8 building blocks for a high performance school IT network
Download as PPTX, PDF1 like859 views
The document outlines eight essential building blocks for establishing a high-performance school network, addressing various challenges such as security, resource management, and user experience. It emphasizes the need for effective network management strategies, including access control, monitoring, and resilience to ensure optimal performance and user satisfaction. The document highlights the importance of adapting to increasing digital demands while maintaining security and efficiency within educational environments.
8 building blocks for a high performance school IT network
- 1. 8 Building Blocks for a High Performance School Network © Copyright 2014 Modrus
- 3. The Problem 3 Mark Zuckerberg Founder, Facebook “Our policy at Facebook is literally to hire as many talented engineers as we can find. There just aren't enough people who are trained and have these skills today.“ Eric Schmidt Executive Chairman, Google “For most people on Earth, the digital revolution hasn't even started yet. Within the next 10 years, all that will change.
- 4. The Problem 4 Greater network and internet security Better monitoring of who is accessing what Wider use of video and graphical content Providing universal home access for staff and students Students and staff wanting to connect to different kinds of devices Current pressures on School IT teams:
- 5. 5 So, how can you keep your school networks on the rails?
- 6. The Problem 6 Users typically lose up to 30 minutes a day waiting for PC’s to load or reboot (Gartner, 2009) 86% of users across Europe, Asia and North America lose 18 hours productivity or more a month. (Forrester, April 2013)
- 7. The Problem No. users affected x average cost per user x lost productivity % 100 staff £25k average cost pp Half an hour a day = 6% of working week 7
- 8. The Problem No. users affected x average cost per user x lost productivity % £150,000 lost per year 8
- 9. The Problem 9 Lowers both staff and student morale
- 11. The Problem 11 Increases stress in the IT dept
- 12. The Problem 12 Loss of user confidence in IT Dept
- 13. So How Does Poor IT Performance Impact You?
- 16. Protecting whom from what? • How do you make sure the right people can access the right files? • How can we stop the wrong people accessing the wrong files? • How do we separate student and staff networks whilst enabling staff to appear on both? • Where do we put the intelligence that manages our network access rules? 16 1 Security
- 17. What does good security look like? Correct Access Permissions • The right people access the data they need • The wrong people don’t have access to anything they shouldn’t
- 18. 18 Give authorized users a secure environment • Users cannot do anything that may compromise their environment • No admin rights for standard users
- 19. 19 A good method for elevating permissions for super-users • A secure and managed process for raising the permission levels of users
- 20. 20 Reviewing access • Do people who have left or moved roles still have access to data?
- 21. 21 Strong security at the edge or border • Firewalls to block external access • VLANs to separate networks
- 22. 22 Certificates to encrypt/ decrypt data • Ensuring nothing gets modified in transit
- 23. What’s actually going around our network? • Is your network a free-for-all where “whoever gets there first gets the most”? • Is more use of live streaming, video data and digital photography in learning vastly increasing your network traffic? 23 2 Resources
- 24. What does good network management look like? Visibility of performance • Monitor switches • Alerts on thresholds of usage
- 25. 25 Regular usage reviews/ capability checking • Is the school running low on ports? • Do you need to organise more switches now and reduce delays to users when more capacity is needed at short notice?
- 26. 26 Where are the performance bottlenecks? • Are uplinks from edge switches able to cope with demand?
- 27. 27 Quality of service • Can performance be improved by identifying different data types and prioritising?
- 28. How can we connect anything anywhere and still manage it? • How many people are likely to want to connect and where? • How do you manage staff and students bringing their own devices to connect to your network? • How do you authenticate and track users and focus on what is safe for them to access? 28 3 Wireless
- 29. What does good wireless management look like? Appropriate levels of access depending on connection type • Monitor switches • Alerts on thresholds of usage
- 30. 30 Performance monitoring, specifically capacity and coverage • Ensure you have enough bandwidth or throughput to cope with demand • Ensure you can get a strong wireless signal in all required areas and not available elsewhere
- 31. How can they get securely and simply connected in? • How do you control how visiting teachers, parents and students connect to the internet? • How do you separate that network from the core staff and students? • How can you ensure guest devices and traffic are secure? 31 4 Guests
- 32. What does good guest management look like? Separation of networks • Only access limited services, if any • Undertake regular penetration testing
- 33. 33 Guest access is simple and supports a wide variety of connecting devices • They just work without needing the IT team’s intervention
- 34. So what is happening where and when? • How do you diagnose the symptoms when you hear “my connection is slow”? • How can you monitor: – Which devices are doing what? – How much bandwidth is being used ? – Which websites are being accessed? 34 5 Monitoring & Reporting
- 35. What does good monitoring look like in schools? Automatic discovery • Changes and upgrades to devices get automatically factored in
- 36. 36 Smart classification and mapping • Classify devices and map your network • Helps identify bottlenecks • Pinpoints devices which might be causing problems
- 37. 37 Performance monitoring • You must be able to monitor available resources, bandwidth and device uptime • Controlled re-starts of devices can help banish glue in performance
- 38. 38 Intelligent alerting • You can’t watch everything every minute • Alerts that make you aware of a situation before it becomes critical
- 39. 39 Scalability and failover • Can you keep up with demands? • Build in redundancy as part of the solution to prepare for outages and hardware failure of your monitoring solution
- 40. What are they and how do we avoid them? • How do we ensure the essential protection from: – Worms – Trojans – Spyware – Adware – Bots 40 6 Viruses & Malware
- 41. What does good Virus & Malware protection look like? Up to date virus and malware definitions • Check at least hourly for new digital signatures
- 43. 43 Email scanning outside of your network • On cloud based services etc. • Makes sure viruses don’t get as far as your network
- 44. 44 AV Scanning on firewalls • Prevent viruses getting in at the border
- 45. 45 Subscribing to virus alerts and notification services • Keep up to date with latest news • Global comms means geography is no longer a barrier to virus infection
- 46. Homework from home? • Can your students, staff and in some cases parents access school resources from home? • Access to virtual desktops from home • Access to webmail from home for staff and students 46 7 Remote Access
- 47. What does good remote access look like? High level of security in the access method. • Is a simple username and password enough? • Should you insist on two-factor authentication?
- 48. 48 Encryption on connections • Prevent data being modified in transit
- 49. 49 Control on what is accessible • Limiting what users access externally
- 50. 50 Do you allow data to be transferred in or out of the network? • Do you monitor data being transferred? • Ensures data from a controlled area isn’t being moved to an uncontrolled one
- 51. What if…? • How do you ensure data doesn’t get lost or corrupted? • Do you have a rigorous regime of regular maintenance and updates? • Do you have more than one server? 51 8 Resilience
- 52. What does good remote access look like? No single points of failure • Never have just one of something • Find ways to put things in more than one location
- 53. 53 Physical redundancy • Have additional hardware that will take over in event of failure
- 54. 54 Is the redundant solution able to cope with the load in a failure environment? • E.g. A UPS is designed to give enough power to enable a safe shutdown – not power the hardware in case of failure
- 55. 55 Geographic resilience • Internet lines that don’t follow the same route in to the building • Hardware installed in different locations
- 56. So what have we learned?
- 57. Networks can be A pain Holding us back Costing us money A bit tricky
- 58. Security Resources Wireless Guests Monitoring & Reporting Viruses & Malware Remote Access Resilience
- 59. www.modrus.com