+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 31
Wireless Networks Thread, second internet connection or alternative (BLOXX?) in Technical; Both Bloxx and SmoothWall Guardian take settings from AD group - neither does per-machine auth yet, but we are certainly ...
  1. #16


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,475
    Thank Post
    866
    Thanked 850 Times in 672 Posts
    Rep Power
    196

    Re: second internet connection or alternative (BLOXX?)

    Both Bloxx and SmoothWall Guardian take settings from AD group - neither does per-machine auth yet, but we are certainly stroking our collective chins and thinking about it. It's a very "schooly" thing to want to do, but then we are pretty education focused here.

  2. #17
    limbo's Avatar
    Join Date
    Aug 2005
    Location
    Birmingham
    Posts
    460
    Thank Post
    2
    Thanked 41 Times in 36 Posts
    Rep Power
    25

    Re: second internet connection or alternative (BLOXX?)

    Quote Originally Posted by beast_gts
    Ask your LEA what they recommend.
    I have already done this dance with the LEA - we used to have an ip address that was allowed to bypass the filtering altogether because of a few projects we were running, and I know a few other schools had this too.

    I was told that schools have to have a Becta approved service which means filtering must be in place.

    I had a meeting with them earlier in the year and they said there was somthing coming and we could be on the pilot for it, got a phone call to say the person involved was going to be out of the office for a week and head nothing since. That was quite a few months ago.

    At the moment we are having to bypass our local imimic box because it made a lot of sites unusable - mainly those that need to maintain a session.

    I also discussed the option of a second internet connection from a different supplier for this purpose, but the LEA said that a) the provider would have to be Becta approved and therefore insist on filtering and b) it would give them concerns about security impacts on the BGfL network because the connection between us and them is open. This is obvisouly not unfounded, the connection between a school and the BGfL is open so they can offer remote support, ftp transfers etc.

    So if you find a solution then let me know.

  3. #18


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,475
    Thank Post
    866
    Thanked 850 Times in 672 Posts
    Rep Power
    196

    Re: second internet connection or alternative (BLOXX?)

    Just FYI, CorporateGuardian 6 (our standalone filter) will be Becta certified (once they have finished testing it - it is very new), as will the next version of SchoolGuardian (January). This is largely in order to overcome objections from LEAs on behalf of our School customers.

  4. #19
    limbo's Avatar
    Join Date
    Aug 2005
    Location
    Birmingham
    Posts
    460
    Thank Post
    2
    Thanked 41 Times in 36 Posts
    Rep Power
    25

    Re: second internet connection or alternative (BLOXX?)

    @tom - what I understand from the LEA it is the ISP that has to be Becta approved, not the filtering service and that the ISP have to offer filtering to be Becta approved.

    Because of the way the LEA WAN is structured, they are not happy with giving up all filtering because of the threat to the LAN. For example they will not let us control our own profanity, spam or virus filtering for email, only put in a layer above their filtering - and as their filtering is very vigilant most of the problems we have are with things being filtered when we do not want them to be rather than the other way around.

  5. #20

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,697
    Thank Post
    664
    Thanked 1,632 Times in 1,460 Posts
    Rep Power
    423

    Re: second internet connection or alternative (BLOXX?)

    Jesus I thought Norfolk was bad enough but they will let us opt out of their filtering and do it ourselves.

    All that stuff abuot being Becta approved is just crap.

    Ben

  6. #21
    limbo's Avatar
    Join Date
    Aug 2005
    Location
    Birmingham
    Posts
    460
    Thank Post
    2
    Thanked 41 Times in 36 Posts
    Rep Power
    25

    Re: second internet connection or alternative (BLOXX?)

    They do offer some flexibility with the filtering - but only if you buy in to their systems such as bgfl+ and pmm - but these products are not suited to the way the school works and we have actually had to add a layer of filtering on our exchange server just to filter out all the pmm messages that get generated and sent to staff.

  7. #22

    Join Date
    Sep 2005
    Location
    Handsworth Grammar School
    Posts
    147
    Thank Post
    0
    Thanked 2 Times in 2 Posts
    Rep Power
    19

    Re: second internet connection or alternative (BLOXX?)

    Quote Originally Posted by mortstar
    Quote Originally Posted by openhgs
    Bloxx can certainly do this. You can control what an individual user or a group of users can access. You can target groups of machines too, which is what we do. Staff machines have less strict filtering than student machines.
    Which version of Bloxx are you running? I have 3.2.1.6 (snappy version number) and it definitely doesn't have per machine settings it's per user - or more specifically per OU as it picks up groups from an Active Directory bind.
    We have the same version as you. We have static i/ps on all of our machines, which enables us to track by machine. We don't use active directory either.

  8. #23
    greenfieldsupport's Avatar
    Join Date
    Mar 2007
    Location
    Newton Aycliffe, Durham
    Posts
    240
    Thank Post
    14
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: second internet connection or alternative (BLOXX?)

    @openhgs

    Dear god, static IP's!?

    What an administration that would be.

    what would happen if your default gateway IP address changed, or you needed to change the IP of your dns server, or add another one in? :\

    Have you not concidered using DHCP?

  9. #24


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,475
    Thank Post
    866
    Thanked 850 Times in 672 Posts
    Rep Power
    196

    Re: second internet connection or alternative (BLOXX?)

    @openhgs - do you use any directory service? OpenLDAP etc?

  10. #25
    mortstar's Avatar
    Join Date
    Jan 2007
    Location
    Oxford
    Posts
    341
    Thank Post
    13
    Thanked 29 Times in 18 Posts
    Rep Power
    21

    Re: second internet connection or alternative (BLOXX?)

    I was intrigued openhgs' non-AD and static IPs so I googled.

    The middle paragraph of http://en.wikipedia.org/wiki/Handsworth_Grammar_School may be the reason why.

    Though it still doesn't explain static IPs?!

  11. #26

    Join Date
    Sep 2005
    Location
    Handsworth Grammar School
    Posts
    147
    Thank Post
    0
    Thanked 2 Times in 2 Posts
    Rep Power
    19

    Re: second internet connection or alternative (BLOXX?)

    Quote Originally Posted by greenfieldsupport
    @openhgs

    Dear god, static IP's!?

    What an administration that would be.

    what would happen if your default gateway IP address changed, or you needed to change the IP of your dns server, or add another one in? :\

    Have you not concidered using DHCP?
    Static i/p works very well for us. It means we are in total control; no one can just plug their own machine onto the network and gain access. They have to come to ICT first. Why should the default gateway or dns server change i/p address? I've assigned them ans these settings will stay.

    Quote Originally Posted by tom_newton
    @openhgs - do you use any directory service? OpenLDAP etc?
    We don't use any directory service. I never have and I've administered some huge networks in my time. All you have to do is remember the i/p address of every device on your network, which is surprizingly easy if you chose sensible names.

  12. #27
    mortstar's Avatar
    Join Date
    Jan 2007
    Location
    Oxford
    Posts
    341
    Thank Post
    13
    Thanked 29 Times in 18 Posts
    Rep Power
    21

    Re: second internet connection or alternative (BLOXX?)

    Quote Originally Posted by openhgs
    We don't use any directory service. I never have and I've administered some huge networks in my time. All you have to do is remember the i/p address of every device on your network, which is surprizingly easy if you chose sensible names.
    This line made me guffaw.

    Surely you don't mean every, single, IP on the network including clients?!?

    How do you track back user-abuse if all your reports from Bloxx are IP specific unless, as well as static IPs, you have static users which only ever use a specific machine?

  13. #28

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,156
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124

    Re: second internet connection or alternative (BLOXX?)

    It's the sort of thing which makes it sound like a small network!

    You could do it - eg if you have something:

    10.<building number>.<room number>.<computer number>

    as the IP address but it does make life hard.

    I can't see how it prevents anyone from piggybacking onto the network - all I have to do is set my IP address to be one of the ones I know is in use (and change the MAC if necessary) and my computer works and yours doesn't!

    You might never see a need to change DNS etc but the ability to do it just makes life easy when you put in a new server (leave both old and new for a while with only the new IP given out by DHCP)

  14. #29


    Join Date
    Oct 2006
    Posts
    3,412
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149

    Re: second internet connection or alternative (BLOXX?)

    Quote Originally Posted by tom_newton
    Just FYI, CorporateGuardian 6 (our standalone filter) will be Becta certified (once they have finished testing it - it is very new), as will the next version of SchoolGuardian (January). This is largely in order to overcome objections from LEAs on behalf of our School customers.

    Thank you thank you!!

    Thats pretty much the only things thats been stopping us from buying your product, and i know we are not the only one.

    FFS please get it done ASAP as our current filtering system is worse than what i would expect a school child to design, im not kidding.

  15. #30

    Join Date
    Apr 2006
    Posts
    138
    Thank Post
    0
    Thanked 19 Times in 10 Posts
    Rep Power
    38

    Re: second internet connection or alternative (BLOXX?)

    Quote Originally Posted by mortstar
    Quote Originally Posted by openhgs
    We don't use any directory service. I never have and I've administered some huge networks in my time. All you have to do is remember the i/p address of every device on your network, which is surprizingly easy if you chose sensible names.
    This line made me guffaw.

    Surely you don't mean every, single, IP on the network including clients?!?

    How do you track back user-abuse if all your reports from Bloxx are IP specific unless, as well as static IPs, you have static users which only ever use a specific machine?
    I'm sure openhgs does mean that he/she knows each and every i/p address on the network. I too have worked on sites with static i/p addresses and I could work out the i/p address of each device, but I did cheat - I had everything labeled clearly. Static users are not uncommon - all of the staff that I work with have been sitting at the same desk for years. Students also tend to occupy the same seats.

    As to changing your i/p and/or mac address to gain access to the network - why bother? It's just as easy to ask ICT to allow you onto the network. By using static i/ps and not using automatic browser configuration, I'm guessing openhgs can be sure that PCs on the network have appropriate anti-virus, etc.

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. VPN connection with internet connection option
    By FN-GM in forum Wireless Networks
    Replies: 6
    Last Post: 29th December 2007, 07:19 PM
  2. Anyone in York looking for an Internet connection?
    By wrights in forum Wireless Networks
    Replies: 11
    Last Post: 10th September 2007, 10:02 AM
  3. Virtual PC Internet Connection
    By sqdge in forum Thin Client and Virtual Machines
    Replies: 0
    Last Post: 21st August 2007, 05:21 PM
  4. Unfiltered Internet Connection
    By richard in forum How do you do....it?
    Replies: 16
    Last Post: 22nd April 2006, 08:23 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •