# Why is it no pers email acccunts availible at work but



## Scoobie Newbie (24 Feb 2006)

most other sites can be accessed, ie TSN, Royal Bank etc


----------



## Jaxson (24 Feb 2006)

CFL said:
			
		

> most other sites can be accessed, ie TSN, Royal Bank etc



If i understood your question correctly, You are asking why you can access those other sites, but not your personal email?. I'm just going to take a stab at and say because in email, you can receive anything from , porn, to viruses to racial emails and jokes that you might find funny and others would be hurt and offended by. Then again, I'm just going on the reason why i was told we couldn't have them accessed when i was still in highschool.


----------



## geo (24 Feb 2006)

CFL.... it could also mean that your superiors want you to look after your work and not concern yourself with personnal matters. 

(BTW, I can't access CIBC or videotron.ca from work either)


----------



## Scoobie Newbie (24 Feb 2006)

Yes Jaxson that is my question.
geo understood but if that were the case why would any non-work related site be allowed?


----------



## Zoomie (24 Feb 2006)

CFL - apparently any web-based email ISP (i.e. Hotmail) is verboten on DIN systems for the reasons already mentioned.


----------



## Scoobie Newbie (24 Feb 2006)

Seen.
The only problem with that is anyone can simply forward emails from home to their work email and then if they were stupid enough disseminate them from there.
Point taken though.


----------



## TN2IC (24 Feb 2006)

Scotiabank works for me..... hehehe...


----------



## geo (24 Feb 2006)

probably an issue of regional firewalls.........


----------



## dapaterson (24 Feb 2006)

The explantaion as provided here was that there was an excessive risk of virus/malware infection from such sites.  The mail servers @ forces.gc.ca do a pretty good job of scanning and protecting systems from viruses or trojans at the enterprise level.  However, webmail systems are not filtered by this, and despite many years of warnings silly people click blindly opn attachments, unleasing viruses/trojans/malware on computers.  The DND solution has been to block access to all mail sites.  My solution would have been disciplinary action against people for jeopardising DND systems - was it Napoleon who explained the need to "faire un exemple pour encourager les autres"?


----------



## foerestedwarrior (24 Feb 2006)

dapaterson said:
			
		

> The explantaion as provided here was that there was an excessive risk of virus/malware infection from such sites.  The mail servers @ forces.gc.ca do a pretty good job of scanning and protecting systems from viruses or trojans at the enterprise level.  However, webmail systems are not filtered by this, and despite many years of warnings silly people click blindly opn attachments, unleasing viruses/trojans/malware on computers.  The DND solution has been to block access to all mail sites.  My solution would have been disciplinary action against people for jeopardising DND systems - was it Napoleon who explained the need to "faire un exemple pour encourager les autres"?




Bang on, though you can send and recieve from web based emails, to outlook on your baseline account. You can use your baseline email for personal communication, aslong as you dont recieve personal gain from it(ie selling stuff). Though use common sense, no porn, offensive jokes, ect.

Though this is all followed by a blanket statement in your Basline Contract, saying, You can use the interenet, email for personal use as long as it is not eccesivley used.


----------



## Jaxson (24 Feb 2006)

> faire un exemple pour encourager les autres"?




What?


----------



## geo (24 Feb 2006)

....Make an example (sacrificial goat) to encourage all others.


----------



## Jungle (24 Feb 2006)

geo said:
			
		

> ....Make an example (sacrificial goat) to encourage all others.


I believe it is supposed to discourage others...


----------



## geo (25 Feb 2006)

matter of perspective.....
Encourage people to do the right thing VS discourage others from doing what the other guy did.

Quarter = 25¢


----------



## Jungle (25 Feb 2006)

geo said:
			
		

> matter of perspective.....
> 
> Quarter = 25¢


You're right:
In French: 25¢ = trente sous !!    ;D


----------



## Radop (25 Feb 2006)

Another thing that was brought up was why you can access some site but not others.  The main reason is to to research when we need to.  I had to look up cost of equipment when I made a proposal to my Sqn commander.  We do not have easy access to an internet machine at work so I did it throught he DIN and found the answers I needed.  It would have meant leaving my area to go do the research.  This way I could do it from my desk and get phone calls from the Troop office still. lol.


----------



## geo (26 Feb 2006)

Radop....
Within my dept we have a couple of Internet authorized machines.
These beasties have been identified & given a little bit more leeway for web surfing.


----------



## Canadian Sig (6 Mar 2006)

Just thought that I would add that you can set up a pers e-mail account at www.canada.com and access it from DND computers.


----------



## TheMadscanner (11 Apr 2006)

As per earlier posts, the reason will be the manner in which the various servers (not just mail servers, I suspect) communicate with the DND servers.

Here in the UK, we operate a similar degree of security that means virtually all web-based mail is blocked. This does not stop individuals forwarding their emails, but this is acceptable as (I am given to understand) it changes the methods of communication between servers.

As an examples of our criteria (which are likely to be similar to yours) for rejection of a connection:

     The web server/site is attempting to supply this web page in a manner deemed hazardous to the security of MoD networks because

          The Web Server you are visiting is requesting to communicate on non-standard ports;
          The Web Server is attempting to construct the page you requested by running scripts or active elements on your PC.

Regards


----------



## JSR OP (22 Apr 2006)

Another reason why some you can't do some things on the DWAN is, believe it or not, COMMSEC related.  The DWAN is considered PROTECTED A.  The Internet is considered UNCLAS.  In certain circumstances, the two don't mix.  Sure you can forward DND emails to your buddies in the civy world, but have you noticed that you can only automatically forward emails to DND accounts, but not, say to your home email account?

If for some reason your doing some research/ job related activity, and the DND firewall blocks access for whatever reason, you can apply to have the specific site you require accessible so that you can do your job.  I don't know how long it takes to get access though...

I can tell you it doesn't take long to have a site blocked though.  While I was working in the Helpdesk at a previous unit, one of the guys there was going to PageThree.com, part of the London Sun (UK) website.  Needless to say, one of the female Cpls there took offence to this guy looking at the topless women right in front of her.  She complained, and the site was blocked that day.


----------



## 17thRecceSgt (17 Jun 2006)

I work as the Network Manager at the Bde HQ in Halifax, and get this/these question(s) alot.

Why can't I access my hotmail?  I could use my online banking last week, today I can't?  

Hotmail requires you to accept a cookie.  The Internet Explorer configuration via Baseline DWAN PCs does not accept cookies.

Why do some sites work and others not WRT Internet access?

The GPnet is part of the system that functions as the portal that all Internet-bound traffic goes thru.  Depending on the day/time/threat, the boys at CFNOC and NVAT and organizations such as those will "lock down" the firewall if there is a certain specific threat they are trying to protect the DWAN from, or things of that nature.  I have never seen the DMZ portion of the GPnet, but have heard there is a mystical wizard protecting it up in Leitrim, who asks you 3 questions you must answer before being allowed to cross the bridge...

Point I am making is it changes (the firewall, and sites allowed/denied) and usually we don't find out the sites allowed/blocked from the folks that control them.

In regards to people being able to email stuff to their home accounts from the DEMS (Defence Electronic Mail System, most people call it "my Outlook"), this is discussed at our Tech Working Groups, and we concluded it is equally as easy to walk out with the same data on floppy disks, CDs, or the new handy-dandy USB/thumb/flash drives that people all have these days as well.  But our mail servers are config'd where we have control of who has the "Send" ablity via SIEM lists (SMTP Internet EMail).

Mud

*Edit - GPNet is the General Purpose Network.  Some bases and units, there are GPNet pc's avail for more "unrestricted" access to Internet stuff, and it runs seperate from the DWAN. (i.e. not on the same media, different wiring centers, the whole sha-bang).  Gagetown is now deploying GPNet using AD, GPOs and lots of new and funky stuff that comes with W2K3 Svr, Active D and the newer MS bells and whistles)


----------

