+ Post New Thread
Page 1 of 5 12345 LastLast
Results 1 to 15 of 68
CLEO Thread, No AD Filtering with Lightspeed for now in Regional Broadband Consortiums (RBC); I've Just had it confirmed to me over the phone that we are looking at MONTHS before we can use ...
  1. #1
    Arcath's Avatar
    Join Date
    Feb 2009
    Location
    Lancashire
    Posts
    972
    Thank Post
    102
    Thanked 116 Times in 101 Posts
    Rep Power
    74

    No AD Filtering with Lightspeed for now

    I've Just had it confirmed to me over the phone that we are looking at MONTHS before we can use AD filtering with the lightspeed system. The only differential filtering you can do at this time is based on if its curriculum or admin network traffic.

    There are no words to describe how angry I am with this, I have a few schools who heavily rely on the NEDS AD Filtering who are now screwed and even more schools who I had told to wait for the new filtering system.

    OCL are telling everyone who currently use the NEDS AD Filtering that they now have to take a step backwards. This is going to mean NO access to sites that we currently only block for pupils as we have no safe way to allow staff access to it.
    Last edited by Arcath; 24th February 2014 at 05:29 PM. Reason: add for now to title to reduce the shock

  2. #2
    Cache's Avatar
    Join Date
    Apr 2008
    Location
    Cumbria
    Posts
    1,207
    Thank Post
    451
    Thanked 174 Times in 171 Posts
    Blog Entries
    3
    Rep Power
    64
    Hmmmmm, can you do filtering based off a single IP then? No idea when we are likely to get a roll out or what conflict that is going to cause with Cumbria/CICT but would be good to know whether it's going to throw our setup all off....

  3. #3
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    So basically no different from what we have now (sans NED) ?

  4. #4
    Marshall_IT's Avatar
    Join Date
    Jul 2011
    Location
    Leeds
    Posts
    461
    Thank Post
    72
    Thanked 57 Times in 48 Posts
    Blog Entries
    1
    Rep Power
    17
    I know it might mean a ton of work but couldn't you create VLANs for staff and students PCs then filter these differently?
    You could even do 802.1x auto vlan assignment of your switches support it for per user vlan assignment.

    Not ideal. The ad filtering from Lightspeed works well for us.

  5. #5

    seawolf's Avatar
    Join Date
    Jan 2010
    Posts
    969
    Thank Post
    12
    Thanked 283 Times in 217 Posts
    Blog Entries
    1
    Rep Power
    175
    So, Lightspeed doesn't have the capability to filter based on the AD group? I thought that was one of the advertised abilities of Lightspeed. This works very well on our iBoss web filter.

    Well, if the Lightspeed can set default filtering based on subnet, then you could use separate subnets / VLANs for students and staff. That doesn't help if you have staff and students logging into the same computers though. That's where you need the AD group-based filtering.

  6. #6
    Marshall_IT's Avatar
    Join Date
    Jul 2011
    Location
    Leeds
    Posts
    461
    Thank Post
    72
    Thanked 57 Times in 48 Posts
    Blog Entries
    1
    Rep Power
    17
    Lightspeed can provide ad group based filtering in using it. I'm not sure why it can't in this situation.

  7. #7
    Arcath's Avatar
    Join Date
    Feb 2009
    Location
    Lancashire
    Posts
    972
    Thank Post
    102
    Thanked 116 Times in 101 Posts
    Rep Power
    74
    Lightspeed can! OCL just can't make it work in this situation, no idea why they just said it will take months. The biggest kick is that the lightspeed devices are already bound to the Exchange Domain for our county email so its not like they don't know how to do it they just wont let us do it.

    I could use VLANS or even just reservations for every machine but that is a lot of work for someone thats only in a maximum of 3 hours a week and more importantly why should I? I can do it now under the current system no problem why should I spend ages changing my entire network structure to accommodate OCLs laziness. It just goes to show that getting some good publicity around contract renewal was more important than providing a decent service to the schools.

    As it stands I think I'm going to contact them and ask for the NED to be pointed at the lightspeed rocket, I know the NEDS are being decommissioned but they are the only way to do AD filtering in the short term.

  8. #8

    Join Date
    Apr 2012
    Location
    Leeds
    Posts
    297
    Thank Post
    0
    Thanked 63 Times in 51 Posts
    Rep Power
    35
    Quote Originally Posted by Marshall_IT View Post
    I know it might mean a ton of work but couldn't you create VLANs for staff and students PCs then filter these differently?
    You could even do 802.1x auto vlan assignment of your switches support it for per user vlan assignment.

    Not ideal. The ad filtering from Lightspeed works well for us.
    I'm a bit mystified as to why they can't do this. We supply hosted Lightspeed and Leased Line connectivity for @Marshall_IT + many other people here on Edugeek and its a doddle to do.

    if you want it working come send me a PM and move from "the dark side"

  9. #9
    Arcath's Avatar
    Join Date
    Feb 2009
    Location
    Lancashire
    Posts
    972
    Thank Post
    102
    Thanked 116 Times in 101 Posts
    Rep Power
    74
    Quote Originally Posted by SchoolsBroadband View Post
    I'm a bit mystified as to why they can't do this. We supply hosted Lightspeed and Leased Line connectivity for @Marshall_IT + many other people here on Edugeek and its a doddle to do.

    if you want it working come send me a PM and move from "the dark side"
    My company is already a @SchoolsBroadband partner, we have a few schools moving away this year but a lot more that wanted to wait and see.

  10. #10

    Join Date
    Apr 2012
    Location
    Leeds
    Posts
    297
    Thank Post
    0
    Thanked 63 Times in 51 Posts
    Rep Power
    35
    oh yes

    The words "wood" and "trees" and "coffee required" springs to mind this early hour

    Dave

  11. #11

    Join Date
    Sep 2008
    Location
    East Lancashire
    Posts
    100
    Thank Post
    10
    Thanked 8 Times in 8 Posts
    Rep Power
    13
    Well you could set-up as I have with putting my Terminal Server on my Admin range and asking for that to be unblocked, and then create a Remote app on the desktop to a "Unfiltered Internet Connection".

    It works great, and as the teachers use the terminal server in the Mac Suite too this works well,

    We have Youtube unblocked but this does need to change to Youtube for Education ... We still get the odd video which is inappropriate.

  12. #12
    Arcath's Avatar
    Join Date
    Feb 2009
    Location
    Lancashire
    Posts
    972
    Thank Post
    102
    Thanked 116 Times in 101 Posts
    Rep Power
    74
    @jhotherall in the average primary that I support they have 2 servers, a Primary DC/Fileserver and a Backup DC (Some also have a separate admin/sims server) there is no capacity in that to be running terminal services and running remote apps.

    As a temporary measure I've used the Assignment system to assign a different list to each of the IWB machines via their IP (with a reservation in DHCP) bit of a PITA and wont stop the kids from using the IWB but its the best of a rubbish situation

  13. #13
    browolf's Avatar
    Join Date
    Jun 2005
    Location
    Mars
    Posts
    1,524
    Thank Post
    106
    Thanked 88 Times in 74 Posts
    Blog Entries
    46
    Rep Power
    40
    Quote Originally Posted by Marshall_IT View Post
    I know it might mean a ton of work but couldn't you create VLANs for staff and students PCs then filter these differently?
    You could even do 802.1x auto vlan assignment of your switches support it for per user vlan assignment.

    Not ideal. The ad filtering from Lightspeed works well for us.
    I'd suggest set up simple proxy for the staff and connect that to an admin port on the router whilst leaving everyone else defaulting to pupil port/filter. Use group policy or pac file to deploy this proxy for staff.

  14. #14
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    It looks like the lightspeed filtering is active on the admin ranges, it's pretty wide open at the moment so be careful! The curriculum ranges get activated next month apparently.

  15. #15
    Arcath's Avatar
    Join Date
    Feb 2009
    Location
    Lancashire
    Posts
    972
    Thank Post
    102
    Thanked 116 Times in 101 Posts
    Rep Power
    74
    Quote Originally Posted by ChrisH View Post
    It looks like the lightspeed filtering is active on the admin ranges, it's pretty wide open at the moment so be careful! The curriculum ranges get activated next month apparently.
    Oh yeah, looking at the categories everything apart from proxies, viruses and porn is unblocked. OCL have made the decision that all admin staff can get on social media etc... which is very popular here.

SHARE:
+ Post New Thread
Page 1 of 5 12345 LastLast

Similar Threads

  1. [WDS] Conigure WDS on a standalone server with no ad intergration
    By djsmiler in forum O/S Deployment
    Replies: 3
    Last Post: 5th April 2011, 11:50 PM
  2. No Home Directories with Windows 7
    By markman in forum Windows 7
    Replies: 8
    Last Post: 8th December 2010, 10:52 AM
  3. Joomla AD Auth with 'Log on to' enabled
    By Michael_84 in forum Web Development
    Replies: 2
    Last Post: 22nd January 2010, 11:09 AM
  4. Smoothwall content filter with bluesocket wireless
    By ICTNUT in forum Internet Related/Filtering/Firewall
    Replies: 27
    Last Post: 13th November 2009, 09:52 AM
  5. Replies: 2
    Last Post: 29th April 2008, 03:17 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •