As teaching methods and classroom practices increasingly incorporate and become reliant on technology, network integrity and online security also plays a pivotal role in schools. One educational institution to realise this is Melbourne's Brighton Grammar School, which recently upgraded its security.
According to Brighton's IT manager, David Young, the internet has become an increasingly important resource due to modern teaching and classroom practices, and business operations.
“We need enterprise-class devices to make sure it all works,” he said. “Users expect the system to be up 100 per cent of the time and it’s our job to make sure everything works,” Young told Computerworld Australia.
“The business of the school is education and so the reliance on having that internet connection there all the time, is quite high and we needed a solution in place that allows us to have failover or a continual type of service available so we don’t interrupt what the students are doing.”
Despite not having an excessive number of connections failures, two or three per year excluding scheduled maintenance, Young said the school wanted to be active about the network reliability and security.
“We have an enormous diversity of user requirements with students from three years of age through to adults of 70 or 80 using school resources,” he said. “All have their own specific requirements that we need to address, whether it's from a duty of care point of view or a research perspective.
“For example, we have to be aware of not letting users access sites that contain inappropriate information and therefore we need to be able to identify traffic and build appropriate rules for that traffic.”
Brighton Grammar maintains an IT infrastructure that includes a 10 gigabyte (GB) backbone, a storage area network, a virtualised environment, along with 600 computers, 30 notebooks and more than 50 thin clients.
Additionally, the school’s recently established research centre, located in Melbourne’s CBD, connects to the school via a virtual private network (VPN). The system is used by approximately 1500 on-site staff and students, and also remotely by parents.
Detailing the school's procurement process, Young said three or four vendors were considered, including Blue Reef, but decided on the most recent solution from WatchGuard, deploying it as a firewall and web service for internal resources. The school originally deployed WatchGuard technology in 2002, however after considering other offerings, Young said dollars and functionality, led him back to WatchGuard.
“Management of the devices was already known by the IT team here, so that was taken into account, as well as the upgrade path from our current configuration to the new one and how that would be handled in the process,” he said. “Training was also taken into account, the same number of staff do exactly the same job, I just now have a service that does a lot more for me.”
According to Young, the school had redundancy within its servers and backend infrastructure, it came down to the firewall as a single point of failure. For this reason the school implemented two WatchGuard XTM 8 series appliances at its main campus, with one acting as a fail-over for the other. At its remote sites, another WatchGuard Firebox X Core series device is used for VPN connectivity.
“We chose WatchGuard because of its ease of management,” Young said. “The information that we get from WatchGuard and from our logs means that we know where things are supposedly going and what's happening with the network. We keep intrusion detection turned on and periodically we test it from outside the organisation to make sure there are no security holes.”
Like any firewall, the WatchGuard solution needs to be regularly reviewed says Young, “it needs to be managed, maintained and upgraded”.
According to Young, an ongoing challenge is the need to adapt security to meet changes in the technological infrastructure.
“It's not just a matter of desktop computers any more, network users demand access via wireless notebooks, smart phones, iPads and any number of portable devices.”
To date, the new system has not had a failure, with Young noting the system has now a higher redundancy available which he says will become increasingly important in years to come as mobile devices take off more.