+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 22 of 22
Internet Related/Filtering/Firewall Thread, LEA denying access to our firewall for configuration in Technical; Being wires only is different to being on a managed network, difficulty of managing without central IdP (if services used ...
  1. #16

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,939
    Thank Post
    1,343
    Thanked 1,787 Times in 1,110 Posts
    Blog Entries
    19
    Rep Power
    595
    Being wires only is different to being on a managed network, difficulty of managing without central IdP (if services used need it) and then also requires firewall and other tools (filtering, etc) ... so, as mentioned before, it is sometimes a compromise.

    Saying that, taking ages to make changes is not a good thing. Your CAB only affects your users ... on a larger network that CAB might affect 2000+ schools. Sometimes that is what the issue is ... the time taken to check the knock on effect. Sometimes it is red tape ... and sometimes it is just not getting things in the right priority.

  2. #17


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by PiqueABoo View Post
    If I had that option I wouldn't take it - far better if the link provider controls the kit at both end i.e. when the link is broken there can be no argument about whose fault it is and who gets to fix it.
    I didn't take it either. But not being able to make simple firewall changes sucks (firewall resides int he school network so i'm ok)
    Last edited by CyberNerd; 28th February 2012 at 08:25 PM.

  3. #18


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by GrumbleDook View Post
    Saying that, taking ages to make changes is not a good thing. Your CAB only affects your users ... on a larger network that CAB might affect 2000+ schools. Sometimes that is what the issue is ... the time taken to check the knock on effect. Sometimes it is red tape ... and sometimes it is just not getting things in the right priority.
    This is where economies of scale don't add up so well. Schools get charged to be on these networks.

  4. #19

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,816
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    Quote Originally Posted by PiqueABoo View Post
    If I had that option I wouldn't take it - far better if the link provider controls the kit at both end i.e. when the link is broken there can be no argument about whose fault it is and who gets to fix it.
    Router Managed but firewall not - so aslong as you can prove its not your firewall if they argue about the case. with my leased line going live Friday this is the main reasoning behind going managed.

  5. #20

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,939
    Thank Post
    1,343
    Thanked 1,787 Times in 1,110 Posts
    Blog Entries
    19
    Rep Power
    595
    Quote Originally Posted by CyberNerd View Post
    This is where economies of scale don't add up so well. Schools get charged to be on these networks.
    And this is one of the myths that abound about economies of scale. There is a charge but for a school that is already doing a lot of their own stuff then yes, you may find that you can save money by doing stuff differently, but for so many schools who do use it then it does add up for them.

    I suppose it goes back to whether you believe that even though something might cost you as an individual school but saves over all, whether that is a good thing. The extra work that many schools will have to do to take over the management of their own wires only line is significant. Those schools which already do a fair portion of their own services (email, DNS, etc) are likely to be a step ahead but management of the router is one that I will always say to leave to the ISP unless you really have to.

    Of course, those in schools on multiple sites are a different matter ... and rather specialist as the intra-site traffic is as important (sometimes more important) than the internet traffic and control of that can be the swaying argument.

  6. #21

    garethedmondson's Avatar
    Join Date
    Oct 2008
    Location
    Gowerton, Swansea
    Posts
    2,263
    Thank Post
    965
    Thanked 324 Times in 192 Posts
    Blog Entries
    11
    Rep Power
    165
    Quote Originally Posted by localzuk View Post
    @GrumbleDook - Your argument only holds water if the LA in question here is reasonable and responsive. For a firewall change request like this, I'd fully expect it to be dealt with within a couple of days.

    I've been in one LA which took over a month to make a change to a firewall for the school, which is completely unacceptable.
    Our LEA refuse to change anything on the firewall. ONly certain ports are open - no incoming allowed.

    GJE

  7. #22
    ben604's Avatar
    Join Date
    Jan 2010
    Posts
    314
    Thank Post
    81
    Thanked 29 Times in 24 Posts
    Rep Power
    22
    Thanks for your replies, interesting reading. It's a fair point that damage could be done by inexperienced users.

    It's just a bit frustrating, we asked originally about 3 weeks ago, then had to chase them up for a response. Considering we want a single port configuring with just HTTP and HTTPS traffic coming through, it seems a bit of an ordeal to setup a new machine and install/configure IPCop (which took a good 2-3 hours yesterday).

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Deny Access to all printers on a print server?
    By SkreeM1980 in forum Windows Server 2000/2003
    Replies: 3
    Last Post: 6th May 2011, 01:35 PM
  2. Mobile Access to Google Calendar for school
    By rocknrollstar in forum Netbooks, PDA and Phones
    Replies: 2
    Last Post: 22nd September 2010, 03:43 PM
  3. Denied Access to Playback and Recording Devices
    By vehmeier in forum Windows Vista
    Replies: 2
    Last Post: 9th March 2010, 01:56 PM
  4. Deny access to RDP & CMD
    By mcloum in forum Wireless Networks
    Replies: 10
    Last Post: 12th January 2009, 01:50 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •