+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
MIS Systems Thread, Sims InTouch port requirements in Technical; Could someone confirm for me what the port 1194 is required for. As it is an openvpn port I want ...
  1. #1
    box_l's Avatar
    Join Date
    May 2007
    Location
    Herefordshire
    Posts
    424
    Thank Post
    67
    Thanked 89 Times in 74 Posts
    Rep Power
    61

    Sims InTouch port requirements

    Could someone confirm for me what the port 1194 is required for.

    As it is an openvpn port I want to know if it is required for the software to work or if it is just for landesk, (used by the implementation team), to connect.

    My concern is that the port would be left open to Capita servers, which although I am sure are keep secure and clean from viruses, I am not in control of.

    Cheers

    BoX

  2. #2

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,343
    Thank Post
    367
    Thanked 625 Times in 509 Posts
    Rep Power
    156
    It's used by the application, it's how they can connect to your SQL database. LanDesk is HTTPS (443).

  3. #3
    box_l's Avatar
    Join Date
    May 2007
    Location
    Herefordshire
    Posts
    424
    Thank Post
    67
    Thanked 89 Times in 74 Posts
    Rep Power
    61
    Thanks for the confirmation, I understood landesk uses https, but was just wondering why they do not have a local service that pushed the data to the SMS gateway, why have a live link?. I just dont like other people having constant access to a server I administer.

  4. #4

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,343
    Thank Post
    367
    Thanked 625 Times in 509 Posts
    Rep Power
    156
    I assume it's a bit more dynamic then just the odd push\pull. I guess they could have used SIF or something however.

    Yes, I agree it's a bit worrying, but you can always stick some firewall rules to limit what they can do, I assume they just need SQL ports open.

  5. #5

    Join Date
    Sep 2010
    Location
    Margate
    Posts
    20
    Thank Post
    2
    Thanked 5 Times in 3 Posts
    Rep Power
    8
    Quote Originally Posted by matt40k View Post
    Yes, I agree it's a bit worrying, but you can always stick some firewall rules to limit what they can do, I assume they just need SQL ports open.
    Don't you just hate how Capita are trying to rule the world! It's only a matter of time until ALL SIMS instals are on centrally hosted systems, and the data which used to be 'owned' by schools will suddenly be owned by Capita. There's a scary thought. :-(

  6. #6

    Join Date
    Sep 2006
    Location
    London
    Posts
    1,305
    Thank Post
    34
    Thanked 347 Times in 234 Posts
    Rep Power
    77
    Nuttyprof you've take this thread off topic which is a shame as the topic of when it will be considered to be irresponsible/quaint to hold data in a school is fascinating and worthy of debate!

  7. #7
    steve's Avatar
    Join Date
    Oct 2005
    Location
    West Yorkshire
    Posts
    1,043
    Thank Post
    22
    Thanked 177 Times in 123 Posts
    Rep Power
    51
    @PhilNeal: To get back on topic, could you give us some details of how InTouch works? We've bought it and opened the port as requested (well it was open for Learning Gateway all ready). The Capita solution is somewhat different to the other solutions I've seen before in this respect as it uses a VPN.

  8. #8


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,619
    Thank Post
    275
    Thanked 777 Times in 604 Posts
    Rep Power
    223
    Quote Originally Posted by PhilNeal View Post
    Nuttyprof you've take this thread off topic which is a shame as the topic of when it will be considered to be irresponsible/quaint to hold data in a school is fascinating and worthy of debate!
    1a) When SLAs for RBC connections have some teeth at the school level and Local and National Gov can be *bothered* to pay for out-of-hours support on the equipment that supports the infrastructure we'd be relying on.

    1b) And when they don't take services down for days at a time during the holidays "because no-one's going to be using them" because they're too tight to pay for it to be done correctly in the small hours.

    1c) When MIS providers are held to the same standard.

    2) When the LA with write access to the data screw it up completely, it's said LA who spends the time fixing their mess, rather than dumping it on the school.

    2a) When the LA runs their own damn census queries using said access rather than asking us for the data they've already requested twice in a slightly different format because they're incapable of storing data in a re-usable manner.

    3) When there's better communication between .gov, Exam boards and MIS providers as to wtf they're doing so it doesn't impact schools.

    On my hilariously small (in comparison) budget, I have better availability figures than the RBC, SLG and of course SupportNet. Why would we knowingly degrade our service provision?
    Last edited by vikpaw; 18th September 2010 at 11:33 AM. Reason: language

  9. #9

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,343
    Thank Post
    367
    Thanked 625 Times in 509 Posts
    Rep Power
    156
    On topic, I believe it's because it needs direct SQL, and SQL is insecure, so you shove it over a VPN tunnel.

    Off topic

    @Nuttyprof
    I can't decided if your parnoid or ill informed, sorry, I don't mean to be rude!!

    @pete
    RE: The RBC with some teeth, well if the government forced every school to use a RBC connection rather then allowing them to choose, I'm sure it'll be better IMHO.

    Services don't get turned off for no reason, I'm sure they have a forum which they try to contact everyone to agreed a date, ok, not everyone's going to be happy...

    So you're LA screws up your data? I can't believe that. I do agree about the duplication which normally get shoved on schools, still that's why the gov is looking at SIF.

    As for why someone else doesn't run the census, is it's because it affects money. The data is the schools data, they must keep it correct, it saves on schools going, why have you only given me ££ for y many students when I have x many students and should be getting more £. It's basically a health check.

  10. #10


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,619
    Thank Post
    275
    Thanked 777 Times in 604 Posts
    Rep Power
    223
    Quote Originally Posted by matt40k View Post
    Services don't get turned off for no reason, I'm sure they have a forum which they try to contact everyone to agreed a date, ok, not everyone's going to be happy...
    Scheduled maintenance (as opposed to fixing unscheduled outages) should be done out of hours: evenings, weekends, early mornings. There's no point in asking people to use and rely on a service if they know the service might not be available when they need it.

    So you're LA screws up your data?
    We're reluctant to give them the opportunity to do so without an accompanying responsibility to fix it in a timely manner.

  11. #11

    Join Date
    Sep 2006
    Location
    London
    Posts
    1,305
    Thank Post
    34
    Thanked 347 Times in 234 Posts
    Rep Power
    77
    Quote Originally Posted by steve View Post
    @PhilNeal: To get back on topic, could you give us some details of how InTouch works? We've bought it and opened the port as requested (well it was open for Learning Gateway all ready). The Capita solution is somewhat different to the other solutions I've seen before in this respect as it uses a VPN.
    We need a secure link to our server centre which sends out the txt and emails. Your messages are also stored on our server for future reference; our designers were concerned about just how much space could be taken up with messages and so a decision was taken to retain them at our centre.

  12. #12

    Join Date
    Sep 2010
    Location
    Margate
    Posts
    20
    Thank Post
    2
    Thanked 5 Times in 3 Posts
    Rep Power
    8
    Quote Originally Posted by PhilNeal View Post
    Nuttyprof you've take this thread off topic which is a shame as the topic of when it will be considered to be irresponsible/quaint to hold data in a school is fascinating and worthy of debate!
    The man revealeth his hand does he not ... schools are not up to the job, but Capita are!

    Quote Originally Posted by PhilNeal View Post
    We need a secure link to our server centre which sends out the txt and emails. Your messages are also stored on our server for future reference; our designers were concerned about just how much space could be taken up with messages and so a decision was taken to retain them at our centre.
    Hmm ... useful design decision eh? Do you really think that messaging for a single school is going to take up so much space, and that we can't deal with simple data management Mr Neal? Oh sorry, you're just trying to be helpful aren't you

    @Matt40K - none taken Neither paranoid nor ill informed, but very concerned at the erosion of the schools right to own and be responsible for it's own data, and deeply suspicious of Capita's land grabbing tactics (and their motives).

  13. #13
    box_l's Avatar
    Join Date
    May 2007
    Location
    Herefordshire
    Posts
    424
    Thank Post
    67
    Thanked 89 Times in 74 Posts
    Rep Power
    61
    I do not choose the products that schools purchace, however, from what i read here, I would turn this product down for several reasons.

    1. I see no need for a VPN that is initiated from outside
    2. Why are you storing the messages, as Nuttyprof says, really, how much storage will this take. They are not your messages to store!
    3. Direct access to the SQL database? why?

    The design of the software seems to be a "because we can", rather than a "simple but secure".
    I simply dont like people thinking is OK to be in a network I administer because they "need to be". If you need data for a function I or a local service will send it out to you.
    Not trying to offend, just dont like external bodies assumuming they have a right to access the data because they wrote the program it sits in.

    BoX

  14. #14

    Join Date
    Sep 2006
    Location
    London
    Posts
    1,305
    Thank Post
    34
    Thanked 347 Times in 234 Posts
    Rep Power
    77
    Box_1:

    There are various ways in which txt, voice and email solutions can be developed. Whilst an email solution could sensibly be designed to run from a school site, txt & voice solutions need specialist arrangements. To simplify the school end, much of the processing is handled at our centre and for that there needs to be a secure link between school and centre hence the VPN. Why a VPN ~ well it avoids Certificates, Firewall Rules, IP Addresses challenges that using HTTPS would bring.

    Headers are stored in the SIMS DB but the detailed content is retained in our centre. Our technical architects designed it this way as emails and attachments can indeed be very large.

    Responses txts etc from recipients are received by our centre and then fed back into the SIMS DB; hence the need to be able to write to the SIMS DB.

    All stored responses are accessible automatically from within SIMS; the connection to the centre is seamless.

    NuttyProf:

    Servers are now being manufactured on an industrial scale and delivered in containers that just plug in. Google, Amazon & MS have vast server sites that can now host databases at a fraction of the cost of doing it yourself. I think it is only a matter of time before the norm is to host data in the cloud and to hold it locally will just be odd. Iím really interested in when this change will bed in because we need to be deigning such solutions now.

  15. #15

    Join Date
    Sep 2010
    Location
    Margate
    Posts
    20
    Thank Post
    2
    Thanked 5 Times in 3 Posts
    Rep Power
    8
    Quote Originally Posted by PhilNeal View Post
    Box_1:

    There are various ways in which txt, voice and email solutions can be developed. Whilst an email solution could sensibly be designed to run from a school site (ahh .. schools can setup their own email system) , txt & voice solutions need specialist arrangements. To simplify the school end (making it easy for us again), much of the processing is handled at our centre (ahh bless you) and for that there needs to be a secure link between school and centre hence the VPN. Why a VPN ~ well it avoids Certificates, Firewall Rules, IP Addresses challenges that using HTTPS would bring.

    Headers are stored in the SIMS DB but the detailed content is retained in our centre. Our technical architects designed it this way as emails and attachments can indeed be very large (Ahh - perhaps schools can't setup their own email systems after all!).

    Responses txts etc from recipients are received by our centre and then fed back into the SIMS DB; hence the need to be able to write to the SIMS DB.

    All stored responses are accessible automatically from within SIMS; the connection to the centre is seamless.(how convenient and easy is that - are you trying to sell it to us Mr Neal?)
    NuttyProf:

    Servers are now being manufactured on an industrial scale and delivered in containers that just plug in. Google, Amazon & MS have vast server sites (and Capita want in on the big game with the worlds biggest data holding companies!) that can now host databases at a fraction of the cost of doing it yourself (cheaper again). I think it is only a matter of time before the norm is to host data in the cloud and to hold it locally will just be odd (did you mean inconvenient to Capita?). I’m really interested in when this change will bed in because we need to be deigning such solutions now (Really - I'd never have guessed how important it was to you!).
    [QUOTE=PhilNeal;563520]Box_1:

    Mr Neal - I'm trying my absolute best here not to be cynical (really) but I liken the way Capita treats schools to the way in which the childcatcher treats the children in Chitty Chitty Bang Bang! You dangle the ever desirable "It's cheaper and easier" bag of sweets until us 'children' are all inside the van, and then the door gets slammed behind us

    I know that some will call me 'paranoid' (someone already has in this thread), but it is terribly unhealthy for a Company such as Capita to have so much control (market share) in the education space.

    Evry time you are challenged (and I've read a number of threads here) you then serve up the perennial and ever so 'delicious' reason that "its cheaper/easier for you" to justify why (in this case) you need a VPN into school systems!

    Why a VPN? Honest answer - because it's easier for Capita! . It has no benefit to schools and indeed creates a security issue which many network managers would not tolerate

    I suppose I should congratulate you for exploiting our human frailties.
    Last edited by Nuttyprof; 24th September 2010 at 04:40 PM.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. [SIMS] Sims Intouch - Have you signed up?
    By BClayton in forum MIS Systems
    Replies: 52
    Last Post: 13th April 2012, 06:19 PM
  2. SIMS system requirements
    By Medium_Dave in forum MIS Systems
    Replies: 26
    Last Post: 20th November 2009, 07:11 PM
  3. Claros inTouch 2.1
    By SYSMAN_MK in forum Educational Software
    Replies: 1
    Last Post: 14th March 2008, 10:08 AM
  4. Replies: 3
    Last Post: 19th February 2008, 10:13 PM
  5. New TS install and requirements
    By cookie_monster in forum Thin Client and Virtual Machines
    Replies: 1
    Last Post: 24th January 2008, 03:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •