+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
MIS Systems Thread, SIMS over VPN in Technical; My former boss wants teachers to be able to log into the SIMS client from home over the VPN. I ...
  1. #1
    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,227
    Thank Post
    50
    Thanked 271 Times in 209 Posts
    Blog Entries
    6
    Rep Power
    108

    SIMS over VPN

    My former boss wants teachers to be able to log into the SIMS client from home over the VPN. I think this is a bad idea but can't articulate why. I would much rather they use the offline client that we spent so damn long setting up for all of them.

    What do you all think? Do you let your teachers use SIMS over VPN or do you use another solution like Terminal Services or the Offline Client?

  2. #2
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: SIMS over VPN

    Terminal services is going to be the easiest and more secure route I would have thought. It all comes down to the security issues though I would have thought.

  3. #3
    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,227
    Thank Post
    50
    Thanked 271 Times in 209 Posts
    Blog Entries
    6
    Rep Power
    108

    Re: SIMS over VPN

    Its my preferred method I will admit. Come April I'll be buying some TS CALs and installing TS on a server.

  4. #4
    apeo's Avatar
    Join Date
    Sep 2005
    Location
    Lost
    Posts
    1,612
    Thank Post
    95
    Thanked 115 Times in 111 Posts
    Rep Power
    41

    Re: SIMS over VPN

    Over here we have a few teachers laptops with Teachers Desktop on it. The question is what would the teachers require access to, and why.

  5. #5
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: SIMS over VPN

    Id go for a nice secure desktop where they can only run what sims needs. If you need to test it over the VPN for now you get about a 90 day grace period on the client licences.

  6. #6
    Netman's Avatar
    Join Date
    Jul 2005
    Location
    56.343515, -2.804118
    Posts
    911
    Thank Post
    367
    Thanked 190 Times in 143 Posts
    Rep Power
    54

    Re: SIMS over VPN

    MS Says:
    "Negative analyses of PPTP were published over three years ago. Security analysts identified three problems that were immediately corrected. Since then, there have been no new issues cited. Their most serious complaint was not concerning the implementation but rather that the use of a user name and password for VPN connections is not as secure as certificate-based authentication. Microsoft agrees with this conclusion which is one of the reasons why Windows 2000 Server and Windows Server 2003 support public key infrastructure (PKI) and include a certification authority service. If you must use user names and passwords, enforce the use of strong passwords. Strong passwords are long (more than eight characters) and contain a random mixture of upper and lower case letters, numbers, and punctuation. An example of a strong password is f*3L~qO2>xR3w#4o."

    Personally, I wouldn't worry about using it. You can use the Connection Manager Administration Kit to create an easy setup for the users and providing they are given strict instructions on security and you don't have any split tunneling going on, then it should be pretty easy and safe to use....

  7. #7

    SpuffMonkey's Avatar
    Join Date
    Jul 2005
    Posts
    2,224
    Thank Post
    54
    Thanked 276 Times in 184 Posts
    Rep Power
    133

    Re: SIMS over VPN

    Quote Originally Posted by ChrisH
    Terminal services is going to be the easiest and more secure route I would have thought. It all comes down to the security issues though I would have thought.
    I agree - we're putting in a 30 user Citrix solution for pretty much this reason.

  8. #8

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24

    Re: SIMS over VPN

    There's a good discussion over on this forum if you're interested (from a little while back but the principle is still the same):

    http://seclists.org/lists/security-b.../Aug/0497.html

    I remembered it because I want to do the same thing.

  9. #9
    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,227
    Thank Post
    50
    Thanked 271 Times in 209 Posts
    Blog Entries
    6
    Rep Power
    108

    Re: SIMS over VPN

    Quote Originally Posted by apeo
    Over here we have a few teachers laptops with Teachers Desktop on it. The question is what would the teachers require access to, and why.
    The amusingly named Assessment Manager (assman.exe :P) is the primary need. They're making them write all their reports in SIMS Manshead.

    Its not security that I'm concerned about so much, the encryption that the VPN connection offers is sufficient. Its more bandwidth concerns and usuability. My ex-boss says that he logs in SIMS "all the time" from home using the VPN connection and says it works fine. I think that when 20/30/40 teachers try it at once it will keel over and die and then people will start shouting at me the next day. Ully tried it last night and said it was crap, constant timeouts and dropped connections to the database.

    I told my ex-boss in no uncertain terms that I didn't want people connecting to SIMS over the VPN connection and that I thought it was a bad idea. However he has completely ignored me and told ALL the teachers in a training presentation yesterday to do it. I am pissed off to say the least.

    I'm setting up a terminal server now and relying on the 90 grace period.

  10. #10


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,618
    Thank Post
    275
    Thanked 777 Times in 604 Posts
    Rep Power
    223

    Re: SIMS over VPN

    Quote Originally Posted by Norphy
    I told my ex-boss in no uncertain terms that I didn't want people connecting to SIMS over the VPN connection and that I thought it was a bad idea. However he has completely ignored me and told ALL the teachers in a training presentation yesterday to do it. I am pissed off to say the least.
    well as long as your objections (and reasons) are in writing it's his fault (though probably still _your_ problem).

  11. #11
    Chafftech's Avatar
    Join Date
    Mar 2006
    Location
    Rainham, London
    Posts
    77
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: SIMS over VPN

    @norphy

    I would recommend you check the legal ramifications of having potentially sensitive data available to computers outside your LEA. Check with your LEA that they allow sims data to be accessed from teachers homes.

    Personally I would just say it can not be done due to data protection, particularly where children are involved.

  12. #12

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,400
    Thank Post
    636
    Thanked 961 Times in 661 Posts
    Blog Entries
    2
    Rep Power
    319

    Re: SIMS over VPN

    How secure are their home PCs? Have their family been subject to CRB checks?

  13. #13

    Join Date
    Sep 2005
    Location
    W. Cumbria
    Posts
    89
    Thank Post
    15
    Thanked 3 Times in 3 Posts
    Rep Power
    18

    Re: SIMS over VPN

    Hi,

    Not quite related to the SIMS issue but calls for accessing school networks from home is going to be more relevant as technology and speed increases.
    Many say why?
    I wouldn't be a teacher if it was handed to me on a plate. What I often see is staff coming in during school holidays or work late to either catch up on paper work or prepare lessons for absent staff etc and some have to travel a fair old distance as well.

    How better it would be for them to not have to travel or stay late or leave home if possible.
    The technology is there and so is the demand but not the understanding of why there is a demand.
    Yes there are many arguments against but I think we use them for our own purposes coz we inherent a secure safe network from our LEA or whatever.

    I'm not advocating a free for all but I think a more open minded approach from some quarters is needed to see the possiblilities.

    Cheers

  14. #14
    Chafftech's Avatar
    Join Date
    Mar 2006
    Location
    Rainham, London
    Posts
    77
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: SIMS over VPN

    Quote Originally Posted by Outpost
    Hi,


    I'm not advocating a free for all but I think a more open minded approach from some quarters is needed to see the possiblilities.

    Cheers
    I dont have a problem with accessing general work data from home, we have easylink that allows all staff and pupils to access their work. But if SIMS data is available and gets into wrong hands we could het sacked. There have been recent cases of teachers who on the sex offenders register getting jobs, if these can get the data at home unsupervised what are we leting ourselves in for?

  15. #15

    Join Date
    Sep 2005
    Location
    W. Cumbria
    Posts
    89
    Thank Post
    15
    Thanked 3 Times in 3 Posts
    Rep Power
    18

    Re: SIMS over VPN

    Of course sensitive data should be very secure and I personally would be against home access to that (SIMS etc)
    The EasyLink idea sounds great but its not just some techhies who are against home access it can be the providers as well.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •