+ Post New Thread
Page 10 of 10 FirstFirst ... 678910
Results 136 to 143 of 143
Internet Related/Filtering/Firewall Thread, Lightspeed vs Smoothwall in Technical; Originally Posted by zag Thats great news! I've found the smoothwall reporting system to be miserably slow and just about ...
  1. #136


    AMLightfoot's Avatar
    Join Date
    Feb 2011
    Location
    Hampshire, England
    Posts
    2,172
    Thank Post
    372
    Thanked 626 Times in 398 Posts
    Rep Power
    252
    Quote Originally Posted by zag View Post
    Thats great news! I've found the smoothwall reporting system to be miserably slow and just about useless in real world situations where I've had to present data to our SMT members.

    Please consider making the reports more "human readable" and in line with what school managers would want to see.

    The user inteface also needs a lot of work, I completly missed how to change the dates on a report as it was such a small box at the top of the screen and not on the report options toolbar. Imo this should all be in the one place.

    Also consider offering the option of SSD drives in your future UTM boxes as this would make creating reports so much quicker.
    These are all excellent suggestions - particularly the one about the date/time when running reports. The project @ibpalle and I were working on should be released later this year. It won't address all of these points but it's a stepping stone towards it. Sometimes you have to change the fundamentals before you can make it pretty and we're working hard on getting the functionality there.

    It would really help if you could take the time to pop your feedback into our UserVoice page as this is used by our product managers to build project scopes and user stories that our UI designer will use to build a user-friendly UI

    Reporting: Hot (54 ideas)

  2. Thanks to AMLightfoot from:

    zag (6th May 2014)

  3. #137

    Join Date
    May 2010
    Posts
    1,031
    Thank Post
    105
    Thanked 87 Times in 64 Posts
    Rep Power
    49
    I tend to post on the Smoothwall direct support forum with lesser queries without much urgency (It is after all sponsored by Smoothwall..), I am a team of one at the school and rarely have time to spend on the phone with trivial issues and it's easier to post a quick forum post (with maybe input from other users not just Smoothwall), however the times that I have had urgency and logged / called Smoothwall the service has been excellent so that's not really the complaint.
    Simple things like the firewall issue, shouldn't really be a problem but it was the interface that caused confusion - I understand what I needed to do and I just get frustrated when it doesn't work, the online documentation didn't give any examples just an explanation of each function.

    After getting the outgoing ports thing sorted, the layer 7 app kindve works (It's stopping orbot / tor now) but other VPN traffic sails through without a problem - so I guess I'm going to have to be heavy handed and drop all ports except 80 and 443.

    What are other manufacturers doing about application level filtering ?

  4. #138


    AMLightfoot's Avatar
    Join Date
    Feb 2011
    Location
    Hampshire, England
    Posts
    2,172
    Thank Post
    372
    Thanked 626 Times in 398 Posts
    Rep Power
    252
    Quote Originally Posted by caffrey View Post
    I tend to post on the Smoothwall direct support forum with lesser queries without much urgency (It is after all sponsored by Smoothwall..), I am a team of one at the school and rarely have time to spend on the phone with trivial issues and it's easier to post a quick forum post (with maybe input from other users not just Smoothwall), however the times that I have had urgency and logged / called Smoothwall the service has been excellent so that's not really the complaint.
    Simple things like the firewall issue, shouldn't really be a problem but it was the interface that caused confusion - I understand what I needed to do and I just get frustrated when it doesn't work, the online documentation didn't give any examples just an explanation of each function.

    After getting the outgoing ports thing sorted, the layer 7 app kindve works (It's stopping orbot / tor now) but other VPN traffic sails through without a problem - so I guess I'm going to have to be heavy handed and drop all ports except 80 and 443.

    What are other manufacturers doing about application level filtering ?
    Sadly these 'get around your web filtering' applications pupils use are written to use/scan multiple outgoing ports and use whichever one they find unblocked and all too often you have a port unblocked for, say, an application update service or something and these applications jump on it. So it pays to keep outgoing stuff like that on a different subnet to the main LAN then you can set port rules by source.

    I will pass your feedback re: the manual on to our new Technical Author as I know we are looking at the manual as a long term ongoing project so user feedback in addition to the observations of @ibpalle, me and the support team is always helpful. Don't be afraid to pop it onto uservoice either - anything related to the product is helpful. Personally I'm campaigning for popup helplets like you see on those insurance comparison websites but that's just one suggestion amongst many.

  5. #139

    Join Date
    May 2010
    Posts
    1,031
    Thank Post
    105
    Thanked 87 Times in 64 Posts
    Rep Power
    49
    So there's really nothing that can be done about private/personal VPNs ? Its running rampant here and it's getting frustrating - I may as well not bother with filtering Latest apps are vpnexpress and onavo
    Last edited by caffrey; 8th May 2014 at 12:52 PM.

  6. #140
    Gaz
    Gaz is offline

    Join Date
    Feb 2011
    Location
    Preston
    Posts
    800
    Thank Post
    138
    Thanked 67 Times in 59 Posts
    Rep Power
    20
    Can you not block the applications from running? Do you use Impero or such like classroom management software?

  7. #141

    Join Date
    May 2010
    Posts
    1,031
    Thank Post
    105
    Thanked 87 Times in 64 Posts
    Rep Power
    49
    It's BYOD and iPads, the school owned ones are MDM managed so that's not the problem - It's mainly the BYOD devices, Smoothwall on the main domain works great.
    I can't even see the traffic on the realtime firewall logs

  8. #142


    AMLightfoot's Avatar
    Join Date
    Feb 2011
    Location
    Hampshire, England
    Posts
    2,172
    Thank Post
    372
    Thanked 626 Times in 398 Posts
    Rep Power
    252
    Quote Originally Posted by caffrey View Post
    So there's really nothing that can be done about private/personal VPNs ? Its running rampant here and it's getting frustrating - I may as well not bother with filtering Latest apps are vpnexpress and onavo
    Not without locking down every single outgoing port (you shouldnt need to open 80 and 443 because that goes through the proxy). The trouble with applications - Skype and iMessages seem to be the worst at this, is that they ask you to punch big fat holes in your port blocking. So it's a no-win situation. Your school wants Skype so you open all the ports it says it needs, then VPN and proxy bypass software sneak out that window (for example).

    Software like VPNexpress won't go through the proxy anyway because it uses higher port ranges so blocking VPN applications is literally down to firewall and if you have any ports open for the subnet they're coming from then you start getting issues. I'd suggest your best course of action would be to subnet the LAN the pupils are using and lock down every single outgoing port. If this isn't feasible due to things like 'Skype' being required then I'm not sure what else to suggest. Under the 'Blocked services' in your default and applied port rules is 'VPN/Tunneling' ticked?

  9. #143

    Join Date
    May 2010
    Posts
    1,031
    Thank Post
    105
    Thanked 87 Times in 64 Posts
    Rep Power
    49
    Sounds like I'm basically going to have to rely on the AUP for security for BYOD, everything else is managed and secure (domain network etc.) so I've no concerns, the wifi traffic is on a "guest" IP range and has no authentication (yet) so I could effectively shut down all the ports (1-65535) and see what happens ;p but it seems like it's going to be cat and mouse. It's much more of a safeguarding issue than a security issue (and I don't like hearing from 3rd parties that the students are boasting that they can get by the filter ;p)

SHARE:
+ Post New Thread
Page 10 of 10 FirstFirst ... 678910

Similar Threads

  1. Android Tablets vs. Smoothwall/Proxy
    By Gongalong in forum Netbooks, PDA and Phones
    Replies: 2
    Last Post: 10th July 2012, 12:18 PM
  2. Smoothwall Vs Sonicwall
    By SSFC in forum Internet Related/Filtering/Firewall
    Replies: 15
    Last Post: 29th March 2011, 08:41 AM
  3. ISA vs SmoothWall
    By Haux in forum Windows Server 2000/2003
    Replies: 16
    Last Post: 4th December 2009, 06:36 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •