Identifying and Managing VPN Usage

About VPNs

A Virtual Private Network (VPN) allows you to control your computer’s identity and data when it connects over the internet to another website, app or network.

A VPN works by sending all of your internet traffic through an encrypted connection. This masks your IP address and encrypts your data, preventing it from being intercepted by outsiders. Schools can use VPNs to allow staff and students to securely access school networks from off–campus. Students might use a VPN to remain anonymous online and hide their internet activity.

Positives of VPNs

There are numerous advantages to using a VPN in an educational setting. VPNs can:

• Allow users to work or learn from home and access a school’s network.
• Let users access a school’s resources even when working or learning from a location with changing or poor connectivity.
• Link together two or more geographically separated school campuses into a combined, single network.

Negatives of VPNs

The main disadvantages of using a VPN in an educational setting involve the use of personal VPN services by students. Personal VPN services allow users to be anonymous online, hiding their internet activity and circumventing school content filtering and monitoring. The use of VPNs by students is often referred to as a behavioural challenge because, while VPN technology can be used for legitimate and valuable purposes, the most common VPN issue schools encounter is students using VPNs to deliberately access blocked content and to hide from the schools filtering and reporting platform. 

A school’s wellbeing and leadership team must ensure that their school has clear expectations around their ICT acceptable use policy. The processes for managing users, especially students, who consistently attempt to bypass the online safety the school has in place to ensure students are safe and distraction free online.

When is VPN use a concern?

VPN use is a concern when you find students are consistently using or attempting to use VPNs in a school setting. It is likely that they are actively trying to bypass your school’s content filtering and monitoring, limiting your ability to fulfill your duty of care. Students are at risk of accessing inappropriate online content, which can negatively impact their emotional and educational wellbeing.

Using School Manager to Identify VPN use

All users with access to the Statistics and Cyber Safety menus can use School Manager to determine if a student is trying to access a VPN by opening the:

• User Journey Report and selecting the VPN Categories
• Red Flags Report and filtering for the VPN tag
• Search Report and selecting the VPN tag

If your school has a active filtering rule to block VPNs, the Policy Violations column in the Blocked Report displays the number of times students attempted to access a VPN. We’ve improved the Blocked Report. To see the new report, Enable the Contemporary Design in the Feature Lab. When you open the new Blocked Report you can search for “VPN” (all capitals) in the Apps or Policies views.

When you look at the Dashboards or the Red Flags Report, the risk Indicators column displays an App (globe) or Search (magnifying glass) icon with the VPN tag to help you quickly identify the source of the VPN-related activities.

Your IT support can also use their Advanced Search tool to discover hidden or anonymized online traffic. Results can be sent to you by email and the results can be used to create new filtering rules to block new types of activity associated with VPNs.

Using School Manager to prevent VPN use

Creating a Block Rule on the Proxies and VPNS signature will block most known VPNs and other filtering circumvention services and tools. However, it’s a constant arms race between people trying to block those tools and the people making and selling them, and sometimes things slip through. If you identify unblocked VPN usage, you can also create a Block Rule to temporarily block the tool or service while we update the Proxies and VPNS signature.

For schools using a Linewize network appliance, we also recommend enabling the Quarantine feature in School Manager. The Quarantine feature temporarily blocks all internet traffic (for a default of three minutes) when a VPN is used to attempt to bypass your school’s safe network. The Quarantine feature is designed as a consequence to deter the wrong online behaviour. Being cut off from all internet sends the message that VPNs are not acceptable at school. You also inhibit a user’s access to potentially unsuitable content that your filters are otherwise blocking.

For more information, see Quarantining Users Trying to Bypass Filtering.