In short, we're screwed. There is no flexibility, we can either take it, or pay a huge wad of cash to try and get out of our contracts.
You can setup the filtering at a very basic level, and authenticate against an external IP - So you can run everything behind your own firewall. But this does mean the same filtering will apply to all users behind that IP. So either setup multiple firewalls for different types of user, or do your own filtering internally (Which is what we'll do).
More worrying still, I've heard from some schools that have converted over that their previously approved MIP requests are now being rejected for "Security Reasons." If you are running any services on site requiring ports to be forwarded, make sure that everything is running before turning off your LGfL1 connection.
Our LA have decided to revoke our wayleave, so who knows what happens in a few weeks when the Synetrix contracts end........
I will go over not necessarily the contract, but the other documents which detailed the services (the what and how). I am pretty sure if they had made the information about all these restrictions available, I and probably agood number of schools (would not have signed up). So it is either, they withheld vital information or they promised a service to replace our current service without fully understanding what their future service will entail. I have had a chat with my Head and we will be prepared to go to court for this one.
We are clearly unhappy about what they are trying to do and the fact that we signed up a year ago when we had not known what we know now should be immaterial. We could have well have signed on a blank paper (and they could be asking for our heads now), would the judge rule in their favour!? Not sure.
I think we have good grounds but cannot disclose it here. Drop me a PM and we can discuss further. Sorry, I do not wnat to let the cat out of the bag as I'm sure Brian Durrant is part of this thread (maybe not, as they don't seem to care about what we think).
I think schools that feel the same way should join together and get out of this contract. If it is not good for you, it is not good. If it is about providing a service, then I expect them to understnd this, but if it is about them squeezing money out of schools at all cost, then I can see us going to court over this simple matter.
Depending on how they handle the situaton, they could end up having more and more schools pull out of it. The wise thing would be to allow those who have worked out for themselves that the proposed service is not fit for purpose to leave, but if the court has to force them to let certain schools leave, thenany school they had previously denied this could actually have a case for compensation and more.
These are my thought, but I don't know for sure.
I have looked at the contract in details and all the promotion material that they sent out when asking schools to sign up. All I can see is mention of how the infrastructure will be put in place. No details of services apart from a listing and what schools would have had to typically pay if bought separately. And this list is actulally a listing of services that was available on LGfL 1.0.
So was it not safe to assume that that Broadband will be a direct replacement of LGfL 1.0? It appears to me all schools signed for was for Broadnabd to their school and LGfL 2.0 is now making up how they would like to administer the rest of the services as they go along. This is really not good for my school. I will keep you posted, when I hear from them.
Just found this thread. I am currently assisting a few dozen schools in London with the switchover and so far it has been nothing but trouble.
We have a few schools that run their own filtering and firewalling (option 2 with Synetrix) and they are basically up #### creak. Nowhere in the technical documentation that the schools received does it state that they will not be able to continue this type of service on the new network. It was only after an extensive phone conversation with someone at LGfL headquarters that it came to light that there is no 'connection only' option nor is there the ability to have a clean feed even to one IP address or username. ALL traffic will go through the Internet Watch Foundation's filters, which on the face of it seems like a good idea but we all know that no filtering is 100% effective. Atomwide will then apply their own four categories on top of this filtering to limit access even further.
It is an absolute joke that out of the box the standard LGfL 'Internet connection' (can it really be called this if all it allows access to is filtered web?) doesn't even allow email access. Last time I checked that was a pretty crucial part of the Internet.
Also seems a bit fishy that the remote support system that is used by the SIMS helpdesk (A Capita company) is banned for 'security reasons'. Who owns Synetrix? Oh yes, that'll be Capita as well.
I was annoyed when Capita/Synetrix implemented a blanket port 25 block across the whole of the LGfL but Atomwide's policies are on another level entirely.
If you are not happy please make your feelings known. One of my schools simply phoned up Synetrix and asked if they could continue the service with them and they were only too happy to oblige. They halved their bill from 27k to 12k for a three year 100Mbit connection.
If the Atomwide network was actually secure that would be one thing but I've demonstrated to others that I can access absolutely anything I want (pornography, AIM, FaceBook etc) through their connection using one freely available tool. Once kids know this it will be an endless game of cat and mouse as LGfL play catch up and blocks even more of the 'Internet'.
My last point in this rant (I'll stop soon, I promise) is that some of the Virgin engineers that are installing the kit are clearly totally incompetent. I have pictures of installs that would make you cringe. Routers hanging out of the front of cabinets, doors that if shut would crush the MTRJ fibre connector to pieces etc etc. This is kit that's been installed into cabinets that were on LGfL's 'approved list'. Don't even get me started on why a primary school of 200 users needs a 2U £7k+ cisco firewall.... All of this enterprise grade equipment is not free, you and I are paying for it somewhere down the line...
maestromasada (22nd March 2012)
So are we going to be able to run our own webservers then ? i.e. external access to moodle and our own email system ?
Yes, simple things like that should be fine from what I read in the documentation.
I had to remove the Virgin kit from my racks and put it all back in the right way round. The clown who 'installed' it put the Cisco firewall in backwards so that half of it was sticking out the front & I couldn't shut the door. He couldn't manage the router at all so just plopped it on top of the rack. Useless.
I'm at a school today that's recently switched over (tunnelling through their connection in order to access stuff that I need to!!). The IT office has been inundated with staff and students coming in to complain that they can't access websites or their email or other online services.
Sorry, edited for clarity, the following, unlike the above, is nothing to do with lgfl2, just a general rant about poorly managed IT :-)
I've been dealing with muppets all day and am fed up with it. I spoke to one central IT department that looks after IT for a group of 50 schools and they are refusing to open a port OUTBOUND on one school's firewall because they insist everything has to go through their ntlm-only poxy proxy server. They don't even have a route to the Internet, DNS requests from clients are blocked and the only service their users (inc staff) can access is filtered http and https. It's the BOFH's dream.
Last edited by sramdeen; 21st March 2012 at 05:10 PM.
These all sounds very frightening. Not that I was not already alarmed by the other restrictions I knew they intend to impose.
We are in a more difficult situation as the cable route has not even been agreed. The proposed route is a No no as this would cause damage to a £35k structure and Virgin has refused to look into alternative routes. So this looks like we could end up paying for a service which cannot be delivered as there is no wires to convey it.
It does appear as one big con. I can imagine what my users would do to me if their daily routine was disrupted as above at switch over.
The folk providing RBC etc. connections have a 'duty of care' that you don't appear to appreciate (comments on "filtered web"). They're possibly overdoing it here, but you haven't said anything/enough to convince me that's the case e.g. what port and why etc?
There are currently 1 users browsing this thread. (0 members and 1 guests)