Search This Blog

Wednesday, November 23, 2005

Careful with your VPNs

The new Eligible Services List says VPNs are eligible. Great! Except that you still can't use VPNs for most uses. The two most common uses of VPNs are not eligible. Take a look:

1) You say VPN to a network engineer, the first thing s/he'll think of is creating a virtual link between two locations by sending encrypted packets across the Internet. Now eligible? Hold on. The definition of Telecommunications in the ESL, from 47USC153(43), is: "the transmission, between or among points specified by the user, of information of the user’s choosing, without change in the form or content of the information as sent and received." So a point-to-point VPN is a telecommunications service. The service runs over IP, and the ESL says: "IP-enabled services are...not eligible for funding." So a point-to-point VPN looks ineligible to me.

2) The next use a network professional will think of for a VPN is remote access to network resources. However, remote access is allowed only from eligible locations. So it may be that if someone in School A wants to use a VPN client to connect to a VPN concentrator in School B to access School B's network resources, that would be eligible. Except that I'm sure the SLD would say it's only eligible if the person in School A is making the connection in order to use School B's Internet connection. (Take a look at the new rules for Terminal Server.) So the person from School A would be sending encrypted packets out of School A's Internet connection to School B, where they are unencrypted, sent out over School B's Internet connection, and then the response is received over School A's Internet connection again. I can't imagine a scenario where that architecture makes sense. A^Net^B-Net-B^Net^A (where ^ is an encrypted (VPN) link, - is an unencrypted link).

At a recent conference I did talk to a district that may have hit on an actual allowable use for a VPN. They have a leased fiber WAN set up as a loop throughout town, and some non-district sites are on the loop, so they'd rather their traffic over the WAN were encrypted. I think the equipment they'd need to set up that VPN would be eligible. (If they can get Priority 2 funding, which may be tough given the super-priority of Katrina-affected applicants.)

I voiced my concerns to Phil Gieseler, the eligible services guru at SLD, and I hope he'll come out with a clarification soon.

Window crashing in

Still nothing on the SLD Web site this morning about the Eligible Services List being released. Could it be that the SLD was as surprised as I was that the FCC essentially said, "We know we promised to give you 60 days notice of the opening of the window so you wouldn't be blindsided, but instead we're giving you 3." (7 calendar days, but only 3 working days for schools.)

What will USAC do? Apparently they aren't required to open the window on Dec. 1, but if I were over there, I think I'd do what the FCC wants.

I'm steamed. The FCC sits on the ESL for 3 months, then waives their own rule about warning, and not in a small way. The rule says 60 days, they give us 8 days. They reduced the period by more than a factor of 7. That's like an applicant saying, "I know the application window was only 70 days long, and it took me 500 days to get my application in, but hey, I was really busy, so could you please waive your rules and let me submit this application a year and half late."

I'm expecting a drop in the number of applications, though Katrina may raise the dollar amount requested.

Tuesday, November 15, 2005

The PINs are coming! The PINs are coming

Whew! In a dramatic shift from their normal terseness, the SLD is barraging me with notifications that I will soon be getting PINs. In trainings, in newsletters, in emails and now in a stack of letters, they're telling me that the PINs are on their way. OK, OK, I got it. My client database has a "PIN" field ready and waiting. Now send me the PINs.

I did get one piece of new information in the latest notification: on Dec. 5th, existing PINs will no longer work, and the new ones will.

It's also nice to know that the PINs will be mailed to the certifier (me) at the contact person's address (my office), rather than to the certifier (me) at the billed entity's address (as the quarterly reimbursement reports are, creating confusion in mail rooms at client districts). Of course, it would be nice to have the PIN mailed to the certifier at the certifier's address, but at least the current redirection works for me.

Tuesday, November 08, 2005

Maybe Katrina Impact Will Be Small

Another interesting idea Mel Blackwell brought up is that Katrina relief may not have as big an impact on funding as some fear. He planned to have the SLD encourage affected schools to use the Form 500 to return unused funding.

For example, the New Orleans school system should not need anywhere near the $4 million it requested in Telecommunications and Internet Access services. So as the district requests more funds to repair damaged buildings, it should be returning funds for telecommunications and Internet access.

It may be true to some extent, but I see two difficulties. First, school officials are scrambling to recover, so I can't see filling out a Form 500 making onto their priority list. Second, in 2006-2007 districts will need as much telecommunications and Internet access funding as ever, and are likely to need plenty of reconstruction aid then as well.

Thursday, November 03, 2005

Don't hold your breath for Priority Two

I had an opportunity to talk to Mel Blackwell (the head of SLD), and he also spoke to the assembled masses at the SLD training in Newark. That was a while ago, but I've been on the road....

The most interesting thing he said was this: Once 471s from the Katrina window start coming in, PIA is going to drop everything else and focus on those. Until then, PIA is focusing completely on Priority One applications. Which means that no one will be hearing anything about Priority Two until after Christmas. And it seems that if you combined Priorities on one 471, your application is also at the bottom of the stack until January or so.

Another consequence: Since PIA will be busy into January, why open the window before then? Mel suggested that a shorter (45-day) window might be in order (since all the applications come in at the end of the window anyway), but I suggested that since most applicants start to think about filing their 470 at the start of the window, shortening it to 45 days is going to cause problems.