Your Business Case:You are an eager new networking consultant, and a school district has hired you...

Network design for educational institutions:

The drivers, key capabilities and requirements of the education environment are evolving beyond the traditional enterprise network. The next generation network architecture for school environments must be built on a technical base that takes into consideration the current economic environment as well as other business factors influencing the education market as a whole. The inital basics of this next generation network must:

• Permit many services to operate consistently over a common infrastructure.
• Embeded service acknoeledment, awareness, and differentiation into all components.
• Support or reenforce different voice, video, and data services while guaranteeing availability, scalability, and security.
• Adapt to network technical innovations that permit for better flexibility and the implementation of new network services.
• Combining these new services and technical innovations with existing network equipment, protocols, and methods of communication.

The Service Ready Architecture for Schools is a well designed and verified network architecture that is flexible, adaptive, and cost effective to support a wide range of educational services. This architecture provides the ability to deliver all of the services required of an increased learning environment, as well as the ability to collaborate with other schools, district headquarters, and entities beyond the district.

At the heart of the architecture is a strong routing and switching network. Operating over this network are all the services used within the school district area, such as safety and security systems, voice communications, video conferences, etc. The architecture has been designed around both school operations and technical study.

Design considerations of network:

This architecture uses key technologies that address the safety and security, connected real estate, and multi-service requirements of the modern educational network.

1. High availability: The high availability technologies used in the Service Ready Architecture for Schools allow network equipment to remove the effects of any unplanned link or network failures by understanding the typology of the infrastructure and using that information to immediately re route network traffic without the need to re learn the network. The use of this technology allows complex or critical services such as voice and video communications to remain unaffected by network disconnections.

2. Single fabric multi-service: This technology gives the network administrator the ability to have many different services or networks share the same infrastructure, So far maintain logically separate networks. As multiple services operate over a single architecture, it becomes important to manage traffic based on the service being used. In the education environment this is particularly important as schools problems with allowing student access to the same network used for grading systems, safety and security, and phone conversations.

3. Differentiated services: Certain network services request more from the network than others. For example such as, voice communications do not work if parts of the conversation drop out. Video conferencing is useless if the picture keeps cutting or freezing. Additionally, a teacher's use of the network to enter grades should take priority over a student surfing or searching on the Web. Finally, if there is more traffic demands than the network can handle, the network should be able to decide which traffic is most important. The ability to understand, mark, shape, and limit traffic implanted into the Service Ready Architecture for Schools.

4. Access layer flexibility: Engaging a hybrid access layer design allows the network administrator to influence an existing Layer 2 network while giving them the flexibility to implement a routed access layer. Moving the Layer 2/Layer 3 seperation point to the access switch allows the network administrator to prevent loops without requiring multiple complex Layer 2 technologies, such as spanning tree protocol. Additionally, it provides high availability and eases network troubleshooting and management by authorizing well known Layer-3 troubleshooting tools and technologies.

Sample network design:

Security features:

A good network security system found in schools will analyze other security measures such as anti virus protection, firewalls, encryption, password protection, and the latest upgrades and repairs. All of these permits or grants administrators to better monitor individual devices and authenticate them for use on the network.

1. Userlock: UserLock is a functional suite that provides educational organizations with a protective layer at the forefront of their Windows Active Directory network to help secure access for students, teachers and faculty. It makes the logon itself a surveyed and protected event.

2. Prevent simultaneous sessions and stop password sharing: In spite of the education and increased awareness, students continue to share credentials or sensitive information as there is no consequence on their own access to the network. Serious security defects can be stopped by preventing simultaneous sessions and limiting students to only one possible Windows connection at any one instance. This stops cheat users flawness using valid credentials at the same time as the legitimate owner.

3. Make authorized students accountable for any malicious activity: Preventing concurrent logins also makes legitimate users accountable for any illegitimate action they take whether that might be student pranks or more serious insider attacks. It ensures access to the institutions critical properties attributed to one individual avoiding situations concerning accountability and non repudiation. Policies and procedures can then be consistently drived to address violations that do occur.

4. Control & Restrict Access that support the Institution’s policies: Faculty, staff, and students should be provided differently onto the network so the level of access granted is appropriate for each person’s role inside the academic institution. Furthermore visiting professors, teachers and students should be provided separately to secure their access is discontinued upon their exit.

5. Empower IT with Remote session management: UserLock continuously monitors all login and session events, automatically applying custom policies to prevent or revoke logins, workstation access and usage or connection time.