You are here

Transforming Education

Modern education networks are complex, and serve a rapidly developing set of requirements, some of which challenge the technology and its security. Online applications, e-learning, and media-rich teaching methods provide immense benefits to secondary and tertiary education providers. Today's students, with access to advanced learning resources, remote schooling and online opportunities, are the next generation in education.

A school is responsible for the security of its pupils and its network, and must provide an efficient, safe and effective computing environment which serves the entire school—pupils, teachers and administrators, and all the other members of the school community.

Allied Telesis is an industry leader in networking solutions. With our proven history of delivering highly reliable and feature-rich advanced network solutions, more and more education providers are turning to Allied Telesis to transform their environment and achieve their goals.

At Allied Telesis, we know you must supply advanced cutting-edge network services to tomorrow’s generation, within limited budgets. Allied Telesis has been implementing leading edge educational networks for many years. Our advanced, high value product portfolio provides the security, mobility and high performance you need for your education network, both now and well into the future.

Allied Telesis education network solutions

When it comes to implementing networks, education providers face a number of challenges. They must provide:

  • Individual access to appropriate resources for staff and students, while protecting confidential information and maintaining privacy—identity-based networking.
  • Secure network access to students and staff anywhere on the campus at any time, including roaming wireless access—mobility while maintaining security.
  • Secure connection to online resources and the Internet, protecting both the network and students from inappropriate material and malicious threats, while minimizing administration overhead—security without inconvenience.
  • Support for new e-learning technologies, such as streaming video in multiple locations simultaneously, video conferencing, distance learning, and remote network access. All provided within often constrained IT budgets—advanced value-added services.

Finding a network that meets all your needs can seem like an impossible task. Read on to learn how Allied Telesis Solutions, tailored for your organization, make meeting your needs both achievable and simple.

Identity-Based Networking

Ensure that your staff and students enjoy constant access to appropriate resources, while still maintaining the privacy and security of confidential information.

Education providers offer increasingly advanced online resources. They also maintain critical student and curriculum information, which must be kept private and protected from malicious use. Maintaining privacy and confidentiality, while still providing the appropriate access to resources for individual staff and students, can seem an overwhelming task.

Network Access Control
To solve this problem, Allied Telesis products support Network Access Control (NAC), a leading light in the networking world. NAC has introduced identity-based networking, which is superior to previous methods of controlling online information access. NAC’s automated nature is of real benefit for busy IT staff, as it simplifies complex administration tasks.

NAC allows for unprecedented control over user access to the network, in order to mitigate threats to network infrastructure. Allied Telesis switches use IEEE 802.1x port-based authentication in partnership with standards-compliant dynamic VLAN assignment, to assess a user’s adherence to network security policies and either grant authentication or offer remediation. Furthermore, if multiple users share a port then multi-authentication can be used. Different users on the same port can be assigned into different VLANs, and so given different levels of network access. Additionally, a Guest VLAN can be configured to provide a catch-all for users who aren’t authenticated. NAC also checks users' adherence to network security policies before granting network access, proactively stopping threats before they can enter the network.

Many leading network vendors have implemented NAC solutions and Allied Telesis advanced switch products support a number of these, including Microsoft, Symantec and Sophos. Allied Telesis products and expertise enable deployment of a robust NAC solution with minimum effort. Allied Telesis switching products have been extensively tested for compliance with popular NAC vendors, and we have published convenient step-by-step guides to implementing a comprehensive solution.

 

Secure Mobility

Provide secure network access to students and staff anywhere, anytime, both on and off the campus, including roaming wireless access.

Wireless networking has increased exponentially in recent years, with demand for access to online applications anytime, anywhere. This is seen in the prevalence of new smart phones, tablets and gaming devices with built in Wi-Fi capability. All new laptop computers now have wireless built-in as standard – an expensive addition just a few years ago.

As young people are typically the early adopters of the latest technology, today’s students increasingly expect that their home and school or campus will provide wireless access. Wireless is also imperative for teachers and lecturers, who often make use of multiple rooms, theatres and other teaching spaces, yet require continual network access.

Furthermore, you must ensure that staff and students have the same level of access wherever they choose to connect to the network as more and more advanced high demand applications are made available on education networks. Wireless networking adds a further dimension that must be considered to keep mobile users securely connected, while not allowing access that would compromise the privacy of certain resources and sets of data.

Allied Telesis wired and wireless solutions utilize features such as NAC and tri-authentication to provide secure network access from anywhere on campus. Lecturers using multiple rooms over the course of a day can be assured that they will have instant access to their presentations and other media from any location. Students who access the network via their own laptops can gain the appropriate access to online information and the Internet.

Tri-authentication
Authentication options on Allied Telesis switches include alternatives to IEEE 802.1x port-based authentication, such as web authentication to enable roaming and guest access, and MAC authentication for end points that do not have an IEEE 802.1x supplicant. All three authentication methods - IEEE 802.1x, MAC-based and Web-based, can be enabled simultaneously on the same port (tri-authentication). This ensures uniform inspection of all users and devices wishing to gain access to the network, maximizing security.

 

Security Without Inconvenience

Secure connection to online resources and the Internet, protecting both the network and students from inappropriate material and malicious threats, while minimizing administration overhead.

The need to maintain network security for all users, devices and applications in an education network is a major administrative overhead facing IT staff, who are tasked with keeping everything running efficiently. Allied Telesis has a number of advanced features to ease or automate network administration tasks, greatly reducing this burden. Simplifying and automating the management of staff and students’ online resource use, from all locations across the school or campus, ensures that you maintain uniform security. Plus, NAC provides - and automates - the ability to guarantee that a user’s security status meets with current policies.

Control of network addresses used by computers and other devices, checking users’ identities and managing network traffic volume and congestion are all time-consuming tasks. Allied Telesis have conceptualized ‘Network in a Box’, which automates several network administration tasks by integrating services directly into advanced network switching products. This reduces the load on IT staff and increases security.

Maintenance and configuration of network equipment is greatly simplified with an Industry Standard Command Line Interface (CLI) on Allied Telesis products. This keeps training requirements for IT staff at a minimum, and reduces both your network management complexity and deployment costs. A Web-based Graphical User Interface (GUI) also ensures a user friendly way to monitor and configure your network.

Advanced Value-Added Services

Support of new e-learning technologies such as streaming video seen in multiple locations simultaneously, video conferencing, distance learning, and remote network access. All provided within often constrained IT budgets.

Modern schools and campuses use multimedia in many forms. Lectures on demand, distance learning, video conferencing and in-class streaming video are just some of the network intensive applications that can place strain on your network infrastructure.

The ability to simultaneously view video from centralized servers in a number of locations is made possible with Allied Telesis’ leading multicast features, allowing high quality video streaming which is controlled for the most efficient delivery - minimizing the amount of network bandwidth consumed.

As online applications become more media rich and bandwidth intensive, high availability for network resources is mandatory. Advanced switches that include dual power supplies, hotswappable expansion modules and robust software features ensure that both hardware and software continue functioning under the highest load.

Technology has created tremendous opportunities for today’s students. The addition of video and other advanced services to the standard data network has increased the need for extremely high resource availability. Managing traffic flow and volume on the network is something Allied Telesis switching solutions are especially good at, with advanced high availability features like Virtual Chassis Stacking (VCStack™) and Ethernet Protection Switched Rings (EPSRing™). The wide portfolio of products supporting these features means that there is a powerful solution available for any size network.

Remote Access
Another value added service that has become increasingly important in today’s connected world is remote access to the network – staff need to have access to shared resources even when they are not on campus. When working from home or on a field trip, the ability to access files on school servers, or from shared education networks, can be a real time saver.

Secure, high-speed remote VPN access enables staff to work anywhere and still feel directly connected to the campus network. The knowledge that they can be just as productive in lesson planning and research off-site as on-site is very liberating for staff, and enables them to get that work done at times and places that work best for them. Allied Telesis secure routers can encrypt and firewall hundreds of remote access sessions at the same time, making them ideal VPN gateways for even the largest educational institutions. The VPN service within the routers is completely interoperable with the standard Private Network Connection settings in Microsoft Windows and Mac OS X – making it very simple to set up staff laptops for secure remote access.

 

High Speed Connectivity for a School District

In most countries, the administration of the education system is distributed into regional authorities. These are called school districts, local education authorities, education regions, and other such names, depending on the country.

But, regardless of what they are called, regional school administrations the world over have similar requirements—to operate efficiently, and to take advantage of new technology to open up new learning opportunities for their students.

An important step toward achieving these goals is to provide reliable, high bandwidth, data connections between the schools in the district.

Allied Telesis provides school districts around the world with cost-effective network backbones.

 

 

Using Allied Telesis Ethernet Protection Switched Ring (EPSRing™) technology, any number of schools can be connected to a data backbone that provides Telco-level reliability and ultra-fast (as low as 50ms) failover upon link loss.

Core rings of 1 Gigabit or 10 Gigbit bandwidth can be provisioned at a surprisingly affordable cost.

As the EPSRing provides a standard layer-2 Ethernet backbone, there is very little restriction on the applications that schools can run across it. With this uncomplicated, high-reliability, high-bandwidth connectivity in place, new options open up for the school district and for the individual schools:

  • Data resources can be seamlessly shared between schools. Large data files can be quickly accessed by one school from another school’s storage, or from a centralized storage location.
  • Students in one school can join classes in another school via high definition video connections.
  • Video of school cultural or sporting events can be multicasted to all schools in the district.
  • Financial efficiencies can be achieved through multiple schools sharing a single, high bandwidth Internet connection, with a single point of firewalling and content filtering.
  • Students from different schools can work collaboratively on projects.
  • Security surveillance and physical access control can be monitored and managed from a single location.
  • Advanced telephony services can be provided to all the schools via a shared VoIP network.
  • IT expertise for network management and maintenance can be more effectively deployed on a district-wide basis.

Flexible, Customizable, Expandable
A characteristic quality of this Allied Telesis solution is that the network adapts to suit the schools, rather than the schools having to adapt to fit the network.

The flexibility of this solution is such that the backbone ring can accommodate anything from three schools to 20 or more. The links within the ring can be as short as a few meters, or as long as 10s of kilometers. There is no restriction on the bandwidth of the backbone links. They can be anything from 10Mbps to multiples of 10Gbps.

New schools can be added into the ring with very little disruption to existing users. When the ring is broken to connect a new school, the ring automatically reacts to the break, and ensures all existing users’ traffic is directed over the remaining intact links.

As bandwidth requirements increase, incremental bandwidth upgrades can be performed on an in-service ring with minimal disruption. Different bandwidth links can co-exist within the ring for an indefinite period, while the upgrade is performed step-by-step around the ring.

Once the network is in place, then the district’s network administrators can configure an enormous variety of Ethernet-based services across the network. The network will support all types of unicast and multicast Ethernet services, using IPv4, IPv6, Appletalk, or whatever other network protocols are in use within the schools.

 

A Secure Network for Schools

Schools offer a unique set of challenges to IT network designers. In addition to all the usual requirements of modern network users—high bandwidth, resiliency and scalability—schools demand both stringent security and high flexibility.

First, school network users are highly mobile. Students and staff typically move between many locations in the course of a day—from classrooms to labs to libraries and dorm rooms. Second, restricting physical access to network connection points is very difficult in such a mobile environment. Students, staff and even members of the public frequently come and go from school buildings, and it is almost impossible to monitor all these people all the time.

In spite of this, parts of the network must be kept secure. Staff must have access to certain network resources, particularly server drives, to which students must not gain access.

Some students may even pose a threat to network security. They have the ability, time and often the inclination to probe for every weakness in the network's security set-up.

In other words, school networks take the often-discussed security versus flexibility dilemma to the extreme.

Fortunately, Allied Telesis Ethernet switches can provide a solution that supports these conflicting requirements.

The technology that is at the heart of this solution is user authentication with Dynamic VLAN assignment.

The solution based on this technology prevents unauthorized access to the network, while still giving users appropriate access to network resources, regardless of where they physically connect to the network.

 

Configuring all the network’s access points to require authentication ensures that users cannot even send packets into the network until they have provided valid authentication credentials.

VLAN assignment puts authenticated users into an appropriate VLAN, based on their authentication credentials. Therefore, users experience the same network environment no matter where they connect from.

A third key technology in the solution is hardware-based Access Control Lists (ACLs). Appropriate configuration of these ACLs will guarantee that users can only access those parts of the network that they are allowed to access.

Installing a secure network, based on these technologies, will put in place an infrastructure able to deal with the ever increasing number of different mobile computing devices that staff and students are now bringing into schools. Allied Telesis switches provide a comprehensive user authentication capability that can authenticate any Ethernet-connected device, and ensure there is a complete wall of protection around the network edge.

 

Learn More

To learn more about Allied Telesis Smart Technology for Smarter Solutions, contact your Allied Telesis representative.

Find an Allied Telesis Office near you

Video: SIT benefit from AMF smart technology

Allied Telesis Management Framework (AMF) transforms the multi-campus network at the Southern Institute of Technology (SIT).

Video: Allied Telesis Solves Big Connectivity Challenge at Elite Private School

Rowland Hall, in Salt Lake City, uses the Allied Telesis Extricom Series wireless technology.