Network administrators working for schools are usually more concerned about tech-savvy students trying to gain open access to the Internet by bypassing their firewalls or web filters than outsiders trying to hack into the school’s network and systems.
These tech-savvy students employ a variety of methods to achieve this. Some of the more common ones are listed below:
- They establish an SSL tunnel through the school’s firewall using readily available and free VPN clients such as OpenVPN and DotVPN.
- They publish a terminal server running at home over TCP port 80, log on to the terminal server from school and access any site through the terminal server. Non- application-aware firewalls are unable to tell the difference between this kind of traffic and Web traffic as both of them to use TCP port 80.
- They use smartphones as a wireless access point to gain full access to the Internet via their 3G/4G/5G connection.
This is precisely why we at Saasyan, recommend the use of best of breed firewalls such as those provided by Fortinet and Palo Alto.
Our software, Assure, allows ICT and non-technical staff in schools to be notified when a student is using a VPN on the school network – and who it is, even if the student is using their personal device. Visit our Assure page, or contact us if you would like to know how your school can use Assure to protect against the internal threat of VPN software.