+ Post New Thread
Results 1 to 14 of 14
Internet Related/Filtering/Firewall Thread, Remote access / filtering / user tracking in Technical; I am looking for some opinions, I think I know the answer but I want to see what other people ...
  1. #1
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    671
    Thank Post
    42
    Thanked 17 Times in 16 Posts
    Rep Power
    22

    Remote access / filtering / user tracking

    I am looking for some opinions, I think I know the answer but I want to see what other people have to say.

    I want a solution that will give me,


    • remote access to folders
    • The ability to trace internet history per user
    • Teachers able to switch the internet on and off per room/user
    • Teachers able to temporarily unfilter websites (not permanently)


    I have had a quote from Smoothwall and I think it is probably what I would like (all down to finances though) Open VPN has been mentioned to me but I am not sure it will do all I want. I would love to here how other people are achieving these goals and maybe other things I have not thought about.

  2. #2
    Steven_Cleaver's Avatar
    Join Date
    Jul 2008
    Location
    Birmingham
    Posts
    465
    Thank Post
    174
    Thanked 85 Times in 69 Posts
    Rep Power
    50
    Remote Access to Folders Home Access Plus
    ABtutor should do the rest.

  3. 2 Thanks to Steven_Cleaver:

    edie209 (7th June 2012), zag (16th November 2012)

  4. #3

    Join Date
    Oct 2010
    Location
    Norfolk
    Posts
    120
    Thank Post
    1
    Thanked 20 Times in 19 Posts
    Rep Power
    11
    Hi,

    We use a number of different options,

    Home Access Plus, is very useful for allowing access to folders, I also use RemoteApps for SIMs access
    I use Lightspeed for filtering and monitoring for internet history (you can even monitor and limit staff laptops when they are at home)
    Impero for controlling internet in classrooms (Im not 100% happy with this solution.)
    Lightspeed for overriding the unfiltered sites.

    I am not too sure if that helps.

  5. Thanks to teklogic from:

    edie209 (7th June 2012)

  6. #4

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,817
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    Personally I would go with:

    Remote Access HAP or Adito
    the rest- Smoothwall

  7. Thanks to glennda from:

    edie209 (7th June 2012)

  8. #5

    Join Date
    Apr 2012
    Location
    Leeds
    Posts
    302
    Thank Post
    0
    Thanked 67 Times in 53 Posts
    Rep Power
    36
    Most firewalls should be able to do much of this as standard.

    You might want to take a look at one that also does SSL VPN as standard and integration into Windows Active Directory so you can see on a per user basis who has been looking at what and then report on it.
    Last edited by ZeroHour; 22nd November 2012 at 10:00 AM.

  9. Thanks to SchoolsBroadband from:

    edie209 (7th June 2012)

  10. #6

    Join Date
    Oct 2010
    Location
    Norfolk
    Posts
    120
    Thank Post
    1
    Thanked 20 Times in 19 Posts
    Rep Power
    11
    Another option, if you are running Server 08, is enable routing and remote and look at sstp (VPN over SSL). It has worked really well for myself and senior managers

  11. Thanks to teklogic from:

    edie209 (7th June 2012)

  12. #7
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    671
    Thank Post
    42
    Thanked 17 Times in 16 Posts
    Rep Power
    22
    I have been looking at HAP, but is there a issue with CALs would i have to have a CAL per user?

    So how about those of you who are using Smoothwall was it worth the extra expense (PM me if you don't want to say publically)

    And anyone using Open VPN what does that really offer?

  13. #8

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,817
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    Smoothwall is so worth what it costs! @tom_newton will be able to put you in touch with somebody I'm sure.

    Rather then Per user cals it can be cheaper to use external Connector (about 400-450pa on EES).

  14. Thanks to glennda from:

    tom_newton (8th June 2012)

  15. #9
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    671
    Thank Post
    42
    Thanked 17 Times in 16 Posts
    Rep Power
    22
    I am going to bring this up again, I now have HAP working and the staff are using it too which is a bonus.

