+ Post New Thread
Page 3 of 3 FirstFirst 123
Results 31 to 42 of 42
Network and Classroom Management Thread, Allowing Student's Personal Devices (BYOD) - for/against in Technical; Originally Posted by drewp May I ask: What is meant by "KS5 filtered internet" and "KS3 filtered internet" Key Stage ...
  1. #31

    sonofsanta's Avatar
    Join Date
    Dec 2009
    Location
    Lincolnshire, UK
    Posts
    5,035
    Thank Post
    890
    Thanked 1,475 Times in 1,012 Posts
    Blog Entries
    47
    Rep Power
    647
    Quote Originally Posted by drewp View Post
    May I ask: What is meant by "KS5 filtered internet" and "KS3 filtered internet"
    Key Stage 3 (KS3) are filtered more strongly than Key Stage 5 (KS5 i.e. 6th form) here. As KS5 are voluntary students, it's up to them if they waste their time on Hotmail, as far as I'm concerned.

  2. Thanks to sonofsanta from:

    drewp (24th November 2011)

  3. #32
    drewp's Avatar
    Join Date
    Sep 2007
    Posts
    94
    Thank Post
    34
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    @sonofsanta thanks!

    I work at an independent boarding school so internet filtering here is quite complex. We keep all pupils away from web based email sites during their school day. Out of hours we allow those over 13 years old to access web based email sites and social networking sits.

    Trying to recreate something like this on a guest wireless network proving difficult for us due to how personal devices vary in how they can work with proxy servers.

    Not sure if a guest wireless network using a transparent proxy with no auth giving all connected users KS3 filtering would actually be used, they would probably just turn on their 3G connections
    Last edited by drewp; 24th November 2011 at 12:46 PM.

  4. #33

    sonofsanta's Avatar
    Join Date
    Dec 2009
    Location
    Lincolnshire, UK
    Posts
    5,035
    Thank Post
    890
    Thanked 1,475 Times in 1,012 Posts
    Blog Entries
    47
    Rep Power
    647
    Quote Originally Posted by drewp View Post
    Not sure if a guest wireless network using a transparent proxy with no auth giving all connected users KS3 filtering would actually be used, they would probably just turn on their G3 connections
    That's where "100 year old building out in the sticks" actually works out for me for once - to get 3G signal here I have to go and stand on the playing field over the road, so given the choice between unfiltered-GPRS-web and filtered-fibre-optic-web I reckon that unfiltered 3G connections isn't a worry

    (Plus, they can connect to the web that way whether you offer a wireless provision or not. If anything, offering something should reduce the numbers using mobile tethering etc.)

  5. #34

    Join Date
    May 2011
    Location
    Jus North of London, close but not too close
    Posts
    807
    Thank Post
    180
    Thanked 63 Times in 60 Posts
    Rep Power
    36
    Quote Originally Posted by glennda View Post
    The problem with not telling them the password is Win 7 now allows you to view a key. Therefore removing the point in it being secret as they can just share with each other. I tend to look through logs and block ipods etc via mac address.
    Apologise for being off subject.

    Can they do this without knowing administrator credentials? I have tried on a student login, both trying to show the key and copying the wireless profile to memory stick require admin credentials.

    Of course the allowing of student wireless devices opens a whole bunch of filtering, distraction, technical issues and access to unwanted sites and think there must be an SMT decision on this with all these points raised with any cost to infrastructure support.
    Last edited by Davit2005; 24th November 2011 at 11:34 AM.

  6. #35

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,527
    Thank Post
    1,339
    Thanked 470 Times in 307 Posts
    Blog Entries
    6
    Rep Power
    200
    Quote Originally Posted by Davit2005 View Post
    Apologise for being off subject.

    Can they do this without knowing administrator credentials? I have tried on a student login, both trying to show the key and copying the wireless profile to memory stick require admin credentials..
    if they are bringing their own devices they are going to be admins of their own machines.

  7. #36
    drewp's Avatar
    Join Date
    Sep 2007
    Posts
    94
    Thank Post
    34
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    Some Wireless solutions can produce a shared key per user per device, once the key has been put into a device that key can't be used again.

    Ruckus calls a it a Dynamic Pre-Shared key, AeroHive calls it a Private Pre-Shared key - I dont know of any other Wi-Fi solutions that offer this feature!

  8. #37
    drewp's Avatar
    Join Date
    Sep 2007
    Posts
    94
    Thank Post
    34
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    Quote Originally Posted by RabbieBurns View Post
    the student wireless is seperated and locked down to port 80 only
    I accept that https traffic would have to be blocked if using a transparent proxy as it canít be filtered, but how usable is the internet without it?

  9. #38

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,527
    Thank Post
    1,339
    Thanked 470 Times in 307 Posts
    Blog Entries
    6
    Rep Power
    200
    the reason we let them use their laptops at school is as a learning device.

    so they can google, they can read wikipedia, they can access learning resources etc.

    I have whitelisted a couple of SSL sites namely our MIS and Live@edu which is achieved by IP based ACL

  10. Thanks to RabbieBurns from:

    drewp (25th November 2011)

  11. #39
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,675
    Thank Post
    168
    Thanked 221 Times in 204 Posts
    Rep Power
    67
    You need a better firewall \ filter for BYOD really, so much stuff can tunnel through 80 \ 443 now an application-aware firewall is a must imo...

  12. #40


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,479
    Thank Post
    867
    Thanked 852 Times in 673 Posts
    Rep Power
    197
    Quote Originally Posted by drewp View Post
    I accept that https traffic would have to be blocked if using a transparent proxy as it can’t be filtered, but how usable is the internet without it?
    It is possible to transparently filter https with the right filter. Sadly this relies on client side extensions not present in winXP, early IOS or pre-gingerbread android.

  13. Thanks to tom_newton from:

    drewp (25th November 2011)

  14. #41
    drewp's Avatar
    Join Date
    Sep 2007
    Posts
    94
    Thank Post
    34
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    @tom_newton I'm sure that I have the right filter in that case It's a shame it depends on the device being used though.

  15. #42


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,479
    Thank Post
    867
    Thanked 852 Times in 673 Posts
    Rep Power
    197
    Quote Originally Posted by drewp View Post
    @tom_newton I'm sure that I have the right filter in that case It's a shame it depends on the device being used though.
    SNI is the trick we use - basically the browser gives away where it is going, so you can domain filter (and MITM if you feel that way out), sadly its a fairly new extension, but support is there in all major tablets and laptops afaik

SHARE:
+ Post New Thread
Page 3 of 3 FirstFirst 123

Similar Threads

  1. Allowing student password changes for non-admin teacher
    By cheeseslice in forum Windows Server 2008 R2
    Replies: 5
    Last Post: 22nd September 2011, 08:18 AM
  2. Replies: 16
    Last Post: 18th June 2010, 08:42 PM
  3. Replies: 3
    Last Post: 4th September 2009, 09:08 PM
  4. Replies: 1
    Last Post: 2nd April 2008, 03:43 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •