirming profile ID and optional date filters to fetch logs.

  • Get Profile Analytics Summary

    Tool to fetch a summary of analytics data for a given profile. Use after confirming profile ID and desired date range.

  • Get Profile Analytics Top Domains

    Tool to fetch top domains accessed within a specific profile. Use after confirming profile ID.

  • Get Profile by ID

    Tool to retrieve details of a specific profile by its ID. Use when you need full profile details after confirming the profile_id.

  • Get Profile Filters

    Tool to list native filters associated with a specific profile. Use when you have a profile ID and need to retrieve its filters and their states.

  • Get Profile Folders

    Tool to list rule folders (groups) within a profile. Use when you need to retrieve all folders for a given profile after confirming the profile ID.

  • Get Profile Options

    Tool to get all available profile options. Use when you need to retrieve the possible configurations for profiles after authenticating.

  • Get Profiles

    Tool to list all profiles associated with the authenticated account. Use when you need an overview of accessible profiles.

  • Get Profile Schedule

    Tool to retrieve a specific schedule by its ID within a profile. Use when you need details of a profile schedule after confirming the profile_id and schedule_id.

  • Get Profile Schedules

    Tool to list schedules associated with a specific profile. Use after confirming the profile ID.

  • Get Profile Services

    Tool to list services associated with a specific profile. Use when you need to retrieve all services that have any associated rules after confirming the profile ID.

  • Get Profile Top Services

    Tool to fetch top services accessed within a profile. Use after confirming the profile ID and desired date range.

  • Get Service Categories

    Tool to list all service categories. Use when you need to retrieve available categories before filtering or assigning services.

  • Get Specific Rule in Folder

    Tool to retrieve a specific rule within a folder by its ID. Use when you need full details of a custom rule in a profile's folder.

  • Get Users

    Tool to retrieve user account data. Use when you need account details after authentication.

  • List Custom Rules for Profile

    Tool to retrieve custom rules associated with a specific profile. Use after confirming the profile ID. Omit `folder_id` to list rules in the root folder.

  • List Custom Rules in Folder

    Tool to retrieve custom rules in a specific folder of a profile. Use after confirming both profile ID and folder ID.

  • List External Filters for Profile

    Tool to list third-party filters for a specific profile. Use when you need to retrieve all external filters and their states after confirming the profile ID.

  • List Known Access IPs

    Tool to list known IPs associated with the account. Use when you need to retrieve recent access IPs for device resolver queries.

  • List Services by Category

    Tool to list all services within a specific category. Use after confirming a valid category identifier.

  • Modify Custom Rules for Profile

    Tool to modify existing custom rule(s) for a profile. Use when you need to update rule details such as name, description, severity, or enabled status. Ensure to include the rule IDs to modify.

  • Modify Device

    Tool to modify an existing device. Use when you need to update device settings by providing its ID.

  • Modify Organization

    Tool to modify organization settings and limits. Use when you need to change organization limits such as max_users or max_routers. Changing these fields is a billable event.

  • Modify Profile Filter

    Tool to modify the enabled state of a specific filter on a profile. Use when you need to enable or disable a particular filter.

  • Modify Service for Profile

    Tool to modify a specific service rule for a profile. Use when you need to update blocking, bypassing, spoofing, or proxy-redirect settings after reviewing existing rules.

  • Move Profile Rule to Folder

    Tool to move a specific custom rule into a different folder. Use after confirming profile_id, rule_id, and folder_id.

  • Update Custom Rule by Rule ID

    Tool to update an existing custom rule by its ID. Use when modifying details like name, description, severity, or enabled status for a specific rule.

  • Update External Filters for Profile

    Tool to update external filters for a specific profile. Use when toggling third-party filters after listing them.

  • Update Profile by ID

    Tool to modify an existing profile by ID. Use when you need to update profile fields after confirming the current profile. Example: Update profile '123abc' with new name and settings.

  • Update Profile Schedule

    Tool to update a specific schedule within a profile. Use when you need to modify schedule details after confirming profile_id and schedule_id.

Setup

Setup guide

  1. 11. In Switchy, open the Space where you want Control D available and click 'Add Integration' in the sidebar. 2. Search for 'Control D' and select it from the MCP catalog. 3. Choose 'API Key' as the authentication method. 4. Log in to your Control D dashboard, navigate to Settings → API, and generate a new API key with read/write permissions. 5. Copy the key and paste it into Switchy's prompt, then click 'Connect'. 6. Switchy confirms the connection and shows which tools are now available. 7. To test, type '@Control D list all profiles' in the Space chat — you should see your organization's DNS profiles returned in seconds. 8. From there, @mention Control D anytime you need to create devices, update filters, or manage schedules without leaving the conversation.

What teammates see: by default, memories from Control D are scoped to the Space (PROJECT visibility) - you can mark any memory PRIVATE or share it ORG-wide.

Works well with

Top models

Compatibility data appears once enough Spaces have used this MCP together with a given model.

How Switchy teams use it

Not enough Spaces yet to publish anonymised usage stats (we require ≥ 50 Spaces per week).

Starter prompts

List All Profiles

@Control D show me all profiles in our account, including their names and IDs
Open in a Space →

Create New Device

@Control D create a new device named 'Marketing-Laptop-42' and give me the DNS resolver addresses
Open in a Space →

Bulk Enable Filters

@Control D enable the malware, ads, and trackers filters on profile ID 12345
Open in a Space →

Add Custom Block Rule

@Control D add a custom rule to profile 12345 that blocks all subdomains of suspicious-site.com
Open in a Space →

Check Device Enforcement

@Control D list all devices and tell me which profile each one is enforcing
Open in a Space →

Example outputs

Illustrative - representative of the model's voice and quality, not literal recordings.

Prompt

@controld list all devices and show which profiles they're currently using

Output

Here's an overview of your Control D devices: • **Home Router** (ID: dvc_abc123) — Profile: Family Safe Browsing • **Work Laptop** (ID: dvc_def456) — Profile: Corporate Security • **Mobile Phone** (ID: dvc_ghi789) — Profile: Default • **Guest Network** (ID: dvc_jkl012) — Profile: Guest Access All devices are active. The Family Safe Browsing profile has content filtering enabled, while Corporate Security enforces stricter DNS policies. This is an illustrative example—your actual device list and profile assignments will vary.

Notes

This read-heavy example demonstrates the MCP's ability to fetch and correlate device-to-profile mappings. Requires a valid API key with read permissions. Useful for auditing which DNS policies apply to each endpoint before making bulk changes.

Prompt

@controld create a new profile called 'Kids Safe Mode' and enable malware, ads, and adult content filters

Output

Profile created successfully: **Kids Safe Mode** (ID: prf_xyz789) Enabled filters: • Malware & Phishing Protection • Ad Blocking (network-wide) • Adult Content Filter Next steps: Assign this profile to specific devices using their device IDs, or configure custom rules if you need granular domain exceptions. The profile is live but not yet enforced on any devices. This is an illustrative example—actual filter IDs and profile structure depend on your Control D account tier.

Notes

This write example shows profile creation and bulk filter enablement in one workflow. The MCP provisions the profile and applies filter states via API. Be aware: changes take effect immediately once devices are assigned, so test with a single device first before rolling out network-wide.

Prompt

@controld review all custom rules across my profiles and suggest consolidation opportunities to reduce rule sprawl

Output

I analyzed custom rules across 4 active profiles and found consolidation opportunities: **Duplicate Rules:** • `block *.gambling.com` appears in both 'Work' and 'Family' profiles—consider moving to a shared base profile. • `allow cdn.example.com` is repeated 3 times with identical logic. **Overlapping Logic:** • 'Guest' profile blocks social media, but 'Kids' profile has more granular per-platform rules—merge into a single tiered approach. **Recommendation:** Create a 'Base Security' profile with common blocks, then layer profile-specific rules on top. This reduces maintenance overhead and prevents conflicting rules. This is an illustrative synthesis—actual rule conflicts depend on your current configuration.

Notes

This synthesis example pairs the MCP's rule-fetching tools with AI reasoning to identify inefficiencies. Useful for teams managing many profiles. Note: the MCP reads rules but doesn't auto-consolidate—you'll need to manually create the optimized profile structure based on these suggestions.

Use-case deep-dives

Remote team DNS filtering at scale

When Control D wins for distributed device provisioning

A 12-person remote engineering team needs consistent DNS-level ad blocking and malware filtering across personal laptops, home routers, and test devices. Control D's device creation and profile cloning tools let you provision 50+ endpoints in one session, each inheriting the same filter ruleset. The bulk update tool means you can toggle entire filter categories (tracking, ads, adult content) across all devices without touching individual configs. This works until you hit roughly 200 devices or need per-user custom rules—at that scale, the 48-tool API becomes tedious to script, and you'll want a dedicated MDM integration. If your team is under 50 people and you're comfortable with API-driven provisioning, Control D gives you enterprise DNS control without the enterprise contract.

Parental controls with time-based rules

When schedules and folder rules simplify家庭 filtering

A parent managing screen time for three kids across tablets, phones, and shared computers needs different filter sets for school hours versus evenings. Control D's profile schedule tool lets you define time windows (weekdays 8am-3pm: education sites only; evenings: social media blocked), and the folder-based custom rules tool organizes exceptions by child. You create one profile per kid, clone the base ruleset, then layer in per-device overrides using the 48-tool API. The trade-off: setup takes 20-30 minutes of API calls or manual config, and you need to track device IDs carefully. If you're managing more than 10 devices or want a mobile app for on-the-fly changes, this MCP's API-first design becomes friction. For tech-comfortable parents with 3-8 devices, it's the most granular DNS control you'll find.

Customer support DNS troubleshooting

When device deletion and profile audits speed up triage

A 6-person support team at a VPN or security SaaS handles 40-60 tickets per week where customers report "site not loading" or "app blocked." Control D's device lookup and profile inspection tools let agents quickly check if a DNS filter is the culprit, then delete the offending device or clone a clean profile for the customer to test. The bulk filter update tool is useful for emergency rollbacks ("disable all custom rules on this profile"). This scenario works because the API key gives read-write access to all org devices—agents don't need per-customer credentials. The limit: if your support team isn't technical enough to read JSON responses or doesn't have a ticket system that can embed API calls, the 48-tool surface area is overkill. For technical support teams troubleshooting DNS-layer issues daily, Control D's API becomes a first-line diagnostic.

Frequently asked

What does the Control D MCP do in Switchy?

It lets your AI agents manage DNS filtering profiles, devices, and custom rules in Control D. You can bulk-update filters, create schedules, provision devices, and delete profiles without opening the Control D dashboard. Useful for teams that automate network policy changes or onboard devices at scale.

Do I need admin access to connect Control D?

Yes. The MCP uses an API key, which you generate in your Control D account settings. Only account owners or admins can create keys with write permissions. If you only have read access, the MCP can query profiles and devices but cannot create or delete resources.

Can the Control D MCP block specific domains or IP addresses?

Yes, via the Create Custom Rules tools. You define rule objects that match Control D's schema—domain patterns, IP ranges, actions like block or redirect. The MCP can create rules at the profile level or within a folder. It does not manage pre-built filter categories; use Bulk Update Profile Filters for those.

Why use the MCP instead of the Control D web console?

The MCP is faster for bulk operations and scripted workflows. If you need to provision twenty devices or update filters across ten profiles, the AI agent handles it in one prompt. The web console is better for visual policy review or one-off changes. The MCP uses the same API, so no feature gap.

Who on the team should connect the Control D MCP?

Whoever manages your DNS policies or device fleet—usually IT or DevOps. They generate the API key and paste it into Switchy. Other team members can then ask the AI to create devices or update rules without needing their own Control D login. The key's permissions apply to all requests.

Data last verified 607 hours ago.Sources aggregated hourly to weekly. See docs/architecture/model-directory.md.