    Tracking of users is the next issue, I want to be able to give the option to senior managers and HOY to be able to create reports on internet usage (Students) I am going to look at Lightspeed mentioned above but I need to have options so if anyone else can offer any suggestions that would be great.

  16. #10
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    807
    Thank Post
    83
    Thanked 132 Times in 115 Posts
    Blog Entries
    8
    Rep Power
    32
    Quote Originally Posted by edie209 View Post
    I am going to bring this up again, I now have HAP working and the staff are using it too which is a bonus.

    Tracking of users is the next issue, I want to be able to give the option to senior managers and HOY to be able to create reports on internet usage (Students) I am going to look at Lightspeed mentioned above but I need to have options so if anyone else can offer any suggestions that would be great.
    We use a Squid 3.0 proxy for student traffic monitoring and blocking with SARG to create the access reports all running on an Ubuntu 11.04 VM. The reports are parsed every night and dumped to a webpage hosted on the proxy. Teachers and staff have the address to view reports by AD username.

    For blocking I setup Squid to look up membership of an AD group and if the user is a member it restricts their access to only a couple sites used for online learning. Teachers can edit the group via an app I made in VB .Net 2010 that is hosted on a district shared drive.

    Content filtering is handled by the ISD (our version of an LEA). You could use Dan's Guardian though if you didn't have anything else.

    The entire setup took works well, but it did take a week or so to iron the bugs out.

  17. #11
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    671
    Thank Post
    42
    Thanked 17 Times in 16 Posts
    Rep Power
    22
    thanks for that so you have it as a VM? do you have a few more details about how you set it up? and how your traffic is routed?

  18. #12
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,834
    Thank Post
    919
    Thanked 423 Times in 356 Posts
    Blog Entries
    12
    Rep Power
    88
    abtutor + smoothwall + HAP

  19. #13
    Steven_Cleaver's Avatar
    Join Date
    Jul 2008
    Location
    Birmingham
    Posts
    465
    Thank Post
    174
    Thanked 85 Times in 69 Posts
    Rep Power
    50
    Moved from HAP to own remote access solution sort of with own software for logging and Encrypted APP for MIS access but allows access to PC's in schools + ABtutor + M86 firewall Filtering hosted at LEA but configured and Managed by us.

  20. #14
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    807
    Thank Post
    83
    Thanked 132 Times in 115 Posts
    Blog Entries
    8
    Rep Power
    32
    Quote Originally Posted by edie209 View Post
    thanks for that so you have it as a VM? do you have a few more details about how you set it up? and how your traffic is routed?
    Sure do. It's running on an ESXi 4.1 host and is assigned 2 vCPUs, 1GB RAM, 30GB of disk, and one NIC. Since it's not acting as a transparent proxy only the single NIC was needed (no routing necessary). It handles traffic in a 4,000 student district with relative ease. Squid is setup for NTLM to check usernames against Active Directory and logs traffic under the account name. SARG runs via Cron Job at 12:00 every night and parses the logs into a website that hosted off of the same proxy VM via Apache.

    We have filtering provided by our ISD externally so I setup their proxy as a cache peer in Squid. Once Squid is finished with it it'll pass of requests to the ISD proxy. You could do filtering internally if you had to though using Dan's Guardian.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 11
    Last Post: 17th June 2011, 08:57 AM
  2. Remote access of user areas from home
    By everton4europe in forum Wireless Networks
    Replies: 5
    Last Post: 18th July 2008, 12:29 PM
  3. Setting up remote access to staff user accounts
    By firefox_2006 in forum How do you do....it?
    Replies: 9
    Last Post: 19th May 2008, 12:30 PM
  4. Data Protection Act - re: Remote Access
    By mark in forum School ICT Policies
    Replies: 18
    Last Post: 26th September 2005, 07:19 PM
  5. Remote Access
    By ajbritton in forum How do you do....it?
    Replies: 6
    Last Post: 26th September 2005, 12:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •