Today sees the launch of a new case study, focusing on BYOD technologies we have been working with for some time now. But with the advent of 802.11ac wireless technologies and the story behind our landmark developments, we would like to share this case study with you.
Technology is a vital component to boosting the opportunities for learning and teaching across the schools. Having run a number of laptop programmes for students, the schools were finding this approach to computer provision more and more inadequate. For students in particular, the preference was to allow them internet access for their own devices, on school premises. With a significant number of pupils boarding at the three schools, this could also have a positive impact on pupil welfare.
"We found the laptop programmes were simply unsuitable. The pupils ended up using devices they didn’t like, or weren’t familiar with and in the absence of internet for pupils own devices, we were inadvertently forcing them to use things like mobile hotspots, which seemed counterproductive. We could see that opening the network up and permitting the use of pupils own devices, would satisfy both requirements" explains Adrian McGarry, Director of ICT at Licensed Trade Charity.
Pursuing this approach, would essentially mean a Bring-Your-Own-Device (BYOD) policy would be adopted by each school. To make such an approach work, Wi-Fi access would need to be consistent across each school campus. In addition, tools would need to be put in place to identify devices joining the network and security would need to be at the heart of the solution.
Having worked with Softcat for several years already to develop the existing network, The Licensed Trade Charity naturally turned to them for guidance.
With a comprehensive wired network in place already and world-class firewall technology operating at the perimeter of the network, any new solution would need to integrate with the investments already made.
"We had invested heavily in 3COM and then more recently HP technology in terms of both hardware and software, so I was keen to try and implement from the same stable of products" comments McGarry.
The solution put in place would have to be capable of managing potentially 1000’s of devices and be operable across multiple sites, to ensure the same functionality could be offered in each of the three school campuses. Likewise, the schools demanded a high degree of control over who could authenticate onto the network and when. They would also need to be able to differentiate between teaching and non-educational staff working for the Licensed Trade Charity who are also present on the site. Creating such a complex connection experience would require a powerful set of tools.
"The Licensed Trade Charity were keen to see if they could use HP technology to solve the challenge. With significant experience in HP networking technologies it made sense from a skills perspective. We believed that extending the use of HP Intelligent Management Centre, (IMC) would meet the challenge. By adding a wireless networking module, BYOD functionality would be satisfied and combined with their existing investment would provide a tool for managing the network, in its entirety – both wired and wireless".
IMC had not been implemented before at a UK school, however. As such, we drafted in support from HP’s own technical team to complement our own experts, ensuring that thorough site surveys were completed for each of the school campuses and integration would occur with limited disruption to the schools.
Using reference architectures for the deployment, the solution would involve extending the number of wireless access points across the schools and upgrading them to the latest 802.11ac standards to contend with the large user numbers expected, without degrading network performance. Similarly, integration between the IMC solution and the Palo Alto firewall, which would also be an integration first for a UK school, would be critical to ensure every connected device was passed to the firewall, allowing content to be filtered appropriately.
"We really liked how scalable it would be. Once in place, should the Licensed Trade Charity acquire further schools, or indeed extend the fabric of the existing schools, we’d simply need to add further access points and switches. Importantly, control would still be maintained centrally through a single-pane of glass" continues McGarry.
Implemented during holiday time, the solution was up and running across their three campuses with minimal fuss. Whilst each site is managed as a separate silo in the network, the network has been configured so there is maximum resilience between each. Should an access controller go down at one site, it will continue to be managed by IMC from one of the other two campuses.
The levels of granularity the charity has been able to achieve controlling its network have been outstanding. "We can identify which devices are connecting, where they are connecting from, specify the speeds they are permitted to connect at and track or even control what users are using their devices for. We can deactivate connectivity at different times for students who are boarding, based on where they are or the time of day it is, interchanging this by age group. We can even permit access based on what application they are using – control is on a very finite basis" enthuses McGarry.
The schools now have upwards of 1700 devices connecting to its network every day, each with a tailored user experience.
From a student perspective, pupils can now bring their preferred devices into school for use in lessons and outside of the school day, for boarders. This ensures familiarity and importantly, students are not forced to use tools they are not accustomed to. This adds to their individual learning experience, without compromising on security, as users are protected by the schools global security measures, at all times.
The ability to permit students to bring their own technology onto campus without security fears, is a big bonus too and one the charity hopes will have a positive impact on pupil numbers in the future, as parents and students alike see the value of such freedom.
The goals were not only reached, but exceeded in terms of Total Cost of Ownership, integrating pre-existing technologies into the new control mechanisms and further expanding technologies when new standardisations were realeased.
Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise. How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!
Internet Business Fax to Email Made Easy -
With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number.
You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're interested in additional methods for monitoring bandwidt…