CLEO Thread, CLEO blocking inter-school access in Regional Broadband Consortiums (RBC); Just had a Schools Portal missive that CLEO are going to implement the inter-school traffic blocking that they'd mentioned before ...
13th September 2010, 09:50 PM #1
CLEO blocking inter-school access
Just had a Schools Portal missive that CLEO are going to implement the inter-school traffic blocking that they'd mentioned before unless signed requests from both schools.
It would have affected me with my web helpdesk but I moved it to an external server so its available from both schools and home.
Thanks to SimpleSi from:
buzzard (14th September 2010)
IDG Tech News
14th September 2010, 02:05 PM #2
Any idea when this is happening? I go between about 30 CLEO IP ranges, noone ever remembers to tell me these things!
14th September 2010, 05:52 PM #3
The document I got through, assuming SimpleSi got the same one, says that Cumbria are going to have the changes applied starting from October and the date for Lancashire has yet to be finalised but is expected to be completed over the Autumn term.
14th September 2010, 09:16 PM #4
15th September 2010, 07:45 AM #5
It makes good sense for them to do this as at the moment (depending upon what ports/protocols are allowed) it could be possible to spread malicious files between sites 'behind' the firewall. (NOT SAYING IT IS!!)
Back in my school days we were fortunate that our RBC blocked all site-site traffic on the router acls unless a specific agreement had been reached between schools (and signed off to the effect).
For those of you who do have arrangements in multiple schools I can appreciate this will be a headache, it might be worth asking whether you can have a VPN account that grants you access to schools which have signed off on it so you still retain the freedom necessary to function.
Good luck to those this affects and a pat on the back for CLEO taking local network security seriously.
15th September 2010, 07:54 AM #6
its gonna be a PITA, now instead of taking 5 minutes in another school to reset a teachers password at another school by remote accessing in im going to have to find time in my timetable to go to the other school ASAP and do 5 minutes work.
15th September 2010, 07:56 AM #7
Do CLEO not provide SGD? You could have an SGD account set up to publish rules to each of your supported school servers and use that internally & externally to get where you're after.
15th September 2010, 08:11 AM #8
It's not just that. There are schools with shared support, intranets and other comms going on. To simply cut them off with little notice would cause a large level of disruption I think.
15th September 2010, 08:22 AM #9
it was talked about at the last school tech meeting
School Technician Meetings | The Westfield Centre
4th October 2010, 04:45 PM #10
Not good when you're using it to replicate AD traffic! Try getting AD ports opened through the firewall team!
4th October 2010, 09:24 PM #11
AFAIK there should be no problem in getting any ports opened (as long as you are using them)
Try getting AD ports opened through the firewall team!
The intention was to stop the complete lack of any barriers - having a lot of ports open between some schools would still be a vast improvement.
You are probably just coming up against the standard "the answer is no - what was the question?" mentality of the collective
As long as you've got both headteachers great-grandparents signatures in triplicate the drones will have to comply
5th October 2010, 04:07 PM #12
- Rep Power
SecureACL exceptions for internal CLEO traffic are implemented by CLEO/LUNS and not at a county level, assuming you are talking about the Lancs firewall team. There should not be a problem opening AD ports between two sites which have a reciprocal agreement.
Originally Posted by buzzard
Last Post: 6th January 2009, 09:48 AM
By newdawnfades in forum CLEO
Last Post: 31st December 2008, 04:33 PM
By jcollings in forum How do you do....it?
Last Post: 24th January 2008, 09:24 AM
By woody in forum Web Development
Last Post: 20th October 2006, 08:28 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)