LISTSERV - JOEBOX-L Archives

JOEBOX-L Archives

Joebox User

JOEBOX-L@LISTS.MAINE.EDU

	LISTSERV Archives
	JOEBOX-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show HTML Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Joebox sunset
From:	Rick Lange <[log in to unmask]>
Reply To:	Joebox User <[log in to unmask]>
Date:	Mon, 1 Jun 2015 08:26:54 -0400
Content-Type:	multipart/alternative
Parts/Attachments:	text/plain (4 kB) , text/html (8 kB)

Hi Andrew,
We currently have a Joebox in place at Lake Region High School, so if you
have not already done so, I would like to have us added to the list to
upgrade to an Edgerouter.  We also use VPN tunneling from our elementary
schools into the HS, and a handful of employee's use a VPN client to
connect to the HS LAN.  So any information you can send me on OpenVPN would
be helpful.

My other question is that we have 4 elementary schools, that are currently
using SonicWall TZ-170's for Firewalls, and I would like to replace them to
new firewalls during the summer.
Is it possible to purchase Edgerouters for those 4 buildings, and if so
what are the costs (and any annual licensing).
If this is not possible, do you have any recommendation of Firewalls
(appliances) that are reasonably priced?

Thank you for any help you can provide.
Rick Lange

On Tue, May 26, 2015 at 2:02 PM, Networkmaine <[log in to unmask]> wrote:

> Technical Coordinators,
>
> Please note: if your school or library does **not** currently have a
> Joebox as your MSLN-provided router, you may disregard the remainder of
> this message.  Otherwise, please read.
>
> As you are aware from our previous communication on this topic, the Joebox
> devices are no longer being supported by the manufacturer, and are
> therefore no longer receiving software updates.  In the past this has meant
> that the MECguard filtering service unique to the Joebox has become
> unsupportable, though the other functionality continued to be reliable and
> usable.  However, as we continue in to another year with no software
> updates, concerns regarding the security and stability of the Joebox
> mount.  For this reason we are discontinuing the Joebox as a supported
> routing device, and will be retiring all existing Joeboxes in favor of Edgerouter
> Pros <http://www.networkmaine.net/msln/edgerouter/>.  This will hopefully
> be completed by the end of this summer, if time and equipment inventory
> allow it.
>
> Many Joeboxes have already been replaced with Edgerouters, and the process
> has been going very well.  There are a few differences between the Joebox
> and the Edgerouters that you should be aware of, however.  It is probably
> self-evident that the Edgerouter does not support MECguard, as that is a
> unique Joebox feature.  Any site currently still using MECguard **must* *move
> to an alternative filtering service.  MSLN provides access to OpenDNS
> <https://www.opendns.com/> at no charge, and fortunately it is a superior
> service to MECguard in almost every way.  Nevertheless, if you find that
> OpenDNS will not work for your school for any reason, there are many third
> party filtering solutions available in the marketplace.
>
> The chief other difference is that there is no web interface on the
> Edgerouter, so there will be no direct management access available to site
> technical coordinators.  The Edgerouters do still support basic firewall
> services as well as NAT and DHCP, and so we will be able to replicate the
> existing configuration of the Joebox on the replacement Edgerouter.
> However, any changes to firewall rules or other similar services running on
> the Edgerouter will need to be submitted to Networkmaine for action.
> Therefore, we are advising any sites that make regular changes to their
> firewall rules on the Joebox, or who wish for greater local control of
> firewall services, to adopt their own firewall solution behind the
> Edgerouter.  Networkmaine can assist in transitioning from the Edgerouter
> firewall to a local firewall (the Edgerouter will need to remain in place
> for routing purposes of course).
>
> The only other commonly used Joebox feature that is not supported on the
> Edgerouters is VPN access.  Due to the lack of hardware acceleration for
> VPN connections on the Edgerouters, we are not able to allow them due to
> the possibility of a negative performance impact caused by their use.  We
> advise setting up a VPN server behind the Edgerouter if VPN connectivity is
> needed; there are free options available, such as OpenVPN, that can be
> installed on any unused hardware on your LAN.
>
> If you have any scheduling constraints for the summer that we would need
> to work around for purposes of replacing your Joebox, please let us know so
> we can make arrangements.  Additionally, if you have any questions about
> the Edgerouter <http://www.networkmaine.net/msln/edgerouter/> or the
> transition process, please do not hesitate to contact us.  Otherwise, we
> will be contacting sites to work on replacing Joeboxes progressively over
> the course of the summer.
>
> Thank you for your assistance as we work to provide you with the best
> possible equipment to continue delivering fast, reliable network service.
>
> --
> Andrew W. Henry
> Networkmaine NOC Coordinator
> University of Maine System
> Maine School and Library Network
> (207) 561-3587
> [log in to unmask]
>



-- 
__________________________________
Rick Lange
IS Network Manager
Maine School Administrative District 61
900 Portland Rd.
Bridgton, ME 04009
207-310-4127
[log in to unmask]
__________________________________

ATOM RSS1 RSS2

LISTS.MAINE.EDU