MIS Systems Thread, Sims InTouch port requirements in Technical; Could someone confirm for me what the port 1194 is required for.
As it is an openvpn port I want ...
25th August 2010, 03:10 PM #1
Sims InTouch port requirements
Could someone confirm for me what the port 1194 is required for.
As it is an openvpn port I want to know if it is required for the software to work or if it is just for landesk, (used by the implementation team), to connect.
My concern is that the port would be left open to Capita servers, which although I am sure are keep secure and clean from viruses, I am not in control of.
IDG Tech News
25th August 2010, 03:18 PM #2
It's used by the application, it's how they can connect to your SQL database. LanDesk is HTTPS (443).
25th August 2010, 03:32 PM #3
Thanks for the confirmation, I understood landesk uses https, but was just wondering why they do not have a local service that pushed the data to the SMS gateway, why have a live link?. I just dont like other people having constant access to a server I administer.
25th August 2010, 04:01 PM #4
I assume it's a bit more dynamic then just the odd push\pull. I guess they could have used SIF or something however.
Yes, I agree it's a bit worrying, but you can always stick some firewall rules to limit what they can do, I assume they just need SQL ports open.
16th September 2010, 05:53 PM #5
- Rep Power
Don't you just hate how Capita are trying to rule the world! It's only a matter of time until ALL SIMS instals are on centrally hosted systems, and the data which used to be 'owned' by schools will suddenly be owned by Capita. There's a scary thought. :-(
Originally Posted by matt40k
16th September 2010, 06:36 PM #6
Nuttyprof you've take this thread off topic which is a shame as the topic of when it will be considered to be irresponsible/quaint to hold data in a school is fascinating and worthy of debate!
16th September 2010, 07:52 PM #7
@PhilNeal: To get back on topic, could you give us some details of how InTouch works? We've bought it and opened the port as requested (well it was open for Learning Gateway all ready). The Capita solution is somewhat different to the other solutions I've seen before in this respect as it uses a VPN.
16th September 2010, 07:57 PM #8
1a) When SLAs for RBC connections have some teeth at the school level and Local and National Gov can be *bothered* to pay for out-of-hours support on the equipment that supports the infrastructure we'd be relying on.
Originally Posted by PhilNeal
1b) And when they don't take services down for days at a time during the holidays "because no-one's going to be using them" because they're too tight to pay for it to be done correctly in the small hours.
1c) When MIS providers are held to the same standard.
2) When the LA with write access to the data screw it up completely, it's said LA who spends the time fixing their mess, rather than dumping it on the school.
2a) When the LA runs their own damn census queries using said access rather than asking us for the data they've already requested twice in a slightly different format because they're incapable of storing data in a re-usable manner.
3) When there's better communication between .gov, Exam boards and MIS providers as to wtf they're doing so it doesn't impact schools.
On my hilariously small (in comparison) budget, I have better availability figures than the RBC, SLG and of course SupportNet. Why would we knowingly degrade our service provision?
Last edited by vikpaw; 18th September 2010 at 12:33 PM.
16th September 2010, 08:16 PM #9
On topic, I believe it's because it needs direct SQL, and SQL is insecure, so you shove it over a VPN tunnel.
I can't decided if your parnoid or ill informed, sorry, I don't mean to be rude!!
RE: The RBC with some teeth, well if the government forced every school to use a RBC connection rather then allowing them to choose, I'm sure it'll be better IMHO.
Services don't get turned off for no reason, I'm sure they have a forum which they try to contact everyone to agreed a date, ok, not everyone's going to be happy...
So you're LA screws up your data? I can't believe that. I do agree about the duplication which normally get shoved on schools, still that's why the gov is looking at SIF.
As for why someone else doesn't run the census, is it's because it affects money. The data is the schools data, they must keep it correct, it saves on schools going, why have you only given me ££ for y many students when I have x many students and should be getting more £. It's basically a health check.
16th September 2010, 10:02 PM #10
Scheduled maintenance (as opposed to fixing unscheduled outages) should be done out of hours: evenings, weekends, early mornings. There's no point in asking people to use and rely on a service if they know the service might not be available when they need it.
Originally Posted by matt40k
We're reluctant to give them the opportunity to do so without an accompanying responsibility to fix it in a timely manner.
So you're LA screws up your data?
16th September 2010, 11:25 PM #11
We need a secure link to our server centre which sends out the txt and emails. Your messages are also stored on our server for future reference; our designers were concerned about just how much space could be taken up with messages and so a decision was taken to retain them at our centre.
Originally Posted by steve
19th September 2010, 08:40 AM #12
- Rep Power
19th September 2010, 04:10 PM #13
I do not choose the products that schools purchace, however, from what i read here, I would turn this product down for several reasons.
1. I see no need for a VPN that is initiated from outside
2. Why are you storing the messages, as Nuttyprof says, really, how much storage will this take. They are not your messages to store!
3. Direct access to the SQL database? why?
The design of the software seems to be a "because we can", rather than a "simple but secure".
I simply dont like people thinking is OK to be in a network I administer because they "need to be". If you need data for a function I or a local service will send it out to you.
Not trying to offend, just dont like external bodies assumuming they have a right to access the data because they wrote the program it sits in.
20th September 2010, 09:22 PM #14
There are various ways in which txt, voice and email solutions can be developed. Whilst an email solution could sensibly be designed to run from a school site, txt & voice solutions need specialist arrangements. To simplify the school end, much of the processing is handled at our centre and for that there needs to be a secure link between school and centre hence the VPN. Why a VPN ~ well it avoids Certificates, Firewall Rules, IP Addresses challenges that using HTTPS would bring.
Headers are stored in the SIMS DB but the detailed content is retained in our centre. Our technical architects designed it this way as emails and attachments can indeed be very large.
Responses txts etc from recipients are received by our centre and then fed back into the SIMS DB; hence the need to be able to write to the SIMS DB.
All stored responses are accessible automatically from within SIMS; the connection to the centre is seamless.
Servers are now being manufactured on an industrial scale and delivered in containers that just plug in. Google, Amazon & MS have vast server sites that can now host databases at a fraction of the cost of doing it yourself. I think it is only a matter of time before the norm is to host data in the cloud and to hold it locally will just be odd. Iím really interested in when this change will bed in because we need to be deigning such solutions now.
24th September 2010, 05:35 PM #15
- Rep Power
Originally Posted by PhilNeal
Mr Neal - I'm trying my absolute best here not to be cynical (really) but I liken the way Capita treats schools to the way in which the childcatcher treats the children in Chitty Chitty Bang Bang! You dangle the ever desirable "It's cheaper and easier" bag of sweets until us 'children' are all inside the van, and then the door gets slammed behind us
I know that some will call me 'paranoid' (someone already has in this thread), but it is terribly unhealthy for a Company such as Capita to have so much control (market share) in the education space.
Evry time you are challenged (and I've read a number of threads here) you then serve up the perennial and ever so 'delicious' reason that "its cheaper/easier for you" to justify why (in this case) you need a VPN into school systems!
Why a VPN? Honest answer - because it's easier for Capita! . It has no benefit to schools and indeed creates a security issue which many network managers would not tolerate
I suppose I should congratulate you for exploiting our human frailties.
Last edited by Nuttyprof; 24th September 2010 at 05:40 PM.
By BClayton in forum MIS Systems
Last Post: 13th April 2012, 07:19 PM
By Medium_Dave in forum MIS Systems
Last Post: 20th November 2009, 08:11 PM
By SYSMAN_MK in forum Educational Software
Last Post: 14th March 2008, 11:08 AM
By Tiger in forum MIS Systems
Last Post: 19th February 2008, 11:13 PM
By cookie_monster in forum Thin Client and Virtual Machines
Last Post: 24th January 2008, 04:02 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)