![Page 1: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/1.jpg)
ICT Technician’s Update Conference
17 March 2008
![Page 2: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/2.jpg)
Introduction
Penny Patterson
![Page 3: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/3.jpg)
You Tube and Schools
Penny Patterson
![Page 4: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/4.jpg)
Network Access Control
Steve Hanna
Juniper Networks
![Page 5: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/5.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 5
Network Access Controlfor Education
By Steve Hanna, Distinguished Engineer, Juniper
Co-Chair, Trusted Network Connect WG, TCG
Co-Chair, Network Endpoint Assessment WG, IETF
![Page 6: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/6.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 6
Implications of Expanded Network UsageCritical data at riskCritical data at risk
Perimeter security ineffectivePerimeter security ineffective
Endpoint infections Endpoint infections
may proliferatemay proliferate
Network control Network control
can be lostcan be lost
Network Security DecreasesNetwork Security Decreases
As Access Increases
Mission-critical
network assets
Mobile and remote
devices transiting the
LAN perimeter
Broader variety of
network endpoints
Faculty, staff, parent,
and/or student access
![Page 7: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/7.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 7
Network Access Control Solutions
Control Access• to critical resources• to entire network
Based on• User identity and role• Endpoint identity and health• Other factors
With• Remediation• Management
FeaturesFeatures
Consistent Access Controls
Reduced Downtime• Healthier endpoints• Fewer outbreaks
Safe Remote Access
Safe Access for• Faculty, Staff• Students, Parents• Guests• Devices
BenefitsBenefits
Network access control must be a key component of every network!
![Page 8: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/8.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 8
What is Trusted Network Connect (TNC)?
Open Architecture for Network Access Control
Suite of Standards to Ensure Interoperability
Work Group in Trusted Computing Group (TCG)
![Page 9: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/9.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 9
TCG: The Big Picture
TCG Standar
ds
TCG Standar
ds
Applications•Software Stack•Operating Systems•Web Services•Authentication•Data Protection
Storage
Mobile Phones
Servers
Desktops & Notebooks
Security Hardware
Networking
Printers & Hardcopy
![Page 10: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/10.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 10
TNC Architecture Overview
Access Access Requester (AR)Requester (AR)
Policy Enforcement Policy Enforcement Point (PEP)Point (PEP)
Policy Decision Point Policy Decision Point (PDP)(PDP)
Wireless
Wired
NetworkPerimeter
FW
VPN
PDP
![Page 11: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/11.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 11
Typical TNC Deployments
Uniform Policy
User-Specific Policies
TPM Integrity Check
![Page 12: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/12.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 12
Uniform Policy
Access Access Requester (AR)Requester (AR)
Policy Enforcement Policy Enforcement Point (PEP)Point (PEP)
Policy Decision Point Policy Decision Point (PDP)(PDP)
NetworkPerimeter
Client RulesWindows XP- SP2- OSHotFix 2499- OSHotFix 9288- AV (one of) - Symantec AV 10.1 - McAfee Virus Scan 8.0- Firewall
RemediationNetwork
ProductionNetwork
Non-compliant SystemWindows XP
SP2x OSHotFix 2499x OSHotFix 9288 AV - McAfee Virus Scan 8.0 Firewall
Compliant SystemWindows XP
SP2 OSHotFix 2499 OSHotFix 9288 AV – Symantec AV 10.1 Firewall
PDP
![Page 13: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/13.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 13
User-Specific Policies
Access Access Requester (AR)Requester (AR)
Policy Enforcement Policy Enforcement Point (PEP)Point (PEP)
Policy Decision Point Policy Decision Point (PDP)(PDP)
NetworkPerimeter
Access Policies- Authorized Users- Client Rules
GuestUser
Ken –Faculty
Windows XP OSHotFix 9345 OSHotFix 8834 AV – Symantec AV 10.1 Firewall
Linda –Finance
Guest NetworkInternet Only
ClassroomNetwork
FinanceNetwork
PDP
![Page 14: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/14.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 14
TPM Integrity Check
Access Access Requester (AR)Requester (AR)
Policy Enforcement Policy Enforcement Point (PEP)Point (PEP)
Policy Decision Point Policy Decision Point (PDP)(PDP)
NetworkPerimeter
Client Rules- BIOS- OS- Drivers- Anti-Virus Software
ProductionNetwork
Compliant SystemTPM Verified
BIOS OS Drivers Anti-Virus Software
TPM – Trusted Platform Module
Hardware module built into most of today’s PCs
Enables a hardware Root of Trust
Measures critical components during trusted boot
PTS interface allows PDP to verify configuration and remediate as necessary
PDP
![Page 15: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/15.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 15
TNC Architecture in Detail
Access Access Requester (AR)Requester (AR)
Policy Enforcement Policy Enforcement Point (PEP)Point (PEP)
Policy Decision Point Policy Decision Point (PDP)(PDP)
(IF-PTS)
TSS
TPM
Platform TrustService (PTS)
TNC Client (TNCC)(IF-TNCCS)
TNC Server(TNCS)
(IF-M)
(IF-IMC) (IF-IMV)
t CollectorCollectorIntegrity Measurement
Collectors (IMC)
VerifersVerifiersIntegrity Measurement
Verifiers (IMV)
NetworkAccess
Requestor PolicyEnforcementPoint (PEP)
(IF-T)
(IF-PEP) Network AccessAuthority
![Page 16: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/16.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 16
TNC Status
TNC Architecture and all specs released• Available Since 2006 from TCG web site
Rapid Specification Development Continues• New Specifications, Enhancements
Number of Members and Products Growing Rapidly
Compliance and Interoperability Testing and Certification Efforts under way
![Page 17: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/17.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 17
TNC Vendor Support
Access Access Requester (AR)Requester (AR)
Policy Enforcement Policy Enforcement Point (PEP)Point (PEP)
Policy Decision Point Policy Decision Point (PDP)(PDP)
EndpointSupplicant/VPN Client, etc.
Network DeviceFW, Switch, Router, Gateway
AAA Server, Radius,Diameter, IIS, etc.
![Page 18: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/18.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 18
TNC/NAP/UAC Interoperability Announced May 21, 2007 by TCG, Microsoft, and
Juniper
NAP products implement TNC specifications• Included in Windows Vista, Windows XP SP 3, and
Windows Server 2008
Juniper UAC and NAP can interoperate• Demonstrated at Interop Las Vegas 2007• UAC will support IF-TNCCS-SOH in 1H2008
Customer Benefits• Easier implementation – can use built-in Windows NAP client• Choice and compatibility – through open standards
![Page 19: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/19.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 19
NAP Vendor Support
![Page 20: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/20.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 20
What About Open Source? Several open source implementations of TNC
• University of Applied Arts and Sciences in Hannover, Germany (FHH)
http://tnc.inform.fh-hannover.de• libtnc
https://sourceforge.net/projects/lib/tnc• OpenSEA 802.1X supplicant
http://www.openseaalliance.org• FreeRADIUS
http://www.freeradius.org
TCG support for these efforts• Liaison Memberships• Open source licensing of TNC header files
![Page 21: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/21.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 21
Summary Network Access Control provides
• Strong Security and Safety• Tight Control Over Network Access• Reduced PC Administration Costs
Open Standards Clearly Needed for NAC• Many, Many Vendors Involved in a NAC System• Some Key Benefits of Open Standards
• Ubiquity, Flexibility, Reduced Cost
TNC = Open Standards for NAC• Widely Supported – HP, IBM, Juniper, McAfee, Microsoft, Symantec, etc.• Can Use TPM to Detect Root Kits
TNC: Coming Soon to a Network Near You!
![Page 22: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/22.jpg)
Copyright © 2008 Juniper Networks, Inc. www.juniper.net 22
For More Information TCG Web Site
• https://www.trustedcomputinggroup.org
Juniper UAC Web Site• http://www.juniper.net/products_and_services/
unified_access_control
Steve Hanna• Distinguished Engineer, Juniper Networks• Co-Chair, Trusted Network Connect Work Group, TCG• Co-Chair, Network Endpoint Assessment Working Group, IETF• email: [email protected]• Blog: http://www.gotthenac.com
![Page 23: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/23.jpg)
LGfL Network 2009 - 2012
Stuart Tilley
Synetrix
![Page 24: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/24.jpg)
Presented by :-Stuart Tilley - Network & Systems
Technician Conference – Network overview and proposed enhancement
2008 - 2012
17th March 2008
![Page 25: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/25.jpg)
Overview
• Introduction• Current Network Overview• Proposed Technology Refresh
– Core Network – Access Network – Access bandwidth– URL filtering– Edge CPE
• Summary
![Page 26: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/26.jpg)
Introduction
• Current Network Implemented in April 2002• Designed and Built by Synetrix a key LGfL service
provider• Emerging Technology (MPLS) and vendor choice has
provided a platform for;– Delivery of High availability and scalable Broadband services– Secure and safe educational environment– New service development and delivery– Shared community network (LPSN)
• Network Refresh - keeping pace with technology to and beyond 2012
![Page 27: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/27.jpg)
The London Network – Physical Topology
Croydon
Purley
Merton
Bromley
BexleyHeath
Welling
Lewisham
Richmond
Hayes
Harrow
Park Royal
EarlsCourt
TeleHouse
Romford
BarnetHaringey
Newham
WalthamForest
Enfield
Lambeth
AP
Core Core Network Node
Aggregation Point
Core 10Gbps Links
Nodal Loop 100Mbps
Nodal Loop 1Gbps
Camden
![Page 28: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/28.jpg)
The London Network
Physical Network Topology• 3 Core locations and 21 Aggregation Points serving 33
London Authorities• Resilient dark fibre connecting core locations (10Gb/sec
– OC192 SDH)• AP’s connected to core by resilient nodal loops currently
1Gb or 100Mb capacity• Resilient Service Hosting – SLB • Resilient Tier 1 ISP’s (Thus, Abovenet, UKERNA, BBC)
– Total Internet Capacity 6Gbps• All Broadband services delivered over fibre (scalable
bandwidth)
![Page 29: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/29.jpg)
The London Network – Logical
6BoneNative IPv6 peering
BGP4
BBCBGP4
VPN1
VPN3
VPN2
Virtual Firewalls
Gigabit Firewall
MPLS VPN's
Earls Court
Virtual Firewalls
URL
Virus
URL
Virus
email &
Web
Gigabit Firewall
Park Royal
1Gbps
SLB
Author
MPLS IP VPN'sLEA1LEA2LEA3
Edge sites connected at 2, 5, 10 & 100Mbps Ethernet
Edge sites configuredInto appropriate VPN at any AP
Edge sites access coreservices via resilient MPLS core/access network with QoS applied dependant on application
SHDS - WES 1000 (1Gbps)
SHDS or Dark Fibre - 100M-2.4Gbps MPLS
URL
Virus
URL
email &
Web
SLB
160Gbps Router
SHDS - WES 100Mbps
Dark Fibre - 0C192 MPLS (10Gbps)
vpn3
vpn2
vpn1
2Gbps
Camden
AP
UKERNABGP4
2Gbps
InternetBGP4
VPN1
VPN3
VPN2
MPLS VPN's
1Gbps
160Gbps Router
email &
Web
100Mb
AP
VPN1
VPN1
VPN3
VPN2
MPLS VPN's
160Gbps Router
AP
VPN2
Waltham Forest
10Gbps core
10Gbps core 10Gbps core
Newham
Telehouse
Stuart Tilley
Date 25/01/2006
email &
Web
Virus
VPN1VPN1
VPN2
VPN2
VPN3
VPN3
Participate in same L2 broadcast domains as Earls
Court
Participate in same L2 broadcast domains as Park
Royal
![Page 30: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/30.jpg)
The London Network
Logical Network • MPLS core network• Dedicated RFC2547bis Layer3 VPN’s
– Provides fully routed Virtual WANs per ‘customer’ (LEA or LA)
– Totally autonomous routing policy and access control per Virtual WAN – WMSv1 & v2
– Virtual WANs distributed across complete physical network
• QoS Support
![Page 31: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/31.jpg)
Network Statistics
• Total of edge bandwidth purchased 23Gbps
• Total traffic transiting network 3Gbps (average)
• Total capacity of Juniper access layer 228Gbps
• Total Capacity of Juniper core 480Gbps
• Total Internet Bandwidth - (Sept 2002) 30Mbps today averaging over 2Gbps
• HTTP traffic via URL service 1.5GMbps
• Requests served from Cache 400Mbps
![Page 32: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/32.jpg)
Proposed Core Technology upgrade
• Upgrade existing Juniper M160 with Next Generation MX960
• Fully resilient chassis (redundant HW) such as;– Power Supplies– Cooling fans– Routing Engines (RE)– Switch Control Board
• Fully resilient design/configuration– Dual Dense Port Concentrators (DPC’s) 10G + 1G– Support resilient backbone and core switching
• JUNOS code – leading standards development• Low risk migration
![Page 33: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/33.jpg)
Proposed Core Technology Upgrade
Proposed MX960 core build
YELLOW ALARM RED ALARM
NC C NONC C NO MX960ACO/LT
0
ONLINE
OK FAIL
1
ONLINE
OK FAIL
2 6
ONLINE
OK FAIL
7
ONLINE
OK FAIL
8
ONLINE
OK FAIL
9
ONLINE
OK FAIL
10
ONLINE
OK FAIL
11
ONLINE
OK FAIL
5
ONLINE
OK FAIL
4
ONLINE
OK FAIL
3
ONLINE
OK FAIL
2
ONLINE
OK FAIL
1
ONLINE
OK FAIL
0
ONLINE
OK FAIL
0 1 2 3PEM
1
0
FAN
MASTER
ONLINE
OFFLINE
Juniper ®NETWORKS
RE 1RE 0
OK/FAIL
SC
B
FABRICACTIVE
FABRICONLY
TUNNEL
LINK
1/0
RE
-S-1
30
0
OK/FAIL
SC
B
FABRICACTIVE
FABRICONLY
TUNNEL
LINK
1/0
RE
-S-2
00
0
OK/FAIL
DP
C 4
x1
0G
E
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
OK/FAIL
DP
C 4
0x
GE
0/0 0/5 2/0 2/5
1/0 1/5 3/0 3/5
OK/FAIL
DP
C 4
x1
0G
E
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
OK/FAIL
DP
C 4
0x
GE
0/0 0/5 2/0 2/5
1/0 1/5 3/0 3/5
YELLOW ALARM RED ALARM
NC C NONC C NO MX960ACO/LT
0
ONLINE
OK FAIL
1
ONLINE
OK FAIL
2 6
ONLINE
OK FAIL
7
ONLINE
OK FAIL
8
ONLINE
OK FAIL
9
ONLINE
OK FAIL
10
ONLINE
OK FAIL
11
ONLINE
OK FAIL
5
ONLINE
OK FAIL
4
ONLINE
OK FAIL
3
ONLINE
OK FAIL
2
ONLINE
OK FAIL
1
ONLINE
OK FAIL
0
ONLINE
OK FAIL
0 1 2 3PEM
1
0
FAN
MASTER
ONLINE
OFFLINE
Juniper ®NETWORKS
RE 1RE 0
OK/FAIL
SC
B
FABRICACTIVE
FABRICONLY
TUNNEL
LINK
1/0
RE
-S-1
30
0
OK/FAIL
SC
B
FABRICACTIVE
FABRICONLY
TUNNEL
LINK
1/0
RE
-S-2
00
0
OK/FAIL
DP
C 4
x1
0G
E
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
OK/FAIL
DP
C 4
0x
GE
0/0 0/5 2/0 2/5
1/0 1/5 3/0 3/5
OK/FAIL
DP
C 4
x1
0G
E
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
OK/FAIL
DP
C 4
0x
GE
0/0 0/5 2/0 2/5
1/0 1/5 3/0 3/5
YELLOW ALARM RED ALARM
NC C NONC C NO MX960ACO/LT
0
ONLINE
OK FAIL
1
ONLINE
OK FAIL
2 6
ONLINE
OK FAIL
7
ONLINE
OK FAIL
8
ONLINE
OK FAIL
9
ONLINE
OK FAIL
10
ONLINE
OK FAIL
11
ONLINE
OK FAIL
5
ONLINE
OK FAIL
4
ONLINE
OK FAIL
3
ONLINE
OK FAIL
2
ONLINE
OK FAIL
1
ONLINE
OK FAIL
0
ONLINE
OK FAIL
0 1 2 3PEM
1
0
FAN
MASTER
ONLINE
OFFLINE
Juniper ®NETWORKS
RE 1RE 0
OK/FAIL
SC
B
FABRICACTIVE
FABRICONLY
TUNNEL
LINK
1/0
RE
-S-1
30
0
OK/FAIL
SC
B
FABRICACTIVE
FABRICONLY
TUNNEL
LINK
1/0
RE
-S-2
00
0
OK/FAIL
DP
C 4
x1
0G
E
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
OK/FAIL
DP
C 4
0x
GE
0/0 0/5 2/0 2/5
1/0 1/5 3/0 3/5
OK/FAIL
DP
C 4
x1
0G
E
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
TUNNEL
LINK
0/0
OK/FAIL
DP
C 4
0x
GE
0/0 0/5 2/0 2/5
1/0 1/5 3/0 3/5
10Gbps
10Gbps
1Gbps
CONSOLESummit X450e-48p
TM Shared Ports
45x 46x 47x 48x
STACK NO.FAN
PSU-I
PSU-E
MGMT
Solid ON = LinkBlinking = Activity
1 3 52 4 6 7 8 129 1110 1613 1514 17 19 2118 20 22 23 24 2825 2726 3229 3130 33 35 3734 36 38 39 40 4441 4342 4845 474610GStack1
2
1
2
CONSOLESummit X450e-48p
TM Shared Ports
45x 46x 47x 48x
STACK NO.FAN
PSU-I
PSU-E
MGMT
Solid ON = LinkBlinking = Activity
1 3 52 4 6 7 8 129 1110 1613 1514 17 19 2118 20 22 23 24 2825 2726 3229 3130 33 35 3734 36 38 39 40 4441 4342 4845 474610GStack1
2
1
2
CONSOLESummit X450e-48p
TM Shared Ports
45x 46x 47x 48x
STACK NO.FAN
PSU-I
PSU-E
MGMT
Solid ON = LinkBlinking = Activity
1 3 52 4 6 7 8 129 1110 1613 1514 17 19 2118 20 22 23 24 2825 2726 3229 3130 33 35 3734 36 38 39 40 4441 4342 4845 474610GStack1
2
1
2
CONSOLESummit X450e-48p
TM Shared Ports
45x 46x 47x 48x
STACK NO.FAN
PSU-I
PSU-E
MGMT
Solid ON = LinkBlinking = Activity
1 3 52 4 6 7 8 129 1110 1613 1514 17 19 2118 20 22 23 24 2825 2726 3229 3130 33 35 3734 36 38 39 40 4441 4342 4845 474610GStack1
2
1
2
Aggregated 10Gbps uplinks supporting L2
& L3 services
Earls Court CorePark Royal Core
Telehouse Core
Extreme Virtual Switch providing server
aggregation
Extreme Virtual Switch providing server
aggregation
MX960 MX960
MX960
![Page 34: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/34.jpg)
Proposed Access Technology Upgrade
• Replace Existing M10 with Juniper M10i• Fully resilient chassis (redundant HW) such as;
– Power Supplies– Cooling fans– Routing Engine (RE)– Forwarding Engine Board (FEB)
• Fully resilient Design/Configuration– 2 x 1Gbps Nodal loop Interfaces– 2 x 1Gbps Virtual switch uplinks (initial deployment)
![Page 35: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/35.jpg)
Proposed Access Technology Upgrade
• Replace Existing Extreme S48i aggregation switch with Juniper EX4200.
• Redundant Power supply• Virtual Chassis Configuration (max 10)• 48 port 10/100/1000 capability• Architecture design based high end core routing
products– Packet Forwarding Engine– Routing Engine
![Page 36: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/36.jpg)
Proposed Access Technology Upgrade
• Fully resilient design\configuration
– Virtual chassis deployment
– Multiple 1Gbps uplinks (resilience)
TM
LT
M10
JuniperNETW ORKS
AUX/MODEM
CONSOLE
MG M T
PIC 0/3
PIC 1/3
PIC 0/2
PIC 1/2
PIC 0/1
PIC 1/1
PIC 0/0
PIC 1/0
PI nternetrocessor
R ETHERNET 100BASE-TX
ST
AT
US
PO
RT
1R
XLIN
K
PO
RT
0R
XLIN
K
PO
RT
2R
XLIN
K
PO
RT
3R
XLIN
K
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
CONSOLE
49 50
MG
MT
PORT 49
PORT 50
Extreme Networks Summit48siR
ETHERNET 100BASE-TX
ST
AT
US
PO
RT
1R
XLIN
K
PO
RT
0R
XLIN
K
PO
RT
2R
XLIN
K
PO
RT
3R
XLIN
K
ETHERNET 1000 BASE-TX
ST
AT
US
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
CONSOLE
49 50
MG
MT
PORT 49
PORT 50
Extreme Networks Summit48siR
Resilient 200Mbps Capacity Links
Aggregation Point (AP)
BT LES service Active Equipment (A end)
ETHERNET 1000 BASE-TX
ST
AT
US
BT LES service Active Equipment (B end)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
CONSOLE
49 50
MG
MT
PORT 49
PORT 50
Extreme Networks Summit48siR
Point to Point fibre delivered via ‘A’ end and ‘B’ end BT serving exchange
2, 5, 10, 100 Service delivery
Edge Site
1/
3 2 1 0
3 2 1 0
0/
1/
0/
JuniperNETWORKS
MINOR ALARM
MAJOR ALARM
LINK LINK ACTACT
PORT 1 PORT 0
PICS ON/OFF
0/3 0/2 0/1 0/0
AUX/MODEM
OFFLINE
MGMT
CONSOLEPC CARD
RESET
HDD MASTER
FAIL ONLINE
RE-400
JUNIPER NETWORKS LABEL THIS SIDE
AUX/MODEM
OFFLINE
MGMT
CONSOLEPC CARD
RESET
HDD MASTER
FAIL ONLINE
RE-400
JUNIPER NETWORKS LABEL THIS SIDEMINOR ALARM
MAJOR ALARM
LINK LINK ACTACT
PORT 1 PORT 0
PICS ON/OFF
0/3 0/2 0/1 0/0
Ethernet 1000BASE-X SFP
ST
AT
US
LINK
ACTIVITY
Ethernet 1000BASE-X SFP
ST
AT
US
LINK
ACTIVITY
ETHERNET 1000 BASE LX/SX/LH
LINE
RX AC
TI V ITY
RX
TX
STA
TU
S
ETHERNET 1000 BASE LX/SX/LH
LINE
RX AC
TI V ITY
RX
TX
STA
TU
S
Virtual Switch
2Gbps AggregatedUplink
1Gbps Nodal Loops
EX4200 48 port 10/100/1000 switches (max 10 per stack)
Fully resilient M10i(redundant PSU, routing and
forwarding engines)
Sample AP Configuration BT LES service Active Equipment (A end)
BT LES service Active Equipment (B end)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
CONSOLE
49 50
MGM
T
PORT 49
PORT 50
Extreme Networks Summit48siR
Edge Site
1Gbps Nodal Loop
100Mbps Nodal Loop
Aggregation Point (AP)
2, 5, 10, 100 & 1000Mbps Service delivery
Existing Design Proposed Design
![Page 37: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/37.jpg)
Access Bandwidth Upgrade
• All current 100Mbps nodal loops upgraded to 1Gbps– Merton – Croydon – Merton – Earls Court– Bromley - Croydon– Bromley – Welling– Lewisham - Welling– Welling – Bexleyheath– Romford – Bexleyheath– Romford – Telehouse– Waltham Forest – Camden– Haringey – Camden– Haringey – Barnet– Hayes - Harrow
• Prevent degradation of service in the event of primary loop failure• Enhanced Traffic Engineering capability
![Page 38: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/38.jpg)
Access Bandwidth Upgrade
Park Royal
Lambeth
Richmond
Harrow
Hayes
Merton
Barnet
Enfield
Camden
Haringey
Newham
Waltham Forest
Tele House
Croydon
Welling
Romford
Bexley Heath
Bromley
Lewisham
Earls Court
Purley AP
Core Network Node
Aggregation Point
Core 10Gb Links
Nodal Loop 1Gbps
Core
![Page 39: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/39.jpg)
URL Filtering Platform Enhancements
• Evaluation exercise underway “Squid MkII” vs Bluecoat 8100.
• Scaled to 2.5Gbps (N+1 resilience total 5Gbps)• Additional Active/passive F5’s deployed to scale
beyond 2.5Gbps• Current total filtered traffic 1.5Gbps• Expect 500Mbps year on year increase
![Page 40: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/40.jpg)
URL Filtering Platform Enhancements
Disk 1 Disk 4Disk 3Disk 2 Disk 5 Disk 8Disk 7Disk 6
Operating System (RAID1)Mirrrored DisksHot-Swappable
Cached Objects (RAID5)Hot-Swappable
Represents a 4x performance benefit over current hardware
EXT3 Filesystem for operating system
XFS FilesystemSupports stripe-aligned storage blocks for better RAID performance
Balanced-Trees for fast i-node lookupsIdeal for many small files (typically 25KB)
XFS Allocation Groups allow concurrent (multi-threaded) access to
stored objects.
SQUID
4-Core CPU
4-Core CPU
2x 4-Core CPU allowing 8 concurrent execution threads/
process to handle users requests, cache-lookups and drive the high-performance
XFS file system
Represents a minimum of 8x performance benefit over
current hardware
2x 1Gbps copper ethernet interfaces. One facing the internet, the other
facing the user, representing a 10x performance improvement over
current hardware
32GB RAM for super fast access to the most frequently accessed cached-objects. Represents a 16x performance benefit over current hardware
![Page 41: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/41.jpg)
Replacement CPE
• Extreme 24e3/S200 replaced with Juniper J2320• Features
– Forwarding performance IMIX 400Mbps– 3DES performance 170Mbps– 4 onboard 10/100 ports– 3 Physical Interface Card (PIM) slots
• ES code – Combines session state information/next hop forwarding
• MPLS support fast reroute (resilient fibre services)
![Page 42: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/42.jpg)
Summary
• High availability, scalable future proof infrastructure• Low risk implementation/migration• Continued delivery of existing Network Centric services such as;
– Securestore– Desktop Content Control (DCC) – Campus Monitoring Protection (CMP)– High Definition Video Conferencing (HDVC)– Secure Remote Access (SRA)– Broadband Resilience Service (BRS)
• Enhanced distributed functionality – enabling new service developments such as:
– Virtual Private LAN Services (VPLS)– Broadcast video– High capacity Resilient Broadband Services– Security Services
![Page 43: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/43.jpg)
Per-User URL Filtering
Stewart Duncan
Technical Manager
![Page 44: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/44.jpg)
Current URL Filtering
• LGfL URL Filtering Service is based around the NetSweeper Product
• Policies can currently be configured by IP address and time of day
• Reporting features are available to report on IP based sessions
![Page 45: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/45.jpg)
What is required?
•Schools and LAs would like to identify end users for reporting
•Have the ability to setup different policies for individual users or groups of users
•IT Managers and Head Teachers need the ability to track URL traffic for an individual rather than a specific IP address
![Page 46: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/46.jpg)
What are LGfL doing to help?
• LGfL working with Synetrix and Atomwide to enable the platform to offer Per-User /Group level Filtering
• Enabling the USO to link with the NetSweeper Platform
• Allow local management of User Policies through a web based front-end
![Page 47: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/47.jpg)
Where we are so far
• A trial is currently taking place in various locations across London
• So far the trial is going well and bugs are being identified and cleared up
![Page 48: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/48.jpg)
What does it Look like?
The new front end allows configuration of multiple groups each with a separate policy.
![Page 49: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/49.jpg)
What does it Look like?
Here you can configure which users belong to which policy within the USO.
![Page 50: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/50.jpg)
What does it Look like?
Users are then prompted to log in when they run Internet Explorer and try and access the web.
![Page 51: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/51.jpg)
What does it Look like?
If users try and breach the policy they belong to, the standard deny page is displayed with details of the Group Name they belong to.
![Page 52: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/52.jpg)
Summary
• Per User Level Filtering will be available for Schools and LAs soon.
• It is available from Synetrix
• Support is available on 08700 636465 (option 1) or by email.
• The service will cost:
• £145 setup and £225 per year
![Page 53: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/53.jpg)
SIFThe Schools Interoperability
FrameworkRupert Hay Campbell
Barking and Dagenham
![Page 54: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/54.jpg)
SIF in Barking & Dagenham
Rupert Hay-Campbell
![Page 55: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/55.jpg)
Contents
• What is SIF?• About Barking & Dagenham
– MIS systems in use– Data requirements & issues
• SIF in Barking & Dagenham
![Page 56: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/56.jpg)
What is SIF?• In the UK SIF has developed out of a number of
Government initiatives:– Harnessing Technology– School Management Information systems and value for
money
Recommendation 3That Becta will establish a supplier-independent and open interoperability architecture to create the opportunity for improved interoperability at the school level and at the LEA or regional broadband consortium (RBC) level. Additionally Becta’s interoperability arrangements will draw, to the maximum extent possible, on ongoing work across Government on interoperability standards.
School Management Information Systems and Value for Money, Becta 2005, p. 4
![Page 57: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/57.jpg)
What is SIF?
• An open standard, launched in the USA in 1997– Over 300 software vendors, school districts and other
organisations are members
• A standard, not a product• Standards are developed by the members, not imposed
by a central authority• Clear governance model• Certification of products
![Page 58: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/58.jpg)
What is SIF?
• Hub and spoke model of data integration• Zone Integration Server
– A software application that acts as the hub ensuring that data is routed to the correct applications
• SIF agent– A piece of software that connects an application to the ZIS
![Page 59: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/59.jpg)
SIF AgentSIF
Agent
SIF AgentSIF
Agent
SIF Agent
SIF – Publish/Subscribe model
School MIS
CateringSystem
SchoolNetwork
LA Main System
LibrarySystem
LA Zone Integration Server
2. The ZIS works out which applications subscribe to the data items
3. The Data is then sent to the subscribing applications
Data
DataDataDataData
1. A change is made to the data held in a publishing application
![Page 60: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/60.jpg)
SIF AgentSIF
Agent
SIF AgentSIF
Agent
SIF Agent
SIF – Request/Response model
School MIS
CateringSystem
SchoolNetwork
LA Main System
LibrarySystem
LA Zone Integration Server
1. An application requests data relating to an object
2. The ZIS identifies the default provider for the object and routes the request
Data
3. The provider responds with the requested data
Req.
![Page 61: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/61.jpg)
What is SIF?
What would a national SIF infrastructure look like?
• Multiple zones• Hierarchy of zones• What happens to school census?
![Page 62: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/62.jpg)
Data challenges
• Large number of data systems in schools and Children’s Services
• Data systems do not share information– Inefficient working with large scale re-entry of data, data
errors and inconsistencies
• ContactPoint and LDQT represent significant challenges
• Learning Platform developments
![Page 63: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/63.jpg)
Further informationRupert Hay-CampbellMIS AdviserTel: 020 8270 4880Email: [email protected]
Web sites:www.sifinfo.org/ukhttp://localauthorities.becta.org.uk/index.php?section=
ndi&catcode=la_ndi_02
![Page 64: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/64.jpg)
The LGfL USO
Ian Lehmann
Operations Manager
![Page 65: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/65.jpg)
What is USO?
Unified Sign On (USO)
A term used by LGfL to describe an authentication system where the same username and password is used to gain
access to a wide variety of systems.
In this scenario it is necessary to enter the username and password once for each service that is accessed.
However, a user can alter his/her password in one place and have that change propagate to all systems
![Page 66: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/66.jpg)
What is the LGfL USO?
• A database of users within London and the UK
• A database of users which can be maintained by nominated contacts in schools and Local Authorities
• A system for authenticating against LGfL protected resources both Web (Shibboleth) and non-web based.
![Page 67: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/67.jpg)
Service access illustration for LGfL USO User Account holders:
All Users
USO Username
Single Username & Password
LGfL Podcast serviceLGfL Weather Station monitoring systemLGfL Premium contentThe Digitalbrain portalClick to Meet video conferencing systemSophos Anti-Virus update serviceWindows Update Services (WSUS)LGfL Support services and advisory web sitesPAN London Admissions SystemOther VLE/MLEs, including:
It’s Learning, Moodle, First ClassUniservity
Adobe Connect web collaboration suiteAtomwide WebScreenAtomwide Shibboleth enabled Email FilteringAtomwide VPN Remote Access ServicesSynetrix USO Integrated Filtering (UIF)Synetrix Email Systems’ Email Content ControlSynetrix Remote Secure Access ServiceSynetrix E-Safety Service LGfL MLE (Fronter)LGfL StaffMailLGfL LondonMailLGfL MailProtect
With ADSync and/or LASync options
Access to School LAN ‘Home’ and ‘Shared’ areas, and to applications authenticated via the local AD
Access to LA AD authenticated applications inc.: Capita SIMS Learning Gateway
![Page 68: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/68.jpg)
Shibboleth-enabled services:
LGfL Podcast serviceLGfL Weather Station monitoring systemLGfL Premium contentThe Digitalbrain portalLGfL MLE (Fronter)
USO Username (Staff Only)For USO/Shibboleth services, inc.:
Digitalbrain UsernameFor Digitalbrain Service, plus:
Fronter UsernameFor Fronter Service, plus:
Service access illustration for Non Full-USO User Account holders:
With ADSync and/or LASync
Access to School LAN ‘Home’ and ‘Shared’ areas, and to applications authenticated via the local AD
Access to LA AD-applications inc.: SIMS Learning GatewaySharePointCorporate Services
Atomwide/LGfL USO-only Services:
Click to Meet video conferencing systemSophos Anti-Virus update serviceWindows Update Services (WSUS)LGfL Support services and advisory web sitesPAN London Admissions SystemOther VLE/MLEs, including: It’s Learning, Moodle, First Class, UniservityAdobe Connect web collaboration suiteAtomwide WebScreenAtomwide Shibboleth-enabled Email FilteringAtomwide VPN Remote Access ServicesSynetrix USO Integrated Filtering (UIF)
Synetrix Email Systems’ Email Content ControlSynetrix Remote Secure Access ServiceSynetrix E-Safety Service LGfL StaffMailLGfL LondonMailLGfL MailProtect
![Page 69: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/69.jpg)
What other advantages does the LGfL USO provide?
• The USO provides a school or Local Authority with one database of users for authentication against any service.
• The LGfL USO can provide authentication for the Per User Level Filtering service offered by NetSweeper.
• The LGfL USO can also be used to synchronize with the local school or LA Active Directory system.
![Page 70: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/70.jpg)
What does ADSync Look like?
The LGfL USO ADSync does provide one Username and Password for all services
![Page 71: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/71.jpg)
How can you get the LGfL USO for your school or LA?
•Details of the LGfL USO are available from your LA or LGfL representative
•Alternatively see www.uso.lgfl.net for further information or contact [email protected]
![Page 72: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/72.jpg)
LGfL ManagedEmail Services
Brian Durrant
Chief Executive
London Grid for Learning
![Page 73: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/73.jpg)
StaffMail
![Page 74: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/74.jpg)
StaffMail
• For Staff, Governors and Admin• Delivered in conjunction with Atomwide• Dual Hosted (Telehouse and Park Royal)• Fault Tolerant & Resilient• Full Exchange 2007 Functionality• 5GB Mailbox Limit• Max 20MB Email Size inc. attachments• Provided ‘free’ to LGfL Schools
![Page 75: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/75.jpg)
StaffMail Features
• Personal and shared calendaring • Personal and shared address books • Accessible via:
– MS Outlook – MS Outlook Web Access – Outlook Mobile Access (compatible PDA or
m’phone)
• POP3, SMTP, IMAP protocols supported, and mail forwarding
![Page 76: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/76.jpg)
StaffMail Login Screen
• Access to StaffMail is via LGfL USO
![Page 77: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/77.jpg)
StaffMail Outlook Web Access
![Page 78: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/78.jpg)
StaffMail & MailProtect
• All email scanned for viruses, spam and inappropriate content by LGfL MailProtect.
• Staff can control spam including access to spam release, email spam digest reporting, and email in/out reporting.
![Page 79: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/79.jpg)
StaffMail on-line identity & domains• By default each user will receive an email
address based upon their USO account name with a domain name of lgflmail.org
• For example, ‘John Smith’ may receive a USO user name of jsmit001.318 and an email address of [email protected]
• LAs may supply own domain (eg. lbwf.org) and this may be applied to all users in the LA
• Schools may supply their own domain name “schoolname.la.sch.uk” and to be applied to all of the users in the USO in their school
![Page 80: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/80.jpg)
StaffMail Address Books
• Each user may add and delete entries from their own private address book
• a school staff member will see:– all staff at their school - only– all pupils at their school that are using LondonMail– the LA shared list
• a LA staff member will see:– school lists of staff– the LA shared list
![Page 81: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/81.jpg)
LondonMail
![Page 82: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/82.jpg)
LondonMail
• A Microsoft Live@edu service, branded LGfL, offered as a turn-key solution for use by pupils.
• highly availability web-mail service for curriculum use• inbound and outbound mail filtering by MicroSoft• protects against viruses, spam and inappropriate content• all inbound email also scanned for viruses, spam and
inappropriate content by LGfL MailProtect. • Exchange Functionality hosted by Microsoft in Dublin• 5GB Mailbox Limit• Max 20MB Email Size including Attachments• Provided ‘free’ to LGfL Schools
![Page 83: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/83.jpg)
LondonMail Features
• Personal and shared calendaring • Personal address books • Accounts will be accessible via:
– MS Outlook – MS Outlook Web Access – Outlook Mobile Access (compatible PDA or
m’phone)• POP3, SMTP, IMAP protocols supported,
and mail forwarding
![Page 84: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/84.jpg)
LondonMail Outlook Web Access
![Page 85: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/85.jpg)
LondonMail - identities & domains
• each user is allocated an email address based upon their existing USO or new USOlite account name
• ‘John Smith’ receives jsmit001.318 and an email address of [email protected]
• As a Becta Accredited Internet Services Provider LGfL supports email address anonymity. As a requirement of accreditation, LGfL enables LAs and schools to reduce the risk to pupils by providing by default email addresses that protect pupils' anonymity
• An LA may choose to supply their own domain (lbwf.org) and this may be applied to all users in the LA
![Page 86: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/86.jpg)
MailProtect
![Page 87: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/87.jpg)
MailProtect
• Used in conjunction with LGfL StaffMail and LondonMail services
• MailProtect uses email filtering technology provided by Email Systems
• Dual Hosted (Telehouse and Park Royal)
• Fault Tolerant & Resilient
![Page 88: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/88.jpg)
Service Documentation
• The most current versions can be found on the LGfL Support website (http://support.lgfl.net)
• LGfL Managed Microsoft Exchange Email Service for Staff (StaffMail)
• LGfL Managed Microsoft Exchange Email Service for Pupils (LondonMail)
• LGfL Email Content Control (MailProtect)• USO Service Description• USO Service Datasheet• USO Service Pricing
![Page 89: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/89.jpg)
Timelines
• 020 8255 5555 Support Number – Now!• StaffMail pilot users – 17 March 2008• StaffMail first LA – 31 March 2008• LondonMail test users – 21 April 2008• LondonMail pilot schools – 2 June 2008• LondonMail first LA – 24 July 2008• MailProtect – 17 March 2008• Full Production All Services – 3 September 2008
![Page 90: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/90.jpg)
Migration from @mail
• LGfL @mail will cease service 31.10.08
• Contact lists will be migratable
• If full migration is required, use Synetrix Email Hosting sync utility
![Page 91: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/91.jpg)
Future
• StaffMail RIM (Blackberry) Access
• LondonMail Shared Contact Lists
![Page 92: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/92.jpg)
Finally….
New
low-cost LGfL
support number
![Page 93: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/93.jpg)
020 82 55 55 55
• Local call on 020 82 55 55 55
• Same as 08700 63 64 65 (but cheaper!)
• 08700 63 64 65 still operational
• Help desk for StaffMail and LondonMail Services are via Option 3
![Page 94: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/94.jpg)
Microsoft Dublin Data Centre
![Page 95: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/95.jpg)
LondonMail & USO-lite• LGfL USOlite accounts may be provisioned for certain individual
services, such as LGfL LondonMail. Where these have been provisioned, the account is restricted for use only with those designated services
• In the event of non USO account holders subscribing to multiple services that are supplied complete with a USOlite account, then the user may be able to use the same credentials for each service. USOlite accounts cannot access LGfL Shibboleth services such as Premium Content
• Should a user’s account be upgraded from USOlite to a full USO account as part of a school or LA USO purchase, the user will be able to retain their ‘-lite’ on line identity, with its functionality simply being upgraded automatically as part of the process
• USOlite accounts cannot be upgraded individually
![Page 96: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/96.jpg)
Microsoft’s European Mega Data Centre at Grange Castle, Dublin
• Previous slide -Rendering of the finished data centre
• £250 million mostly automated plant
• Total building footprint - 570,000 square feet
• 18.9 acre site
![Page 97: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/97.jpg)
Similar Microsoft Data Centre under Construction
![Page 98: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/98.jpg)
Mobile Learning Devices
Paul Whiteman
Merton
![Page 99: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/99.jpg)
Which Mobile Device?
Paul WhitemanLB Merton
![Page 100: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/100.jpg)
Is it really mobile?
Who is going to carry it ?
![Page 101: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/101.jpg)
![Page 102: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/102.jpg)
Can we afford them?
Can we afford to replace them?
Are they insured?
Value for money?
Buy or lease?
![Page 103: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/103.jpg)
How long do the batteries last?
How long to recharge?
![Page 104: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/104.jpg)
Will it survive the odd knock?
![Page 105: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/105.jpg)
Is it compatible with other systems in the school?
![Page 106: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/106.jpg)
How easy are they going to be to support?
![Page 107: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/107.jpg)
How desirable is it?
Will I find them on sale at the local?
![Page 108: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/108.jpg)
Who owns the equipment?
Who pays for it?
![Page 109: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/109.jpg)
Is your solution future proof?
![Page 110: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/110.jpg)
The London MLE(Fronter 81)
Antony Moore
Fronter
![Page 111: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/111.jpg)
SRF and Technician’s
Richard Allen
Becta
![Page 112: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/112.jpg)
SRF for TechniciansLondon Technicians Conference 17th March 2008
By Richard Allen
Consultant – Learning Services
![Page 113: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/113.jpg)
How are you doing?
• You’ve reduced the number of printer errors by upgrading printer drivers / replacing printers/ ensuring all same type of printers used / stopped people printing huge graphics
• ……. And so on• At which point does your audience stop listening to you explaining all the great stuff you’ve done with drivers, software, networks, computers?
• Why – because they don’t get excited about computer stuff (no really they don’t!!!)
![Page 114: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/114.jpg)
How to promote the good work you do
• Tell your customers the impact it has on them
• Inform your school leaders about the benefits in the classroom
• Show how improved ICT availability is increasing user confidence
• Demonstrate how enthusiastic the students are to learn when using ICT
• The best way to tell them – get them to tell you!
![Page 115: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/115.jpg)
School staff understand assessments
• Use an environment familiar to your customers
• Ask them to assess the use of ICT using the self review framework to show how the school is doing
• Use the technical support assessment to check on how you are doing with ICT support
• Together you could achieve ICT Mark
![Page 116: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/116.jpg)
What is it all about?
“The self-review framework isn’t just about ICT and, interestingly, that is a
key factor of its success. It focuses the mind on the whole spectrum of school
development.”
Steve Gater – Headteacher, Walker Technology College, Newcastle
![Page 117: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/117.jpg)
Self-review framework
A jointly developed framework of standards describing progression through a model of institutional maturity in the use of ICT.
ICT Mark
An agreed set of standards, within the self-review framework, indicating that technology is being harnessed effectively and efficiently.
![Page 118: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/118.jpg)
Mat
urity
and
effe
ctiv
enes
s
A maturity model for developing good ICT……
Self-review framework
All good schools should be here
Some schools will be here
Where are you?
Where are you?
The self-review framework is a maturity model. It describes stages of development across 8 elements.
Developing
Implementing
Strategic
Systematic
Mature
15% - 20%
……using self-review to track progress
![Page 119: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/119.jpg)
Actions supported by the leadership team determine improvement outcomes
..rather than actions changing the learning environment.
Schools tend to focus actions on staff and resources….
The self-review elements working together
Impact on the Learner
The curriculum
Extending opportunities for
learning
Learning and teaching
Assessment
Leadership and management
Professional development(People resource)
Resources
![Page 120: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/120.jpg)
![Page 121: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/121.jpg)
Self-review - people planning improvement
• Review practice not technology• Focus on evaluating whole school improvement not auditing technology implementation
• Review your actions and progress as well as practice
• Use review to establish a consensus involving:–All staff–Pupils' views and insights–Other stakeholders
![Page 122: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/122.jpg)
![Page 123: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/123.jpg)
Element 7; Resources – the strands• 7a. Provision
–7a-1 Physical environments –7a-2 Sufficiency and suitability of resources –7a-3 Digital learning resources
• 7b. Access –7b-1 ICT supporting efficient working practices –7b-2 Technical support
• 7c. Management –7c-1 Procurement –7c-2 Evaluation of ICT resources
![Page 124: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/124.jpg)
Commentary - improvement across all elements
Example - 7a-2
Element 7 – ResourcesStrand a) – ProvisionAspect 2 – Sufficiency of provision
L3 Might link to learning and teaching (element 3) commentary
L2Commentary might also describe improvement and link to impact on pupil outcomes (element 8)
There are enough ICT resources to make a
contribution to the current practice in learning, teaching
and school organisation.
L3
The school is well equipped with a good range of ICT resources and these are
sufficient to make a significant impact on learning,
teaching and school organisation.
L2
![Page 125: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/125.jpg)
The self-review framework..
“…. has enabled all the staff, not just the ICT specialists, to understand where we are going strategically. It has brought us
together and consolidated the whole vision for the school.”
Roger Whittall – Headteacher, Westwood School
![Page 126: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/126.jpg)
Some Useful Becta Tools
•Self Review Framework• Investment Planner (TCO)•Functional and Technical Specs•Framework Agreements•FITS•SIFA and UK Federation
![Page 127: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/127.jpg)
Self-review benefits and outcomes
• Where are you in your whole school improvement and ICT development
• How does your school compare with others• What are your schools aspirations• What does good look like in your school• How will your school progress further• What actions will prioritise• Where might your school need support
![Page 128: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/128.jpg)
Ofsted success for ICT Mark schools
Schools accredited with the ICT Mark are considerably more likely to be rated ‘outstanding’ in all five measures.
More specifically, ICT Mark accredited schools are:
• Four times more likely to be rated as ‘outstanding’ in the Overall effectiveness of the school category (ICT Mark schools: 40%, national primary: 9%, national secondary: 10%)
• Three times more likely to be rated as ‘outstanding’ in the Achievement and standards category (ICT Mark schools: 31%, national primary: 8%, national secondary: 9%)
• Three times more likely to be rated as ‘outstanding’ in the Leadership and management category (ICT Mark schools: 42%, national primary: 11%, national secondary: 12%)
• Four times more likely to be rated as ‘outstanding’ in the Teaching and learning category (ICT Mark schools: 29%, national primary: 7%, national secondary: 5%)
![Page 129: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/129.jpg)
Ofsted reports on ICT Mark schools
The large majority of Ofsted reports on ICT Mark schools contain positive comments in relation to a number of ICT areas, including:
• Use of interactive whiteboards;• Development of pupils ICT skills;• The use of ICT to raise attainment;• Investment and level of ICT resources;• Planning, assessment and pupil profiling using ICT;• Teachers ICT skills;• ICT raising pupil confidence; and• ICT leading to involvement in community events.
![Page 130: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/130.jpg)
Vision and aspirations
What are your aspirations for how technology might be used to support wider school aims and learning environment.
• Classroom and teaching strategies• Curriculum development• Assessment for learning• Extending opportunities for learning• Parental engagement
![Page 131: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/131.jpg)
Celebrate success
Enables schools to recognise and celebrate their successes.When a school feels secure in its judgement that it has reached the nationally agreed standards in all the aspects of the framework, it may choose to apply for the ICT Mark.To gain the ICT Mark the school requests a visit from an accredited assessor, who will validate the school’s self-evaluation.
The ICT Excellence Awards offer further recognition for schools that demonstrate evidence of excellent practice above and beyond the levels of the ICT Mark.Informs other schools and organisations that you are a potential partner for extending opportunities for learning through technology
![Page 132: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/132.jpg)
Assessments, SRF and FITS links
• http://matrix.becta.org.uk
• http://schools.becta.org.uk/index.php?section=srf
• http://www.becta.org.uk/fits
Register your results and be recognised
![Page 134: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/134.jpg)
BSF
Anne Casey
![Page 136: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/136.jpg)
What we will cover in this session
• Fundamental facts of ICT in BSF
• What elements to consider as part of a managed service
• How the ICT funding is allocated
• How much input the schools have
![Page 137: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/137.jpg)
What we wont cover in this session
• The specific ICT elements for your school• The procurement process• The scope of your school/LA managed service
![Page 138: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/138.jpg)
The Golden Thread
ICT Vision & StrategySfC1
SfC
2
OBC
ICTOutput
Spec
ICT Vision
ICT Vision
& Strategy
& Strategy
![Page 139: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/139.jpg)
And the ICT?
![Page 140: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/140.jpg)
![Page 141: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/141.jpg)
What is a Managed Service?At its simplest a Managed Service consists of a single contract designed to deliver all ICT systems and services. This comprises provision of and support for:
Learning Platform including MIS, VLE and learning content Wide area network – probably linking to the LA’s broadband
service Institutional infrastructure (School LAN) All users’ equipment: access devices; peripherals, etc. Network services: user account management; e-mail; back-up;
virus protection; Internet filtering and/or monitoring; curriculum software servers; video-conferencing; etc
![Page 142: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/142.jpg)
And…..
Anywhere, anytime access for all users Integration of legacy hardware and software Change management: operational training; pedagogical
training ICT for school administration Helpdesk Technical support Refresh and sustainability Local choice
![Page 143: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/143.jpg)
ICT Output Specification & OBC
•e.g. the facility for visually impaired students to be able to access their personal, adapted profile from whatever user device they may choose to use at any location
![Page 144: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/144.jpg)
Output specification.
• Design and Installation Requirements (Learning platform, infrastructure and equipment)
• Transition and Implementation Requirements• Operational Requirements• Finance and Management Requirements
![Page 145: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/145.jpg)
The ICT Supply Chain – how it works
LEP Bidding Consortium inc. Construction, FM, F&E, ICT
ICT Partner / key supplier
ICT
Out
put
Spe
cific
atio
nin
c. L
ocal
Cho
ice
Fun
d
Active network kit
Services – AV, email Peripheral devices
VLE MIS
Computer hardware
Curriculum software
Specialist hardware
Tech Support Trainingcentral provision some school choice full school choice
![Page 146: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/146.jpg)
How is a Managed Service financed? BSF capital: £225 per pupil place for passive network
infrastructure BSF capital: £1450 per pupil place for equipment, software and
servicesThis is a way of describing the overall ICT funding envelope.
It is NOT an allocation formula for schools.
School revenue: annual contribution for the 5-year life of the ICT contract to fund on-going maintenance of the ICT managed service: ‘extra’ elements of local choice funds; the refresh pot; training.
![Page 147: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/147.jpg)
What we advise LAs to do.
• Ensure schools understand scope of managed services
• Ensure schools understand current TCO• Engage all technical staff in discussions• Engage all relevant staff in development of the output
specification• Ensure current staffing position and levels of service
are understood
![Page 148: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/148.jpg)
e-Safety
Helen Warner
Kensington and Chelsea
![Page 149: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/149.jpg)
LGfL supporting e-safety
Helen Warner
Royal Borough of Kensington and Chelsea ICT Support Service
![Page 150: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/150.jpg)
• A class of 9 year olds are in the ICT suite. The teacher gives them a research topic ‘Thailand’. Salil calls the teacher over to tell her that the search results include a link ‘adult sex’, he is told “Don’t click the link” and the teacher then moves away to talk to another group of children elsewhere in the classroom.
![Page 151: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/151.jpg)
• Darren, a young Australian teacher, has his own MySpace area and has posted pictures of himself, his friends and lots of details of his life. There’s a video clip of him in Lanzarotte, very drunk, having fun. Some of his pupils have found it.
![Page 152: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/152.jpg)
• A very high number of pupils have their own MSN Messenger accounts and brag about how many ‘friends’ they have. You overhear one of the particularly brash Y9 girls bragging about her ‘older boyfriend’, who she plans to meet.
![Page 153: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/153.jpg)
http://www.esafety.lgfl.net/
![Page 154: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/154.jpg)
Education Programme
![Page 155: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/155.jpg)
![Page 156: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/156.jpg)
• Penelope, Head of Maths, has emailed some pupil reports to her hotmail account so she can finish at home.
![Page 157: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/157.jpg)
Alan, a science teacher, has been using his open Blog to share his views about education, his school and the school’s leadership.
![Page 158: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/158.jpg)
A teacher tells her technician she is upset because a pupil has posted a rude message on a Forum in the London MLE and asks him which child it was because she doesn’t know.
![Page 159: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/159.jpg)
Policy Resources
•Policy separated into sections and includes specific references for child protection and anti-bullying policies
![Page 160: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/160.jpg)
Acceptable Use Policies
![Page 161: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/161.jpg)
![Page 162: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/162.jpg)
• Mr Jones reports that a student has a pornographic image on his screen. The student says the “image just appeared and it’s the first time it’s happened”.
![Page 163: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/163.jpg)
• A 14 year old boy has taken his own life. There is an allegation of bullying and that the pupil had used websites that openly support suicide.
![Page 164: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/164.jpg)
LGfL URL filtering• Based around the NetSweeper filtering system• Provides 4 levels of filtering
Blocks all illegal content on the Internet Watch Foundation blacklist
– Global Deny list - contains other URLs deemed to be entirely unsuitable for access within LGfL network
– Category database - categorises URLs and blocks by category
– Local Deny list - allows blocking of individual URLs– Local Allow list - allows access to an otherwise
blocked URL
![Page 165: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/165.jpg)
![Page 166: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/166.jpg)
LGfL monitoring reportsURL logging
• Every request made through the URL filtering service is logged, including:– Date and time– IP address of the user– URL details– Category of the URL– Whether it was blocked or allowed
• All logs are kept for a minimum of 3 months and are fully searchable
• Logs are stored unprocessed, for forensic purposes
• Forensic software also available – contact Synetrix
![Page 167: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/167.jpg)
NetSweeper Reporter Wizard
![Page 168: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/168.jpg)
• John, the technician finds evidence of a member of support staff gaining access to some pornographic videos. He tells the Deputy, Keith, who says, which computer? “Lets have a look”. Keith takes a look and agrees. They suspect its Danny, who’s part-time and wait until he’s in to challenge him. He denies all knowledge and then accuses the Deputy of harassing him. Danny has never signed an Acceptable Use Policy form.
![Page 169: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/169.jpg)
1. Inform Head / senior leader and start an incident log.
All staff must report back to the member of SMT who updates the incident log at each stage.
2. Don’t use the equipment. Photograph, bag and secure it – witness by 2 people from SMT.
Suspend user’s network / computer access.
3. SMT decide if sufficient initial evidence / doubt to suspend member of staff pending investigation.
Possible incident procedure in case of illegal content
![Page 170: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/170.jpg)
4. Link computer name to IP address on LAN.If auditing enabled on server, link username to computer.Request Internet logs from Synetrix.SMT inform LA – eSafety officer (Personnel) etc.Gather evidence e.g. screen prints if have Forensic software, AUP form, CCTV footage, timetable, etc.
5. SMT decide whether to involve a Third Party Forensic firm.Start disciplinary action if necessary.
In case of Child Pornography – immediately inform Police.0808 100 00 40 at: http://www.met.police.uk/childpornography/index.htm
Possible incident procedure in case of illegal content cont:
![Page 171: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/171.jpg)
Useful Online Resources
Penny Patterson
and
Gary Jelks
![Page 172: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/172.jpg)
Useful Online Resources
Penny Patterson
and
Gary Jelks
![Page 173: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/173.jpg)
How would you use?
• School network
• Standalone in school
• At home only
![Page 174: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/174.jpg)
![Page 175: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/175.jpg)
![Page 176: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/176.jpg)
![Page 177: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/177.jpg)
http://www.tech.lgfl.net
![Page 187: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/187.jpg)
http://www.roboform.com
![Page 188: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/188.jpg)
http://www.safer-networking.org
![Page 189: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/189.jpg)
Social networking
• MySpace
• Bebo
• Piczo
![Page 190: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/190.jpg)
http://www.skype.com
![Page 191: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/191.jpg)
http://www.thinkfree.com
![Page 192: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/192.jpg)
http://www.youtube.com
![Page 193: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/193.jpg)
http://www.lgfl.net/lgfl/accounts/techsupport/techconf/menu/
![Page 194: ICT Technician’s Update Conference 17 March 2008](https://reader038.vdocuments.mx/reader038/viewer/2022102702/56649e185503460f94b03a53/html5/thumbnails/194.jpg)
ICT Technician’s Update Conference
17 March 2008