As you are aware from our previous communication on this topic, the Joebox devices are no longer being supported by the manufacturer, and are therefore no longer receiving software updates.  In the past this has meant that the MECguard filtering service unique to the Joebox has become unsupportable, though the other functionality continued to be reliable and usable.  However, as we continue in to another year with no software updates, concerns regarding the security and stability of the Joebox mount.  For this reason we are discontinuing the Joebox as a supported routing device, and will be retiring all existing Joeboxes in favor of Edgerouter Pros.  This will hopefully be completed by the end of this summer, if time and equipment inventory allow it.

Many Joeboxes have already been replaced with Edgerouters, and the process has been going very well.  There are a few differences between the Joebox and the Edgerouters that you should be aware of, however.  It is probably self-evident that the Edgerouter does not support MECguard, as that is a unique Joebox feature.  Any site currently still using MECguard *must* move to an alternative filtering service.  MSLN provides access to OpenDNS at no charge, and fortunately it is a superior service to MECguard in almost every way.  Nevertheless, if you find that OpenDNS will not work for your school for any reason, there are many third party filtering solutions available in the marketplace.

The chief other difference is that there is no web interface on the Edgerouter, so there will be no direct management access available to site technical coordinators.  The Edgerouters do still support basic firewall services as well as NAT and DHCP, and so we will be able to replicate the existing configuration of the Joebox on the replacement Edgerouter.  However, any changes to firewall rules or other similar services running on the Edgerouter will need to be submitted to Networkmaine for action.  Therefore, we are advising any sites that make regular changes to their firewall rules on the Joebox, or who wish for greater local control of firewall services, to adopt their own firewall solution behind the Edgerouter.  Networkmaine can assist in transitioning from the Edgerouter firewall to a local firewall (the Edgerouter will need to remain in place for routing purposes of course).

The only other commonly used Joebox feature that is not supported on the Edgerouters is VPN access.  Due to the lack of hardware acceleration for VPN connections on the Edgerouters, we are not able to allow them due to the possibility of a negative performance impact caused by their use.  We advise setting up a VPN server behind the Edgerouter if VPN connectivity is needed; there are free options available, such as OpenVPN, that can be installed on any unused hardware on your LAN.

If you have any scheduling constraints for the summer that we would need to work around for purposes of replacing your Joebox, please let us know so we can make arrangements.  Additionally, if you have any questions about the Edgerouter or the transition process, please do not hesitate to contact us.  Otherwise, we will be contacting sites to work on replacing Joeboxes progressively over the course of the summer.

Thank you for your assistance as we work to provide you with the best possible equipment to continue delivering fast, reliable network service.