The ABCs of K-12 Network Management Exinda Education e-books May 16, 2013-1-
Introduction Providing your district s schools with sufficient Internet bandwidth so that students and staff can adequately research, collaborate, and test online is a difficult challenge given today s constraints on IT budget, staff, and other resources. There s no denying the transformative impact of technology on education. Schools are trying to embrace devices and keep up with the latest tools to harness the learning potential and stay ahead of the curve. Growing demands from users in the K-12 sphere for 24/7 uptime, higher levels of bandwidth, enhanced performance and better security are setting the stage for the optimum learning experience in schools. Combine this with the need to expand data management and comply with the multitude of US regulations such as Children s Internet Protection (CIPA), Common Core online testing, and new data accountability rules and network management becomes more critical to K-12 operations than ever before. There is no denying the transformative impact of technology on education. Understanding what is running on your network can help you prioritize, deny, and manage the applications and users accessing it. With a new class of Internet applications that are capable of circumventing existing security mechanisms such as firewalls, URL filtering and proxy servers, K- 12 IT departments are placed in a difficult position to balance between security and effective teaching and learning environments that require optimum bandwidth for such things as the online delivery of standardized tests, like PARCC and Smarter Balanced assessments. The importance of understanding and viewing what is running on your network can help you prioritize, deny, or manage what uses up the most bandwidth. This e-book will provide you with valuable insights on how you can successfully deploy visibility, control, and optimization technology that will make it easier to achieve the following key objectives: 1. Allocate Internet bandwidth across multiple devices and location, at an individual user level, in a prioritized and equitable fashion. 2. Restrict external access to your network so that you can ensure a safe and private online environment for both casual student browsing and the administration of strict, standardized online assessments. 3. Facilitate compliance with the multitude of related US regulations, such as the Children s Internet Protection Act (CIPA), Children s Online Privacy Protection Act (COPPA), and No Child Left Behind. 4. Ensure you can provide the minimum levels of Internet bandwidth required by PARCC of 100Kbps per student for online testing. -1-
Trends Affecting K-12 Network Management Your K-12 IT environment is characterized by a number of issues, initiatives, and overarching trends. Chief among these is a growing culture of instant bandwidth and openness. The philosophy that effective learning is fostered by students freely and thoroughly exploring their ideas is now a priority in schools. For you as a K-12 network professional, the result is the need to understand what is happening on your network, provide comprehensive protection against the risks that such openness introduces, and to have this protection be as unobtrusive as possible to your users. Other trends and challenges re-shaping the requirements of your K-12 security and networking solution include the following: Twenty-first century learning needs Initiatives that support engaged learning and deliver increasingly individualized curricula are necessitating broader access to applications and technologies that facilitate better, more modern teaching and learning methods. This is driving greater network access and Internet usage not only by your students and faculty, but also by parents as they leverage online resources to monitor their children s progress and participate in the education process. More applications are running (server and cloud-based), more devices are being used, and more bandwidth requirements are also warranted. Your K-12 IT environment can be quickly overrun by the growing demand for instant bandwidth and openness. Unfortunately, most school districts are stuck trying to deliver a 21st century classroom on a 20th century budget. Limited budget and human capital Being under-funded is status quo for the majority of school districts, and current economic conditions are only making matters worse. You are stuck trying to deliver a 21st century classroom on a 20th century budget. Individual teachers are also being called on to supplement understaffed IT departments by taking an active role in network and system administration. Cost-effectiveness is a critical requirement for your K-12 security and networking solutions, but so too are efficiency and ease of management. Data compliance and security Preserving federal subsidies for Internet connectivity and related technologies requires compliance with the Children s Internet Protection Act (CIPA). Basic content filtering is no longer enough. Your schools will need the ability to monitor and control the activities of individual users on a broader basis not just for web traffic. They also need to successfully combat proxy used to bypass many filtering products and to enforce policies on an individual basis (versus having their users constrained by one-size-does-not-fit-all access rules). -2-
Bandwidth requirements e-rate initiatives have sparked an explosion of bandwidth access in many of your schools. School districts are embracing Software as a Service (SaaS) offerings, an approach that allows them to quickly and cost effectively expand their app portfolio without the need for substantial in-house investments. Bandwidth-hungry apps such as online testing, and cloudbased learning management systems have become necessary for essential learning. Coupled with video conferencing solutions being used to enable remote/collaborative teaching or simply to cut travel costs by more efficiently supporting school board meetings, higher levels of bandwidth are demanded in K-12. The resulting growth in bandwidth usage dictates the need for: High performance, high capacity network security solutions Better bandwidth visibility, to help rein in costs by minimizing unwanted application traffic Superior bandwidth and application control, to help manage contention and ensure a positive user experience, particularly for mission critical (e.g., online testing) and latency- sensitive apps (e.g., VoIP and multi-media collaboration) There is an increasing need for your network to support a broad range of devices. As BYOD initiatives grow to meet this demand, the ability to successfully identify device types, ascertain the identity of the user, and maintain a positive user experience while roaming is a formidable challenge. Blended and online learning A major component of the 21st century classroom, blended and/or online learning provides the opportunity for your students to learn at their desks, and, ideally, wherever they are located at whatever time they choose. A related issue is the growing need to support network access from a broad range of devices, including ones that are not owned or controlled by the school s IT department. This helps with anytime/anywhere learning, and provides an attractive alternative to historical 1:1 initiatives that can dramatically reduce a school s laptop-related expenditures. Now more than ever, it is necessary to securely enable remote access to educational and administrative resources, and protect these resources from compromised client devices. Personalized learning devices More and more schools are allowing Bring Your Own Device (BYOD) initiatives to grow. These initiatives allow your students to bring in handheld or portable devices to schools in order to increase communication and to personalize the learning process. The ability to successfully identify device types, ascertain the identity of the user, and maintain a positive user experience while roaming is a formidable challenge. Your districts and schools are also being challenged with the task of correlating device and user identity over time across their networks for identity-based web content access and bandwidth management policies. With all these mobile devices connecting at different schools and administrative locations, your district will need to know exactly who is on the network and what kind of device they are using. Are the people accessing the network authorized to do so? Are they accessing -3-
only areas of the network that you want them to? What kind of programs are they running? Do they have current virus and spyware protection? Is there something on the mobile device that could take down your network? Managing an Effective K-12 Network As a K-12 network administrator and IT professional, keeping tabs on your enterprise is crucial in ensuring your school or district operates at a level that assures optimum learning while protecting data and users. With the growing trends and demands for bandwidth, compliance and access via multiple devices, it will be even more critical to have control and visibility over your network. Here are just a few tips for managing your network: 1. Alleviate security threats Schools must protect their wireless networks and systems against inbound and outbound attacks as well as rogue wireless devices. Administrative systems must be protected and isolated from students. If not students can hack-in to change grades or peek at confidential information. Likewise, schools must protect their students from inappropriate web content. 2. Meet the need for better capacity The abundance of new applications, video technologies and mobile devices such as laptops, tablets, and e-readers are exploding in classrooms and campuses, which puts new stresses on the network. You must plan for bandwidth needs while investing in technologies that allow for prioritization of traffic. Take advantage of numerous SSIDs that may allow you to create custom experiences depending on user type, traffic shaping and setting firewall rules as needed. 3. Reduce recreational and social application traffic This allows learning resources to operate at maximum efficiency and performance. The learning experience should be priority #1. You can also establish fair sharing and usage controls that prioritize educational traffic without hampering the recreational social experience. Your ultimate goal should be to set up your network to provide consistent access to learning resources through fast delivery of critical applications. 4. Bandwidth management Online testing requirements being brought about by initiatives like PARCC (>100mb) will soon begin to compete for network bandwidth allocation. Continually adding bandwidth to the network is not a practical solution, as the consumption of video and rich media is growing at a rate that far outpaces funding for bandwidth increases. The solution lies in managing your existing network capacity more intelligently by implementing policies to protect the educational and administrative applications you care about most and control the traffic that is not high priority. K-12 schools and school districts cannot overcome these obstacles merely by adding network bandwidth. Bandwidth is expensive, and traffic, especially for social media applications, expands swiftly to meet the available capacity. Moreover, allowing bandwidth to be consumed by low-priority recreational applications hampers the learning experience for all students. -4-
5. Device management Administrators, faculty, students and the general public are accessing the network with many different devices to consume an array of content from a wide spectrum of applications. Unlike in traditional corporate networks with standardized devices and application access controls, education institutions do not have that level of control over their IT environments. They must cater for greater freedom in both devices and applications, and the network must support teaching, learning, study and recreational use. 6. Application assurance Traditionally, administrators could rely on traffic compression and acceleration to increase throughput and decrease cost. However, the K-12 network poses unique challenges. Administrators must now broaden network objectives to deliver engaging learning experiences while also enabling students to connect, consume content and cultivate their social life online. With these new requirements, classic WAN optimization needs to evolve beyond acceleration and compression to intelligently allocate resources based on a broader set of contextual attributes that enables assurance of a reliable user experience. In many ways, a K-12 public education data network must be designed and constructed to allow for maximum performance with effective visibility and control by the administrator. A K-12 school environment presents special needs and requirements; it goes beyond the obvious items such as physical security, routers, sub-netting, firewalls, and anti-virus. The ability to see what is happening on your network, control the efficiency and effectiveness of priority applications, monitor devices at the individual level and still provide network security will become the norm. 7. Network management tools Application visualization enables K-12 IT staff to see what is happening on their networks which specific applications are being used, by which users, when, and to what extent. Such information is essential for policy and rule development, efficient troubleshooting and analysis, demonstrating accountability and compliance, and exposing wasteful or unwarranted consumption of bandwidth. Application control is the actual enforcement of security policies via the execution of responses to network traffic. This is the end-goal of application intelligence and visibility. Your team should be able to monitor and control application, or specific application functionality (e.g., file transfer within IM), while also accounting for a wide range of contextual variables, including user and device identity, the type of content involved, and time of day, week or month. For organizations that rely heavily on the Internet and cloud-based applications, web traffic acceleration will enable schools to significantly reduce network utilization by intelligently storing data locally such that only new web objects will need to be downloaded. This is particularly useful in administering online testing and deploying multi-cast video-on-demand as multiple users access this content simultaneously. -5-
Conclusion Managing an effective K-12 network that meets the needs of the 21st century learner, while assuring compliance and security is challenging, but attainable. Better visibility and control will help you focus your efforts on mission critical data, optimum learning experiences, and allocation of bandwidth to priority resources. As a K12 network administrator, achieving the fine balance between performance and security is key. Effective planning coupled with the right technology solutions for visibility and control will allow optimum learning environments to exist in an era of increasing demand and compliance. To learn more about how to revolutionize your school s network, you can visit: Exinda Education White Paper http://go.exinda.com/education-edgeresource-educationwhitepaper.html Cincinnati Public Schools Case Study: http://www.exinda.com/downloads/cincinnati_1_28_13.pdf About Exinda Exinda is a leading global supplier of WAN optimization and Network Control solutions. Exinda enables organizations to assure a predictable user experience for strategic business applications through policy-based WAN optimization and Network Control that intelligently allocate network bandwidth and optimize traffic based on the priorities of the business. The company has helped more than 2,500 organizations in over 80 countries worldwide assure application performance, improve the end-user experience, contain recreational applications and reduce network operating costs for the IT executive. -6- For more information, please visit http://www.exinda.com. www.exinda.com 1.877.439.4632 Copyright 2013, Exinda Networks Inc. E-Bookr_Education