Acceptable Use Policies and Private Networks

By lemri
Feb 13, 2007
  1. I can't seem to find any information on this. I am at a k-12 school where the school district has a pretty strict Acceptable use Policy.

    I am wanting to set up my school on VPNs and I want to use Private Addressing to separate the different virtual network subnets. I like the flexibility and security.

    The district is poo pooing the idea because they say the APU will be harder to enforce with private networks.

    Surely there is a way to identify authenticated users on private networks? What do other schools/businesses do if they want to enforce their APU and have a private network?

    Or will my only option be to subnet one of our IP ranges? I don't want to subnet, but I guess I could.

    Right now I have 2 non-contiguous Class C ranges that are used on all 300 of our computers via DHCP, 1 router, and 4 big switches. I need to get a more efficient network.
  2. jobeard

    jobeard TS Ambassador Posts: 11,128   +982

    Authenticating users occurs at LOGIN time and this is your major access control.

    Placing the VPN on a special subnet is a great idea as you can enforce special
    rules and extra logging.

    Making an Acceptable Use Policies(AUP) , posting it and informing the user
    community that it will be monitored and enforced is the first step.
    As they are only paper -- they have to be enforced to have any real teeth.

    something like this
    ISP --- permiter firewall --- major router --- switch --- infrastructure users
                                            |port fwd vpn ports
                                         minor switch --- VPN services --- vpn users
    will give you access control and auditing
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...