+ Post New Thread
Results 1 to 14 of 14
Internet Related/Filtering/Firewall Thread, Remote access / filtering / user tracking in Technical; I am looking for some opinions, I think I know the answer but I want to see what other people ...
  1. #1
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    669
    Thank Post
    40
    Thanked 15 Times in 14 Posts
    Rep Power
    20

    Remote access / filtering / user tracking

    I am looking for some opinions, I think I know the answer but I want to see what other people have to say.

    I want a solution that will give me,


    • remote access to folders
    • The ability to trace internet history per user
    • Teachers able to switch the internet on and off per room/user
    • Teachers able to temporarily unfilter websites (not permanently)


    I have had a quote from Smoothwall and I think it is probably what I would like (all down to finances though) Open VPN has been mentioned to me but I am not sure it will do all I want. I would love to here how other people are achieving these goals and maybe other things I have not thought about.

  2. #2
    Steven_Cleaver's Avatar
    Join Date
    Jul 2008
    Location
    Birmingham
    Posts
    443
    Thank Post
    157
    Thanked 76 Times in 61 Posts
    Rep Power
    48
    Remote Access to Folders Home Access Plus
    ABtutor should do the rest.

  3. 2 Thanks to Steven_Cleaver:

    edie209 (7th June 2012), zag (16th November 2012)

  4. #3

    Join Date
    Oct 2010
    Location
    Norfolk
    Posts
    117
    Thank Post
    1
    Thanked 19 Times in 18 Posts
    Rep Power
    11
    Hi,

    We use a number of different options,

    Home Access Plus, is very useful for allowing access to folders, I also use RemoteApps for SIMs access
    I use Lightspeed for filtering and monitoring for internet history (you can even monitor and limit staff laptops when they are at home)
    Impero for controlling internet in classrooms (Im not 100% happy with this solution.)
    Lightspeed for overriding the unfiltered sites.

    I am not too sure if that helps.

  5. Thanks to teklogic from:

    edie209 (7th June 2012)

  6. #4

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,714
    Thank Post
    269
    Thanked 1,116 Times in 1,012 Posts
    Rep Power
    345
    Personally I would go with:

    Remote Access HAP or Adito
    the rest- Smoothwall

  7. Thanks to glennda from:

    edie209 (7th June 2012)

  8. #5

    Join Date
    Apr 2012
    Location
    Leeds
    Posts
    265
    Thank Post
    0
    Thanked 51 Times in 43 Posts
    Rep Power
    33
    Most firewalls should be able to do much of this as standard.

    You might want to take a look at one that also does SSL VPN as standard and integration into Windows Active Directory so you can see on a per user basis who has been looking at what and then report on it.
    Last edited by ZeroHour; 22nd November 2012 at 10:00 AM.

  9. Thanks to SchoolsBroadband from:

    edie209 (7th June 2012)

  10. #6

    Join Date
    Oct 2010
    Location
    Norfolk
    Posts
    117
    Thank Post
    1
    Thanked 19 Times in 18 Posts
    Rep Power
    11
    Another option, if you are running Server 08, is enable routing and remote and look at sstp (VPN over SSL). It has worked really well for myself and senior managers

  11. Thanks to teklogic from:

    edie209 (7th June 2012)

  12. #7
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    669
    Thank Post
    40
    Thanked 15 Times in 14 Posts
    Rep Power
    20
    I have been looking at HAP, but is there a issue with CALs would i have to have a CAL per user?

    So how about those of you who are using Smoothwall was it worth the extra expense (PM me if you don't want to say publically)

    And anyone using Open VPN what does that really offer?

  13. #8

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,714
    Thank Post
    269
    Thanked 1,116 Times in 1,012 Posts
    Rep Power
    345
    Smoothwall is so worth what it costs! @tom_newton will be able to put you in touch with somebody I'm sure.

    Rather then Per user cals it can be cheaper to use external Connector (about 400-450pa on EES).

  14. Thanks to glennda from:

    tom_newton (8th June 2012)

  15. #9
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    669
    Thank Post
    40
    Thanked 15 Times in 14 Posts
    Rep Power
    20
    I am going to bring this up again, I now have HAP working and the staff are using it too which is a bonus.

    Tracking of users is the next issue, I want to be able to give the option to senior managers and HOY to be able to create reports on internet usage (Students) I am going to look at Lightspeed mentioned above but I need to have options so if anyone else can offer any suggestions that would be great.

  16. #10
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    731
    Thank Post
    74
    Thanked 113 Times in 99 Posts
    Blog Entries
    8
    Rep Power
    27
    Quote Originally Posted by edie209 View Post
    I am going to bring this up again, I now have HAP working and the staff are using it too which is a bonus.

    Tracking of users is the next issue, I want to be able to give the option to senior managers and HOY to be able to create reports on internet usage (Students) I am going to look at Lightspeed mentioned above but I need to have options so if anyone else can offer any suggestions that would be great.
    We use a Squid 3.0 proxy for student traffic monitoring and blocking with SARG to create the access reports all running on an Ubuntu 11.04 VM. The reports are parsed every night and dumped to a webpage hosted on the proxy. Teachers and staff have the address to view reports by AD username.

    For blocking I setup Squid to look up membership of an AD group and if the user is a member it restricts their access to only a couple sites used for online learning. Teachers can edit the group via an app I made in VB .Net 2010 that is hosted on a district shared drive.

    Content filtering is handled by the ISD (our version of an LEA). You could use Dan's Guardian though if you didn't have anything else.

    The entire setup took works well, but it did take a week or so to iron the bugs out.

  17. #11
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    669
    Thank Post
    40
    Thanked 15 Times in 14 Posts
    Rep Power
    20
    thanks for that so you have it as a VM? do you have a few more details about how you set it up? and how your traffic is routed?

  18. #12
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,530
    Thank Post
    815
    Thanked 380 Times in 317 Posts
    Blog Entries
    12
    Rep Power
    80
    abtutor + smoothwall + HAP

  19. #13
    Steven_Cleaver's Avatar
    Join Date
    Jul 2008
    Location
    Birmingham
    Posts
    443
    Thank Post
    157
    Thanked 76 Times in 61 Posts
    Rep Power
    48
    Moved from HAP to own remote access solution sort of with own software for logging and Encrypted APP for MIS access but allows access to PC's in schools + ABtutor + M86 firewall Filtering hosted at LEA but configured and Managed by us.

  20. #14
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    731
    Thank Post
    74
    Thanked 113 Times in 99 Posts
    Blog Entries
    8
    Rep Power
    27
    Quote Originally Posted by edie209 View Post
    thanks for that so you have it as a VM? do you have a few more details about how you set it up? and how your traffic is routed?
    Sure do. It's running on an ESXi 4.1 host and is assigned 2 vCPUs, 1GB RAM, 30GB of disk, and one NIC. Since it's not acting as a transparent proxy only the single NIC was needed (no routing necessary). It handles traffic in a 4,000 student district with relative ease. Squid is setup for NTLM to check usernames against Active Directory and logs traffic under the account name. SARG runs via Cron Job at 12:00 every night and parses the logs into a website that hosted off of the same proxy VM via Apache.

    We have filtering provided by our ISD externally so I setup their proxy as a cache peer in Squid. Once Squid is finished with it it'll pass of requests to the ISD proxy. You could do filtering internally if you had to though using Dan's Guardian.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 11
    Last Post: 17th June 2011, 08:57 AM
  2. Remote access of user areas from home
    By everton4europe in forum Wireless Networks
    Replies: 5
    Last Post: 18th July 2008, 12:29 PM
  3. Setting up remote access to staff user accounts
    By firefox_2006 in forum How do you do....it?
    Replies: 9
    Last Post: 19th May 2008, 12:30 PM
  4. Data Protection Act - re: Remote Access
    By mark in forum School ICT Policies
    Replies: 18
    Last Post: 26th September 2005, 07:19 PM
  5. Remote Access
    By ajbritton in forum How do you do....it?
    Replies: 6
    Last Post: 26th September 2005, 12:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •