Being a network administrator in the era of the eSchool isn’t easy. Graphically intensive applications like videoconferencing and multimedia can chew up bandwidth faster than you can click a mouse, while curious or malicious students have the ability to change network settings and knock systems, even entire networks, off line. And though the internet offers a wealth of useful information, administrators must ensure that only appropriate materials find their way to students’ desktops.
To top it all off, along with the challenges has come an increased importance of networking to the classroom curriculum.
“Computers have become such an integral part of the curriculum that teachers need school networks to be up and running to do their jobs,” said Phillip Hibbert, assistant superintendent for technology services at the Cobb County School District in Marietta, Ga. “A few months ago, a communications problem knocked part of our network off line and a handful of classes were canceled.”
A network administrator’s job is to keep network connections running so this doesn’t happen. Meeting this goal has gotten tougher, because the number of computers in use is rising and network connections are becoming larger and more complex. Consequently, there are more potential problems than ever.
In 1995, the Cobb County School District had only local area networks (LANs), but the state pumped $40 million into frame-relay 1.5-Mbps wide area network (WAN) lines to move information from school to school. A 45-Mbps connection at the central management facility helps network administrators monitor 25,000 computers supporting 91,000 students in 61 elementary schools, 19 middle schools, 14 high schools, and four special education centers.
Network equipment vendors and software suppliers have delivered a raft of tools to monitor network connections and keep them afloat–most of the time. As its network has grown, so has the number of tools Cobb County School District network technicians rely on.
The district uses CiscoWorks from Cisco Systems Inc. of San Jose, Calif., to control network equipment, such as routers and switches; ManageWise and Z.E.N. Works from Novell Inc. of Provo, Utah, to oversee its LAN servers; and a number of tools to control individual components, such as frame-relay access devices. Despite the growing list of tools, the district expects the number of problem calls to increase from 12,000 to 16,000 this year.
With demands for support growing, the district would like to make its staff more efficient. Unfortunately, that’s not a term usually associated with management tools. Part of the problem stems from the complexity of current networks.
Even in a simple dial-up connection, a problem could originate from a variety of locations: a desktop application, a communications package, a modem, a WAN link, the receiving system’s modem, a remote access concentrator, a corporate LAN, a directory server, a backbone switch, a web server, or a web application.
Network administrators would like management tools that examine each of these components and determine which one is slowing down the connection. Instead, suppliers traditionally have delivered point solutions capable of examining only one component of a network connection. For instance, a router supplier will offer a tool for its products, and a server will work with another supplier’s product.
Under these conditions, a technician must examine all the equipment that could be having trouble servicing users’ requests (desktop PC, LAN, WAN, server), identify the faulty component, and then make the necessary upgrades. Because there are so many potential problem spots, this process slows problem resolution to a crawl and increases support costs.
Fortunately, vendors such as Computer Associates International of Islandia, N.Y.; Hewlett-Packard Co. of Cupertino, Calif.; and IBM’s Tivoli Division in Austin, Texas, have recognized the need for tools that consolidate management data in a single location and provide users with a clear view of end-to-end performance.
These vendors offer enterprise management systems that act as central clearinghouses for, and provide consistent interfaces to, management data. Cobb County School District has allocated $75 million during the next five years to keep pace with network growth, and this year some of that money will be used to purchase an enterprise management tool.
Even if a manager can ensure that network connections are working, that wouldn’t necessarily mean that a school’s network is functioning effectively. Students and administrators don’t want to sit idly at desktop computers waiting for information to arrive, so network administrators must ensure there is sufficient bandwidth to process transactions quickly.
Bottlenecks are becoming more common, for a couple of reasons. “The type of information students and administrators work with has changed from simple text documents to graphic and multimedia (sound and video) files,” said Bob Moore, network administrator for the Blue Valley School District in Overland Park, Kan. Whereas text files may need only a few thousand bits per second (bps) of bandwidth to move from place to place, a multimedia file can require millions of bps.
Population growth can also wreak havoc with network planning. Each year, 15,000 families move into the Cobb County School District–and that means 2,000 more students will be added to the district’s network. “We know that a few new stress points will emerge each year, but we are just not sure where they will be,” Hibbert said.
The most common performance problems take place at the desktop or the backbone, which moves information to and from multiple users. To counter bottlenecks, vendors have delivered new networking techniques that offer more bandwidth. Ethernet has emerged as the dominant desktop connection, because it is easy to install, simple to manage, and cheaper than alternatives. Schools usually start out with shared Ethernet networks, where groups of users share one 10-Mbps LAN.
On a shared LAN, as the number of users rises, so does the volume of network traffic. Schools can solve this problem by dividing one LAN into multiple LANs, a process called segmentation. One 200-user LAN could be broken into two 100-user LANs or four 50-user networks. Switched Ethernet is the ultimate segmentation, because it provides each user with his own 10-Mbps connection, and this option is becoming quite popular.
Blue Valley School District has 16,000 students and about 5,500 Macs and PCs in 26 schools. A booming suburb that adds 800 students and one new school each year, the district had relied on shared Ethernet wiring hubs from 3Com Corp. of Santa Clara, Calif., but has now begun moving to Cisco Ethernet switches. “We could not continue to rely on shared connections and service our users effectively,” Moore said.
Yet the Lee County School District in Fort Meyers, Fla., found that moving to a switched environment increases management chores. The district has 70 schools with 7,000 employees and students. Its desktop mix of about 70 percent PCs and 30 percent Macs led the district to select Ethernet wiring hubs from Asante Technologies of San Jose, Calif., a few years ago. “Asante offered the only hub that worked equally well with PCs or Macs,” said Ed Conowal, a network systems administrator for the district.
With its bandwidth requirements growing, the district has begun to install Ethernet switches. “While the switches give us more bandwidth, management can be difficult; we would like more management data built into every switching port,” Conowal said.
While many districts find switched 10-Mbps Ethernet sufficient for desktop connections, Hunterdon Central School District in Flemington, N.J., opted to install 100-Mbps links. “We are aggressively deploying leading-edge technology to enhance the learning experience,” said Roland Pare, director of information systems for the district. As evidence, the district’s 2,135 students, spread across six buildings, have 1,200 computers–a student-to-PC ratio of less than two to one.
Such high-speed links are usually limited to backbone connections. Three technologies have emerged to help schools circumvent backbone performance problems: Fast Ethernet, which operates at 100 Mbps; Gigabit Ethernet, which works at 1 Gbps; and Asynchronous Transfer Mode (ATM), which offers speeds from 155 Mbps to 2.4 Gbps.
Ethernet networks can be upgraded easily from a lower to a higher speed; the change usually requires only a minor alteration to a LAN’s switches. A school can often keep its adapter cards and network management tools in place.
Moving to ATM is a more jarring process: A school must install new adapter cards, switch connections, and network management software. Also, deploying ATM means that network technicians must learn the nuances of a new technology and oversee a few networking technologies rather than just one, which increases training and maintenance requirements. Finally, Ethernet products can cost as much as 50 percent less than ATM wares.
Yet many schools are opting for ATM. Three years ago, the Blue Valley School District completed a Request for Proposal’s to major data communications suppliers for a new backbone. “Most of the vendors were pushing Fast Ethernet, but we wanted to put ATM in,” Moore said.
The reason: ATM has well-defined Quality of Service (QoS) capabilities, an area where Ethernet now lags. “On an IP (internet protocol) network, a school can implement end-to-end QoS if it relies on one’s equipment at each point along a connection,” said William Fowler, education solutions manager at Cisco.
QoS is important when districts deploy multimedia applications that mix voice, video, and data transmissions. Ethernet was designed to carry data transmissions and is not ideally suited to video and voice communications. With Ethernet, information travels across a network in a random fashion. In a series of 10 packets, packet number eight may arrive before packet number six. The computer system at the receiving end shuffles the packets so the information is presented correctly to an end user.
Packet arrival order isn’t important with most applications, because the user doesn’t examine data at the instant it arrives. But that isn’t the case with multimedia applications. If packets arrive in an improper sequence, a picture may fluctuate or a voice may sound garbled. Because multimedia applications require information to arrive in sequence, companies are leery of running them on Ethernet networks.
A second problem is bandwidth connection. On an Ethernet network, bandwidth is parceled out on the fly. A user may begin sending a large file when no one else is using the network and the transmission will start out fine. A neighbor may start to access a database and the transmission could slow to a crawl. With a data file transfer, the only impact is the user has to sit and wait longer than he’d like to complete the transfer.
Interactive video and voice applications can’t tolerate such fluctuations. If two users are conversing and the available bandwidth shrinks, a transmission will jar or possibly break completely.
QoS solves these problems by opening up a clear communication line between two end points. Data move freely on this connection, regardless of how many other users may be using the network.
Since the Blue Valley School District anticipated its backbone would carry video and voice traffic along with data, the school opted for an ATM backbone. Because there were fiber lines between all its buildings, the district put together an ATM private network using Catalyst 5000 switches from Cisco, its primary network equipment supplier.
Hunterdon Central School District also is an advocate of ATM. In 1997, the district relied on Fiber Distributed Data Interfaces (a waning network option) to link its sites, but found the network, which operated at speeds of 100 Mbps, wasn’t fast enough. Students work with several multimedia programs–the district has 49 CD-ROM drives online–so the district decided ATM was the better option.
Filtering inappropriate content
In addition to bandwidth, the internet raises the issue of how schools can screen inappropriate content from students. “Students are so technically savvy that by fourth grade, they know how to get into just about any site on the internet,” said Dwight Code, technology coordinator and guidance counselor for the Harvard Public School District in Harvard, Neb.
Vendors have delivered a number of filtering tools to help school administrators block access to inappropriate sites. Client-side filtering applications reside on an individual workstation’s hard drive and operate in one of two ways. The most common places a list of inappropriate URLs that cannot be accessed by the computer without an override password. With the second approach, the opposite occurs: Users can only access those URLs contained in the filtering software.
Benefits of client-side filtering include the ability to block internet web sites, newsgroups, chat channels, personal information, words, and phrases. Most client-side filtering products also let users edit existing block lists, so they have the opportunity to customize lists.
One problem is that most client-side solutions don’t offer the schools an updated, easy-to-maintain database of blocked sites. Vendors offer updates (the frequency varies by supplier) either as part of a product upgrade or through web site downloads; both options can be tedious processes in large school districts. Another issue is that students might be able to disable such products. In fact, several web sites provide easy instructions for circumventing client-side solutions.
Server-based filtering solutions, on the other hand, reside on a network server that contains a list of blocked URLs and internet activities such as web chat, free eMail, bulletin boards, and newsgroup sites. All network internet traffic is routed through the server.
Installation and maintenance of server-based solutions is generally simpler than workstation options, because a technician deals only with one point on the network instead of individual connected workstations. Updating the list of blocked URLs is easier for the same reason.
Because filtering is conducted at the network level, as opposed to the workstation level, server-based filtering is less susceptible to being disabled by students or other technically savvy computer users. However, server-based filtering solutions are usually more expensive than client-side applications.
While easier for administrators, server-based filtering is sometimes less flexible for individual users. Filtering decisions often might be made on the administrator level, with little or no input from each school. However, certain server-based solutions provide some type of authorized override for teachers and approved individuals.
Because they are simpler to maintain, most schools opt for server-based systems. Hunterdon Central was impressed with the record tracking of its I Gear, a filtering tool from URLabs Inc., a Hampton, Va., software supplier.
“At the beginning of the year, I received a phone call from the local police–and an hour later, a visit from the Secret Service,” Pare said. “One of our students had posted a message threatening the president in a chat room. Within an hour, we knew who it was.”
Because maintaining a filtering package represents one more administrative chore for overworked network managers, vendors also offer services where they maintain the filtering software and a school passes all of its internet traffic through it. That option appealed to Harvard Public
School District, whose network administrator doubles as a guidance counselor. Last fall, the district took advantage of services from N2H2 Inc. of Seattle to prevent access to pornographic, violent, and hate group sites, such as the Ku Klux Klan’s web site.
But not all schools give the filtering tools high marks. “We’re not sure that the tools are sophisticated enough to block out only inappropriate materials,” said Cobb County’s Hibbert. “We fear they may block appropriate materials as well.”
Because of such concerns, a new type of filtering tool is emerging. In March, SmartStuff Software of Portland announced FoolProof Internet SafeFilter, which relies on a rules-based engine to examine content as it arrives on a machine. “The system has the ability to examine graphic and video information as well as text and determine whether it is suitable content,” said Richard Chapin, company founder.
Even though the tools are improving, the Blue Valley School District has no plans to put any filtering capabilities on its internet connections. “We are trying to position use of the internet in a positive rather than restrictive manner,” Moore said. The district has a policy that if students don’t work with information appropriately, they can be suspended.
Helping make such decisions becomes one more task for weary network administrators. While the growing list of chores presents many challenges, there are tremendous tangible benefits as well–such as seeing how their work helps students learn.
“Our network and computers are powerful tools, like a blackboard and chalk, that enable teachers to influence students,” Pare said. “Our job as administrators is to find ways to use them better.”