Page 1
Laying the groundwork for
tomorrow’s digital schools
K-12 Education Networking Guide
Brochure
K-12 Education Networking Guide
Page 2
Advanced technology in elementary, middle, and high schools creates
new ways for students to learn, and changes how teachers plan and
deliver lessons. It also provides the digital tools for school
administrators to simplify operations, better comply with regulations,
and deliver a safer environment for students and teachers.
Is your K-12 network ready for the digital education innovations of
the future?
This guide provides school administrators and IT teams with
information and strategies for designing efficient and cost-effective IT
networks that enable dynamic and engaging digital learning
experiences. This secure, high-performance platform supports
Brochure
K-12 Education Networking Guide
administrative innovation for today and into the future.
2
Page 3
Changing realities for students and learning
Today, most K-12 students have never experienced life without the internet or smartphones, and this reality is
reected in the classroom. Digital learning processes and experiences are enhancing traditional textbooks and upending
conventional classroom teaching methods. Online lessons, hybrid classrooms, testing, and assessments are now part of
most curricula. Laptops, tablets, and smartphones have become primary instruction tools for students, who are
downloading an increasing number of online apps to enhance their digital learning experience.
The underlying IT network that supports these innovative K-12 educational
advances must be a cost-effective investment today, while also extending value
into the future, as a platform to support new technologies entering the educational
space. These include:
• Robotics and other STEAM initiatives (science, technology, engineering, arts,
mathematics)
• Maker spaces
• Learning experiences in coding
• Augmented and virtual reality
• The Internet of Things (IoT)
In today’s educational facilities, the network must address the needs of school
administration, staff, and IT departments. For these audiences, data privacy plus
network and device security are of primary importance. Other considerations include:
• Deployment and procurement costs
• Ease of device onboarding
• Network performance and coverage
• Training and operational simplicity
Pervasive wireless connectivity is required to support these diverse user cases. Wi-Fi
is the dominant wireless networking platform as it allows users to be located virtually
anywhere and to employ any device. However, as use of mobile devices increases,
existing networks can easily be overwhelmed with increasing bandwidth demands.
Brochure
K-12 Education Networking Guide
Getting your network ready for tomorrow’s digital advances in learning, teaching,
and administration requires a thoughtful approach and a comprehensive strategy to
ensure investments are future-proof and ensure optimal interoperability.
This document provides eight tangible recommendations for K-12 IT departments
when designing efcient and cost-effective school networks that enable more
collaborative digital learning experiences, support more creative teaching
methodologies, and empower administrators with the latest monitoring, analytics,
and management tools.
3
Page 4
Market trends
K-12 schools are undergoing a digital transformation. Technology is the driving force
for enabling more personalized and dynamic learning experiences for primary and
secondary students. These advances are impacting the classroom in a variety of ways.
• Digital and immersive textbooks: Today, digital textbooks have displaced
paper textbooks in many K-12 classrooms. They have advantages over
physical books, including instant availability, ease of updating, and the
ability to store many e-books on a single device. However, digital textbooks
are in turn being displaced by immersive textbooks that employ interactive
technologies, advanced user-experience design, and gamication to
enhance instruction, make learning more engaging, and address different
learning styles.
• Game-based learning: Game-based learning blends video game technology
and online learning tools to make teaching and training more engaging.
These technologies are designed to take advantage of virtual and
augmented reality to increase student engagement and content retention.
• Blended learning and the ipped classroom: The blended learning model
combines classroom and online learning to give students more control
over the time, pace, and place of their instruction. Blended learning is
ceding importance to the ipped classroom model in which students watch
video lectures on their own and then attend class for discussions and
collaborative activities.
• 1:1 student to device ratios: Many educational districts have made the
commitment to a 1:1 ratio between students and devices. This is now
shifting to a one-to-many paradigm where different tasks require different
devices, and students need access to laptops, tablets, and smartphones
depending on the project.
• Digital testing: Online testing and assessment technology helps teachers and
administrators more accurately and meaningfully measure student achievement.
Digital testing can provide detailed insights into the success of learning methods
and offer detailed metrics and analysis for developing remediation solutions.
These platforms provide visibility into how individual students are interacting
with online content, enabling the ongoing monitoring of individual learning.
• Predictive assessment capabilities: At the cutting edge of assessment
technologies is the development of predictive assessment capabilities that can
track student prociency without actual testing. By monitoring how individual
students are interacting with educational content and relating that data to past
testing scores, advanced analytics platforms can make predictions about the
progression of students without having to submit them to constant testing. The
same platform can also provide teachers with targeted recommendations and
relevant lessons to address the needs of individual students.
• Bring Your Own Device: With the Bring Your Own Device (BYOD) movement
students and teachers bring their private devices to the network. This may
be a boon in districts that can’t afford to equip classrooms with a 1:1 ratio of
devices, but implementing BYOD securely and effectively can present challenges.
Many conventional IT networks weren’t designed to support a diversity of
devices and protocols, and the school’s underlying infrastructure must be sound
enough to support multiple disparate devices and networks while guaranteeing
interoperability and security.
Brochure
K-12 Education Networking Guide
4
Page 5
The role of technology
The role of technology in K-12 education has moved beyond
substituting physical textbooks with eBooks. To take advantage
of the opportunities offered by these advancing technologies
will similarly require moving beyond the constrained IT
networks found in most schools today.
IT networks that keep pace with today’s students
The advances mentioned above are moving so fast and are proving effective
because today’s students are more technologically sophisticated than ever
before. These students expect to experience the same innovations in their
classrooms as they do in social media and entertainment.
Students today also understand that familiarity with advanced technologies is
important beyond the use for teaching. Gaining prociency with a variety of
device types and having experience with applications such as augmented or
virtual reality help students prepare for success in tech-intensive university
education.
According to a 2017 survey of 43,559 undergraduate students in 124
institutions in 10 countries conducted by EDUCAUSE Center for Analysis
and Research, 96 percent own a smartphone, 93 percent own a laptop, and
85 percent use their laptop for academic purposes in most or all courses.
Students surveyed also approved of teaching methodologies that embrace
technology. Forty-six percent of respondents said they get more involved
in courses that use technology, and 78 percent agreed that the use of
technology contributes to the successful completion of courses. Eighty- two
percent preferred classroom methodologies that feature a blended learning
environment.
1
IoT supports institutions educational, safety and
operational needs
Connected teaching technologies and IoT are already prevalent in the classroom and in use
for campus security and administrative purposes.
Smart audio-visual equipment such as interactive displays, smart boards and digital
projectors have been xtures in classrooms for some time. Apple TV is also popular in
classrooms for online streaming content via Wi-Fi. This technology makes it easy to mirror
screens from student iPads; watch streaming news, videos and other content; and take part
in group video calls via services such as Rainbow™ by Alcatel-Lucent Enterprise
and FaceTime.
Science classrooms and labs are increasingly connected. A growing emphasis on STEM
education plus interest in encouraging maker culture requires the support of new device
types, including robotics, Raspberry Pi and other development platforms.
IoT has a growing presence in education, particularly in campus security applications. These
include surveillance cameras, smart door locks, and connected buses. In addition, integrated
school safety technologies provide students with smart ID cards to strengthen facility
access management systems. IoT also offers easier management and cost containment of
infrastructures such as HVAC, lighting, and landscape management.
A more connected K-12 infrastructure requires a more
powerful IT network
Supporting these innovations in teaching, learning, and administration requires high
performance connectivity across the entire educational facility. In the classroom
teaching apps that are cloud-based and tailored to mobile devices underscore the need
for pervasive Wi-Fi. The use of IoT (including surveillance, sensors, and wearable tech)
requires that schools provide a network that can securely support this new generation of
technology. Gartner, Inc. forecasts that 11.2 billion IoT devices will be in use worldwide by
the end of 2018, and will reach 20.4 billion by 2020.
1 EDUCAUSE, Technolog y Research in the Academic C ommunity, Student and Faculty Tech nology Use Study, 2017
2 Gartner Says 8.4 Billion Conne cted “Things” Will Be in Us e in 2017, Up 31 Percent From 2016
Brochure
K-12 Education Networking Guide
As students bring more specialized and diverse devices to the classroom as part of the
BYOD movement, the proliferation of device types requires a platform that is device
agnostic. As demands on the network continue to expand, will they overwhelm existing
school networks?
5
Page 6
PAULDING COUNTY SCHOOL DISTRICT
LOCATION: PAULDING COUNTY, GEORGIA
The Paulding County School District is the 13th largest school district in the State of Georgia.
The K-12 District has 19 elementary schools, 9 middle schools and 5 high schools.
Current enrollment is 28,500, and there are 3,400 employees.
There are between 8,000-10,000 wireless connections on the District’s network at any given time.
Challenge
The school district faced
bandwidth shortages in the
classroom, and wireless
capabilities were limited and
unable to meet demand. Also,
networking technology varied
from school to school. The
district wanted a standardized
network solution to deliver
consistent wired and wireless
connectivity across all schools.
Brochure
Brochure
K-12 Education Networking Guide
K-12 Education Networking Guide
Solution
Dedicated switches in each
classroom offer reliable
bandwidth to support
e-learning while access points
in the hallway deliver quality
wireless services for BYOD
devices. A central management
suite provides unied
management of wired and
wireless networks.
Benets
Financial: Implementing managed
switches in classrooms reduced
maintenance, local travel needs
and costs. Upgrading the wireless
network qualied the district for
federal and state matching funds.
User experience: Students can
securely connect their devices to
the network, promoting anytime
anywhere digital learning.
Educators have greater bandwidth
to support teaching and e-learning
tools and devices.
We’re progressively putting the
solution in place at each of our
“
schools and we’ve been getting a lot
of great feedback. The infrastructure
is simple to implement and its
benets are immediate.
JULIE ACKERMAN, EXECUTIVE DIRECTOR
TECHNOLOGY, PAULDING COUNTY
SCHOOL DISTRICT
“
6
6
Page 7
Facing the security challenges
of a connected school
Connected schools that offer more innovative, digital content can provide more
engaged learning experiences and improve the outcomes of K-12 schools. However,
reliance on connectivity also brings network security challenges to these schools.
Growing use of mobile devices and IoT systems increases the exposure to, and
possibilities of cyber-attacks. These risks include a higher threat of ransomware
attacks and other cybercrimes, as well as the exposure of sensitive data and private
information such as student and school employee records.
In fact, education is the second most impacted sector — behind healthcare — with lost
or stolen records globally.
According to Verizon’s 2020 Data Breach Investigations Report, which provides
a snapshot of cybersecurity incidents across the country, 819 “security incidents”
were recorded in the education sector in 2020, with 228 conrmed data exposure
incidents. In addition, ransomware was responsible for 80% of the malware incidents
in primary/secondary institutions.
One of the reasons that hackers increasingly targeting schools is that the networks
contain valuable data, and their systems are relatively easy to crack. According to a
Miami Herald article, many school districts have set up systems to make connectivity
easy, unlike corporations with trade secrets and data to protect. “With free Wi-Fi in
school buildings and a generation of students glued to their smartphones, there are
thousands of opportunities for a hacker to gain access to a school network. Students
downloading free apps on their phones or hopping from one school computer to the
next can spread a computer virus faster than the u during u season.”
For hackers, school networks are a gold mine. As quoted in the Miami Herald, Michael
Kaiser, the executive director of the National Cyber Security Alliance, stated, “If
you’re trying to steal identities or cobble together identities, if you can get a person’s
name, date of birth, home address, you’re starting to get a fairly complete record.
Think of the data school districts have — it’s more than many businesses.”
Three examples highlight the types of attacks that have occurred:
• In 2015, three high school seniors from Commack High School in Long Island, New
York, were charged with hacking into their school’s computer system.
• In 2017 hackers inltrated a Montana public-school network. The hackers sent
texts and emails threatening military style mass killings unless it was paid
$150,000 in Bitcoin. The school was disrupted for nearly a week affecting more
than 15,700 students.
• In 2019, a student hacked the Wi-Fi system and shut down the internet and phone
system at Baker County School District in Florida. The school’s online services were
affected for several weeks.
Beyond the safety risks, lost school time, and ransom payments, school districts also
nd that after-the-fact remediation of school IT networks is a costly way of xing
security problems. Data breaches can cost schools up to $300 per compromised
record.
10
In addition, some state legislatures are considering making school ofcials
accountable for security breaches in their schools.
3 Digital Education: Data Brea ches Cost Education Com panies $300 Per Record, St udy Finds, 2015
4 Verizon’s 2020 Data Breach Investiga tions Report, How long sinc e you took a hard look at your cyb ersecurity?, 2020
5 Miami Herald: “Hack attack s highlight vulnerability of Florida sch ools to cyber crooks” 2017
6 Ibid
7 ABC News: “NY High Schoo l Students Accused of Hac king Computer System to Change G rades” 2015
8 Flathead Beacon: Autho rities: Overseas Hackers S eeking to Extort Comm unity with Cyber Threats 2017
9 First Coast News (NBC /ABC) – “ Student hacks schoo l network to avoid doing school wo rk”
10 Dig ital Education: Data Breach es Cost Education Comp anies $300 Per Record, Stu dy Finds 2015
Brochure
K-12 Education Networking Guide
7
Page 8
Federal programs promote classroom technology
State and federal initiatives are available to improve the education experience in publicly funded schools, with
a focus on technology investments.
In the United States, for example, e-Rate funds, which are
administered by the Universal Service Administrative Company
(USAC) under the direction of the U.S. Federal Communications
Commission (FCC), were established in 1997 to provide discounted
telecommunications, Internet access and internal connections to
eligible schools and libraries. The discounts range from 20 percent
to 90 percent of the costs of eligible services.
The E-rate Modernization Order of 2014 established ve year
budgets and commensurate budget cycles for schools and libraries
to acquire the internal connection services needed to serve their
students and patrons. Changes in the 2021 Funding Year include:
• Start of a new ve-year budgeting cycle
• School districts are no longer locked into budgets per school
• Three new classications of instructional facilities were dened
Brochure
K-12 Education Networking Guide
8
Page 9
Challenges IT teams face when delivering a connected
learning environment
The future of education will be impacted by two fast-evolving technology trends: Mobility and IoT. Each has its own IT requirements and
will create higher demand and dependency on the network infrastructure.
Mobility requires connectivity anywhere, and goes beyond offering Wi-Fi in the
classroom. It requires a seamless experience and connectivity needs to be provided
everywhere in the school, including science labs, gymnasiums, and libraries.
IoT requires easy, fast, and dependable connections to link devices, sensors,
gateways, and the cloud, to ensure they operate efciently and effectively together.
IoT-ready networks need to offer ruggedized services, as K-12 settings may also
include harsh environments such as, playgrounds and school buses. In addition to
enhanced security, and the growing number of mobile devices and IoT, networks
demand more stringent network requirements, including:
• More wireless coverage: Wi-Fi networks need to extend across the entire school
property, and they also need to deliver higher performing Wi-Fi to serve higher
densities of wireless users in classrooms because of 1:1 and BYOD mobile learning
initiatives.
• Higher performance, lower latency computing: School districts must plan for
resiliency in the network. If the infrastructure is not reliable teachers will revert
to traditional teaching practices. While few K-12 schools require a super-computer,
an emphasis on STEM coursework, coding classes, maker spaces and the need to
support virtual and augmented reality can stretch the computing capacity of ad
hoc, limited capacity computing networks. Schools need an underlying IT network
with the power to easily scale fast performance when required.
• Tighter security:The increased use of mobile and IoT devices means more exposure
to hackers. To minimize the possibilities of security breaches, it is necessary to
implement a comprehensive strategy that includes security at the user, device,
application, perimeter, and operating system levels.
• Simple and safe IoT trafc containment: However valuable, IoT networks can pose
risks to assets across the entire K-12 network. Even small IoT systems can put
tremendous pressure on a school’s underlying network infrastructure, as each IoT
sensor and device represents an entry point for potential security threats. Schools
need a segregated, isolated environment with the right conditions for IoT devices
and applications to run efciently and securely.
Schools don’t need the added cost, operational, and management complexity that
can accompany a network upgrade. To benet fully from connected education
technologies, schools need a unied network experience with reliable support for a
growing mobility and IoT network.
Brochure
K-12 Education Networking Guide
9
Page 10
Now is the time to improve your school network infrastructure
Because technology is integral for K-12 education, the performance, security and reliability of the underlying technical network is critical for
enabling collaborative, digital learning experiences and effective administrative operations.
The growing number of, and reliance on, mobile and IoT devices, and the associated security concerns, demand more stringent network requirements to ensure the K-12 IT
platform is ready to support future digital classrooms and school operations.
Learn about our recommendations for designing an efcient, secure, and cost-effective K-12 school network that can meet the technology expectations of students and
teachers, and enable more collaborative digital learning experiences:
School districts in the US reveal their digital priorities and practices
The Center for Digital Education and the
National School Boards Association in the U.S.
have conducted the Digital School Districts
survey, since 2004, to identify emerging trends
around primary and secondary leadership,
governance, accountability, engagement, data
management, and security. According
to the survey, the top ve digital
priorities for school districts in 2021 are:
1. Personalized learning
2. Digital content and curriculum
3. Professional development
4. Mobility (one-to-one and/or BYOD)
5. Upgrade classroom technologies
In 2021, school districts identied the top three
drivers for improving digital infrastructure:
1. Preparing children for the 21st century economy
2. Improving student performance
3. Supporting innovative teaching practices
Mobility in 2020:
• 89% of districts use mobile devices
• 88% of districts have a mobile
• 80% of districts train teachers or have
89% 88% 80%
for assessments
device policy in place
policies regarding how to protect student
privacy when using mobile apps
Brochure
K-12 Education Networking Guide
10
Page 11
MIDDLE COUNTRY CENTRAL SCHOOL DISTRICT
LOCATION: LONG ISLAND, NEW YORK
The Middle Country Central School District (MCCSD) is located in Long Island, New York, and covers
an area of about 16 square miles.
MCCSD is the 3rd largest suburban district in New York, with 2 high schools, 2 middle schools,
8 elementary schools, 2 pre-K/kindergarten centers and a career academy.
The district has an enrollment of over 10,000 students and close to 1700 staff members, including 600 teachers.
Challenge
The district wanted to upgrade to
a reliable infrastructure to support
classroom teaching and improve
network speed tenfold. They also
wanted to replace aging equipment
and invest in a long-life network to
support the anticipated demands of
future projects.
K-12 Education Network Guide
Brochure
Laying the groundwork for tomorrow’s digital schools
K-12 Education Networking Guide
Solution
Latest generation switches provide
high capacity to the classroomand
Power over Ethernet (PoE) for
continuing expansion of cameras,
phones and wireless access points.
The network core provides speedy
and trouble-free application access,
while the management suite allows
access to network troubleshooting,
conguration, maintenance and
backup from any device, xed or
mobile. The policy management
system allows staff to onboard
devices and serves as a foundation
for future BYOD access.
Benets
Financial: The new network empowers
the school district to collapse disparate
networks, for example for analog cameras
or digital phones, and generate important
savings.
User experience: Users benet from higher
desktop internet browsing speeds as well as
faster login speeds. Teachers can use in-class
tools such as smart boards and Apple TVs
without interruption due to bandwidth or
quality issues.
We understand that the best network
is the one that users don’t notice
“
because it simply performs, and is
ableto deal with anything a student
or teacher or administrator or IT
staffer demands of it. Our previous
generation was nearly invisible but
there were still some issues due to
aging equipment. The Alcatel-Lucent
Enterprise solution is taking us to the
next level and will help us achieve
our future objectives as well.
VINCENT RAICOVI, ED.D., DIRECTOR OF
TECHNOLOGY, BUSINESS AND INFORMATION
SYSTEMS, MIDDLE COUNTRY CENTRAL
SCHOOL DISTRICT
“
11
11
Page 12
Eight recommendations for an efcient,
secure, cost-effective K-12 network
1. Understand the limits of the existing network
The rst step in building a next-generation K-12 network is to analyze and evaluate
the capabilities of the existing network infrastructure. The core network itself may
be outdated and unreliable. It may be too complex and structured with too many
layers to efciently support multimedia applications.
Maintaining the network may be too expensive because many of the elements have
reached the end of their life cycle. Additionally, the aging infrastructure may not
support the new wave of multimedia applications. As well, the wireless portion of
the network may be outdated.
The network may provide spotty coverage in some areas of the school and facility,
while it is not available at all in others. The access points (APs) may not support
the latest mobile devices with the new generation of wireless technologies and
protocols, such as 802.11ax (Wi-Fi 6).
Lastly, the network may not be structured to enable efcient, ongoing management.
Most school networks are managed in silos, with different platforms for local area
network (LAN) conguration/management, wireless LAN (WLAN) conguration/
management, and service level management. This makes it difcult to enforce
consistent, reliable behavior for the entire network that will meet student and
teacher expectations. Consider a cloud-based network management for further
simplication of the IT operational tasks.
Brochure
K-12 Education Networking Guide
12
Page 13
2. Deliver a high performance access network
Supporting digital learning requires a WLAN infrastructure that can handle a large inux of
mobile devices and the bandwidth-hungry applications running on them. There are several
things you can do to prepare for this:
• Plan for density: Students carry multiple mobile devices which are either school provided or
their own (BYOD). Adding teacher devices, classroom tools like projectors and printers, and all
sorts of new IoT devices, means planning for density is planning for success. Wi-Fi 6 supports
more devices concurrently which is benecial in dense environments.
• Assess WLAN bandwidth requirements: Determine what is required to support instructors
teaching style, including mobile devices. For example, if teachers expect to use video-based
teaching aids that stream video to multiple devices, a WLAN network capable of supporting
multiple, high quality video streams will be required. An HD-quality video stream uses 4 Mb/s
of bandwidth per user and interactive learning games require multi-megabits of bandwidth
per user.
• Handle bandwidth needs with 802.11ax Wi-Fi 6 technology: Gigabit Wi-Fi devices are already
available to students. Adopting 802.11ac Wave 2 Wi-Fi technology, enables faster data rates
and multiple concurrent downstream communications to multiple wireless devices, resulting
in better support for increased users, devices, and applications. Wi-Fi 6 provides additional
bandwidth improvements up to four times per user or device and improves quality in highdensity environments by minimizing radio collisions and interference.
• Eliminate roaming issues: As students roam between access points, their devices can get stuck
on an AP instead of associating with a closer one that has a stronger signal. The ideal network
infrastructure should eliminate this so that older generation devices or disproportional
distribution of users don’t drag down the network.
• Adjust LAN access to support new generation access points: 802.11ac Wave 2 APs typically
generate an aggregated throughput above 1 Gb/s. To avoid bottlenecks and cabling rework,
upgrade to access switches that support 2.5 G/5G ports (with PoE) and 10G uplinks.
• Improve wireless security: Wi-Fi 6 uses WPA3. WPA3 is more secure than WPA2. We strongly
recommend the implementation of the new standard in view of the growing needs in terms of
Wi-Fi and the multitudes of vulnerabilities discovered in recent years on existing protocols.
• Extended battery life: Efcient use of power for devices by using Wi-Fi 6 Target Wakeup
Time (TWT) feature.
802.11ax Wi-Fi 6 features many benets over previous
technologies, including
• OFDMA provides for a higher granularity of the bandwidth resource
allocation, according to each device needs. This translates into an
increase of the throughput up to four times per user.
• The Multi-User MIMO in Wi-Fi 6 supports up to eight simultaneous
streams both up and downlink, versus the four simultaneous streams
downlink in Wi-Fi 5. This permits it to serve more devices at the same
time and is particularly useful in dense environments.
• With 1024-QAM, the packets contain more data, meaning an increase
of 25% in physical capacity and up to 39% increase in raw speed
• With BSS Coloring, the network automatically detects and identies
other WLANs, minimizing radio collisions and interference on the
same channel. This results in more stability and better quality in highdensity environments.
• With Targeted Wakeup Time, connected devices can go to “sleep” when
they are not transmitting or receiving data. This means a savings of
up to a 67% power consumption and the extension of the devices’
battery life.
• WPA3 is the latest generation standard for Wi-Fi security. It solves the
detected vulnerabilities of WPA in previous Wi-Fi standards.
:
Brochure
K-12 Education Networking Guide
13
Page 14
3. Ensure the core/data center is not a bottleneck, while
reducing cost per student
The core is the most critical part of the school infrastructure because it must support more than
80 percent of all LAN and Wi-Fi user trafc for applications and communications. To get the full
benet of a next-generation access infrastructure, evaluate the network trafc to determine: where
the bottlenecks could occur; what is needed to ensure the network can identify and prioritize
education- critical applications; and the type of network elements required to reduce latency for all
trafc.
When planning the new network consider:
• Deploying 10G, 25G, 40G, 100G switches that eliminate bottlenecks and support virtual
network design
• Right-sizing with small, high capacity switches that can form a virtual chassis and provide
multiple terabits per second of switching capacity
• Streamlining the wired infrastructure by reducing the number of layers in the network design — in
many cases it is possible to eliminate the distribution layer, reducing capital expenditures (CAPEX)
and operating expenditures (OPEX)
• Choosing newly-designed, less power-hungry switches with lower power requirements
• Vendors that support pay-as-you-grow strategies that reduce budget pressures, but don’t
compromise product features
Intelligent Fabric
4. Improve network capacity and reliability
Shortest Path Bridging (SPB) enables each node to deliver network
trafc using the shortest, most optimal path available, resulting
in less latency. When multiple links are available for redundancy
purposes, previous technologies (such as Spanning Tree), had to
choose a primary link. All other links are de-activated, remaining on
standby in case the main link fails. This approach is an inefcient
use of network resources.
With SPB, all links are kept active at all times, resulting in better
capacity and performance. If links fail, the recovery is faster with
SPB than with Spanning Tree, meaning no real-time trafc such as,
video or voice is impacted.
Network virtualization is easy with SPB — conguration is
only needed at the edge of the infrastructure fabric, while all
intermediate notes remain unchanged independent of the size
and complexity of the network. This considerably reduces the
operational time to do moves/adds/changes and improves the
network scalability.
Intelligent Fabric (iFab) simplies the design and operation of networks, offering self-conguration and self-attachment. iFab also provides high performance, resiliency
and exibility. Self-conguration reduces the amount of time required to establish connections between nodes. When new equipment is added and cables are connected,
new devices are automatically detected. The network is auto-congured and operational in just a few minutes, making moves, adds and changes much easier. This
avoids the need to have IT personnel with specic expertise for new equipment installations. In networks with iFab, performance and resiliency are both improved as it
leverages Shortest Path Bridging (SPB) technology.
Brochure
K-12 Education Networking Guide
14
Page 15
5. Enable pervasive mobility
Ensuring all devices coming into the K-12 environment get their share of network
resources, on both wired and wireless networks, can be achieved with a network
solution that offers Unied Access control over network services, and the same
Quality of Experience (QoE) over wired and wireless networks. Students, teachers,
staff and administrators will connect to the school network with a variety of devices.
This can create access and trafc management challenges. An advanced Unied
Access solution allows for:
• Creation of a simple captive portal that displays a web page. This is similar to a
Wi-Fi hot spot where students can accept the connection or sign-in using their
school credentials, if you want to map trafc back to an individual user.
• Simplied device on-boarding, enabling users to self-enroll. Once authenticated,
future connections will be automatic, without requiring the user to re-authenticate.
• 802.1X authentication with Advanced Encryption Standard (AES) security features
enabling users to self-enroll, automatically generating and installing device
certicates through a web portal with no IT assistance.
• Enforcement of a differentiated network access based on contextual information,
granting network access privileges based on user roles (for example, students,
teachers, or staff), device types (laptops, tablets, or smartphones), and location
(classrooms, common areas, or playgrounds), which also enables secure
management and enforcement of differentiated policies.
.
Unied Access provides the same network services
for wired and wireless environments
The Alcatel-Lucent Enterprise Unied Access solution delivers a high quality,
user experience on any wired or wireless network. The solution provides
a common set of network services, a policy framework, authentication
scheme, and a single authentication database that are applied to all users
accessing the network with either wired or wireless devices. These network
services automate many of the processes that are currently handled
manually, and enable IT teams to ensure that:
• The LAN and the WLAN behave and are managed as one network
• Quality delivery of all applications is enforced consistently at all times
• Security is maintained throughout the network
The Unied Access solution is delivered with one management system that
provides end-to-end visibility, avoids duplication of tasks, and offers better
troubleshooting tools for all network management requirements.
Unied Access enables the management of mobility in a secure and
consistent way, with each group of users assigned specic proles and
permissions. Depending upon their permissions, each group of users is
granted different access rights. For example, teachers could be given
different permission than students, based on a different VLAN, with
reserved bandwidth and different trafc priorities assigned to them.
Brochure
K-12 Education Networking Guide
.
15
Page 16
6. Ensure the network is IoT friendly
With so many IoT devices expected to connect to the network, the challenge with any
network deployment is to make it as easy as possible to connect these devices, while
keeping the network secure.
IoT enablement does this by providing automated device onboarding and by associating
devices to a virtual network using either VLANs or SPB services. These virtual networks
include policies that dene Quality of Service (QoS) and security rules that apply to the
contained IoT system.
7. Allow for simplied operations
One way to simplify day-to-day operations is to build and operate a single, robust network,
with virtual networks for unique requirements, rather than separate, dedicated networks.
A single physical infrastructure can support many different devices and users with various
virtualization techniques. In addition, proles can be assigned to different user groups. As
users move around the school, their prole denes the type of access they receive.
Another key point is to use a single management system for the entire network. As with
Unied Access, the policies applied to users, devices and applications for wired network
solutions can be based on the same contextual data as the wireless network. This simplies the
network deployment and management efforts, providing full control of the trafc coming from
the access layer.
Your strategy to simplify operations should also include automation. Examples include
automated congurations (see iFab), automatic device onboarding, and guest self-registrations.
By simplifying operations, highly-trained IT personnel are free to handle more complex
tasks or more strategic initiatives, including the support of next-generation digital learning
applications in the classroom, or providing full mobility for students.
IoT enablement
IoT enablement provides the appropriate network resources required
for IoT systems to operate efciently. Different devices such as
HVAC sensors, science lab equipment, and security devices are all
assigned proles, similar to what is done for users in Unied Access.
These devices are then placed in a “virtual container” using network
virtualization techniques that allow for all devices to use the same
physical infrastructure while remaining separate from the rest of the
network. In these virtual containers, QoS and security rules are applied
to ensure the IoT system works with the necessary network resources
to run efciently and securely.
To simplify device onboarding, IT can create a xed number of proles
(for example, one for student devices, one for teacher devices, one for
HVAC systems, and one for security systems). All this information is
sent to all switches and Wi-Fi APs in the network and, when devices
connect, they are assigned to the appropriate virtual environment
and communication is limited to the devices within that environment
and the application in the data center that controls the devices. This
is benecial as it minimizes any potential damage resulting from a
malicious attack by limiting the number of devices accessible within
the same prole. If a breach occurs, the rest of the network is not
exposed, as other devices are contained in other parts of the network.
Brochure
K-12 Education Networking Guide
16
Page 17
8. Offer in-depth security
SECURE THE NETWORK, DEVICES, USERS AND APPLICATIONS.
ENHANCE CYBERSECURITY WITH A MULTI LAYERED APPROACH
Figure 1. The modern approach to security is to provide protection at every level
Network security is a major concern for every K-12 school, especially with the growing
popularity of mobility and the IoT. The modern approach to security is to provide not
only rewalls, but protection at every level (as shown in Figure 1), including:
• At the user level, verifying that users are always authenticated and authorized
with the correct access rights (using proles)
• At the user device level, checking that devices are authenticated, classied, and
eventually put into quarantine if their behavior becomes suspicious
• At the application level, setting rules associated with specic applications
(including blocking and limiting bandwidth or who can use them)
• At the IoT device level, using containerization (as described previously) to netune security rules and limit the spread of security breaches
• At the network level, taking measures to remove vulnerabilities in the physical
equipment, including network devices, switches, routers, and APs
Secure
diversified
code
Network
integrity
OS Hardening
DoS Attack
Protection
Automated
operations
Common
Criteria /
FIPS / JITC
IoT
Containment
Devices
security
Fingerprint
Onboard
(802.1X,
Certificates)
Health Check
Apple/DLNA
Multimedia
VLAN, SPB,
VXLAN
Segmentation
Network
Access Control
User
profiles
Network
Access Control
(NAC) - Access
Guardian
Profile-driven
policies
Protect User
Privacy
(PVLAN)
Encrypted
Management
Application
Visibility and
Enforcement
Applications
and Analytics
Devices and
Applications
Visibility
(DPI)
Application
Enforcement
Top N
Reports
Predictive
Analysis
Profile-driven
Policies
Brochure
K-12 Education Networking Guide
17
Page 18
Other security technologies that should also be included in any network solution
include:
• Media Access Control security (MACsec), an IEEE standard (802.1AE) that
provides security in wired Ethernet LANs. MACsec, for example, can be used to
encrypt trafc that might travel to a remote data center that is used for back-up
or disaster recovery.
• Integrated Distributed Denial of Service (DDoS) protection. A DDoS attack
temporarily or indenitely interrupts or suspends services of a host connected
to the internet. There are multiple known techniques used by DDoS attacks (for
example, SYN attack, ARP ood attack, ICMP Ping attack) and smart network
devices should automatically detect and block devices attempting to create
such disruptions.
Smart analytics
Smart analytics allows for improved IT business decisions and network
planning. This can be achieved by providing visibility and detailed information
about the network, users, devices and applications being used on the network.
Deep packet inspection (DPI) capabilities provide details not just on what people
are accessing online, but what applications are being used most. Data can then
be aggregated, presented and acted upon. For example, certain apps can be
restricted and bandwidth can be reserved or limited. Insights can be garnered
on what tools are being commonly used and which users are consuming the
most bandwidth.
Predictive analysis monitors and analyzes trends for multiple days and weeks.
An articial intelligence (AI) algorithm built into the analytics tool creates
baselines based on “normal” network trafc behavior, can then predict what will
happen in the future. For example, warnings can be provided when it’s time to
upgrade a switch that is about to run out of available bandwidth.
Finally, analytics can also be used to improve security. Based on the same
established baselines, the AI algorithm can send notications when unusual
network trafc patterns are detected.
Brochure
K-12 Education Networking Guide
18
Page 19
PUXICO SCHOOL DISTRICT
LOCATION: PUXICO, MISSOURI
Puxico School District is a K-12 district located in Puxico, Missouri.
It has about 850 students and 130 members of staff. The district has 3 schools and a total of 6 buildings.
During its research phase, the district took note that Alcatel-Lucent Enterprise solutions were rated very positively
by other schools.
The quality of service delivered by NovaCopy, the business partner, was outstanding.
Challenge
The district wanted to replace
its 1 GB backbone, comprised of
switches from multiple vendors,
with a higher performing
and uniform 10 GB core. The
solution needed to support a
growing number of devices,
including student laptops and
digital security cameras, and
scale to future needs. A reliable
wireless network was critical,
as the district was required
to implement state mandated
testing for all students.
K-12 Education Network Guide
Brochure
Laying the groundwork for tomorrow’s digital schools
K-12 Education Networking Guide
Solution
The District has been able to
scale up the network to meet the
demands of current and future
projects, for example, adding
IP phones and implementing
wireless devices in the district.
Network management is greatly
simplied due to remote device
management.
Benets
Financial: Network maintenance
was simplied, freeing the
district’s technical team to focus
on other tasks. The solution,
nanced by federal E-Rate
funding, offers great value while
staying within budget.
User experience: Students now
have the connectivity they need
to take their tests wirelessly
without performance issues.
The network-supported security
system upgrade maximizes safety
for everyone onsite.
The Alcatel-Lucent Enterprise
solution ticks all of the right
“
boxes for us. It’s helped us meet
our objectives and has made
network management simpler.
We look forward to continuing
our partnership with ALE USA, Inc.
and NovaCopy.
DON MCROY, TECHNOLOGY COORDINATOR,
PUXICO SCHOOL DISTRICT
“
19
19
Page 20
A comprehensive portfolio: From school to data center
Alcatel-Lucent Enterprise features a broad product portfolio that extends from the access (LAN and WLAN) to the core
network and data centers.
It includes WAN routers and comprehensive network management platforms.
Figure 2 depicts the Alcatel-Lucent Enterprise network portfolio available for
educational institutions.
The high-level overview of the product families is described below and provides a
better understanding of where they t in today’s K-12 environment.
Pervasive network access
Network access includes both wired and wireless equipment:
• Wired access is provided by stackable gigabit LAN switches, including the
Alcatel-Lucent OmniSwitch® 6350/6450 Gigabit Ethernet LAN Switches, as well as
the multi-gig Alcatel-Lucent OmniSwitch 6560, and the advanced Alcatel-Lucent
OmniSwitch 6860E Stackable LAN Switch family which includes gig and multi-gig
ports, integrated DPI and SPB. There are also two hardened switch families for
outdoor and harsh condition areas: the Alcatel-Lucent OmniSwitch 6865 Hardened
Ethernet Switch and the Alcatel-Lucent OmniSwitch 6465 Compact Hardened
Ethernet Switches.
• Wireless access is provided by a variety of high-performance 802.11ac Wi-Fi APs.
Alcatel-Lucent OmniAccess® Stellar family of controller-less APs offers a solution
that best adapts to your needs. Models include a variety of indoor and outdoor
ruggedized APs with on-premises or cloud-based management.
These APs include the Unied Access technology. When they are combined into one
network, they offer a consistent QoE and a single management system on premises
Alcatel-Lucent OmniVista® 2500 Network Management System or cloud-based
Alcatel-Lucent OmniVista Cirrus Network Management as a Service.
Figure 2. Alcatel-Lucent Enterprise Network portfolio
Management
OmniVista 2500,
OmniVista Cirrus, PALM
Location Based Services
Stellar Cloud Manager
On the move School buses Elementary Middle school High school Data centers
WLAN
LAN
CoreAccess
OS6900
OS6860
AP1232 AP1222
AP1251
OmniAccess® Stellar APs
OS9900
OS6865 OS6465
OS6560
OS6450
AP1201
AP1201HAP1231AP1311
OS6350 OS2220
Brochure
K-12 Education Networking Guide
20
Page 21
A resilient and high-performance core
An optional aggregation layer
The network core includes high-performance wire-rate 10GigE, 25Gig, 40GigE, and
100GigE network switches that provide high port density and switching capacity. It
includes the market-leading Alcatel-Lucent OmniSwitch 6900 Stackable LAN Switch
family which comes in a compact 1U form factor and the versatile Alcatel-Lucent
OmniSwitch 9900 Modular LAN chassis.
Virtualization is used to eliminate inefciencies introduced by protocols like
Spanning Tree. Instead of disabling all redundant links and using them only if the
main link or switch fails, virtualization enables the network to keep multiple links
active and to fully utilize all available resources. Virtual Chassis (VC) technology
enables up to six OmniSwitch 6900 Stackable LAN Switches to be combined and
behave as a single fully redundant unit. In many cases this can replace expensive
chasses, require less space and power, and be deployed at a lower cost. The VC
also provides fast re-convergence if equipment fails, without impacting real-time
application user experiences, such as voice or video.
Core products incorporate the award winning iFab technology that offer a set of
capabilities, including automation techniques that simplify the design, deployment,
and operation of the network.
Due to the high performance and high density of the Alcatel-Lucent core switches,
in many cases there is no need to have an aggregation layer. This lowers the latency
and reduces the capital investment. However, in some cases, the architecture and
distance of school buildings or facilities make the traditional three-layer architecture
more cost-effective. The OmniSwitch 6860E and the OmniSwitch 6900 switches
previously described are excellent options for this type of architecture layer.
Brochure
K-12 Education Networking Guide
21
Page 22
End-to-end network management
The management suite includes all tools needed to provision, monitor, analyze and
troubleshoot the network. The OmniVista platform can manage the LAN, WLAN,
core, WAN and datacenter from a centralized single pane of glass. It is offered in
two versions: on premises OmniVista 2500 version, and a cloud OmniVista Cirrus
version. They offer similar capabilities, so institutions can choose the model that best
adapts to their needs. OmniVista Cirrus is hosted in a public and secure cloud with a
subscription-based model for 1, 3 or 5 year terms.
The management suite also includes a unied policy and authentication manager,
BYOD and guest access services..
In conjunction with OmniVista, the Alcatel-Lucent ProActive Lifecycle Management
(PaLM) cloud-based application that provides network asset management
functionality, including inventory lists and visibility into the hardware, OS, warranty
and support services.
The Alcatel-Lucent Enterprise portfolio offers the performance, resilience, and all
interfaces needed to connect the school, from the user devices and IoT endpoints,
all the way to the data center, by providing a variety of speeds and interfaces to
address specic needs.
The diagram below summarizes the multiple options available.
Figure 3. The Alcatel-Lucent Enterprise portfolio offers the performance, resilience, and all
interfaces needed to connect your institution
1G->2.5G
1G->10G
10G->25G->40G->50G->100G
1G->10G->25G->50G->40G->100G
*MACsec: encrypted networking
@ line rate – encryption in PHYs
OS6450
OS6900
MACsec*
VC of OS9900 VC of OS6900
OS6560 OS6860E
OS 6900
OS 6900
OS6860E
OS 6900
OS 6900
MACsec*
or
Servers and storage
PoE, PoE+, HPoE
Optional distribution layer
OS 6900
OS 6900
FC, FCoE, iSCSI over Eth
Brochure
K-12 Education Networking Guide
22
Page 23
Technology is increasingly central to education
For many students, the way a school integrates IT into the K-12 environment can be just as important as their favorite classes, or the
structure of the curriculum. Most students today don’t remember a time before the internet and they expect to be able to connect with any
device, anywhere, in and around the school, whether it’s to communicate, be to entertained, or to access educational resources.
In addition to student expectations, a K-12 network must also meet the technology
requirements of school administration, staff, and IT departments.
When designing an efcient and cost-effective school network it is important to:
• Understand the limits of the existing network: Objectively analyze and evaluate
the capabilities of the existing network infrastructure to ensure that it meets the
expectations of students, staff, and teachers.
• Deliver a high-performance network: Provide a WLAN infrastructure that can
handle a large inux of mobile devices and the bandwidth-hungry applications.
Ensure the network core does not become a bottleneck: increase capacity and use
technologies such as SPB to maximize infrastructure performance.
• Enable pervasive mobility: Ensure that all devices coming into the K-12
environment get their share of network resources with connectivity everywhere
and the same QoE over wired and wireless networks, with simplied device
on-boarding.
• Ensure the network is IoT friendly: Simplify the connection of IoT devices, while
keeping the network secure.
• Allow for simplied operations: Build and operate a single, robust network, with a
single management system and virtual networks for unique requirements, rather
than separate, dedicated networks.
• Offer in-depth security: Provide not only rewalls, but protection at every level,
for users, devices, applications, and the network.
The K-12 network has become an important asset for creating
a collaborative learning environment that enables new
instructional experiences for students and new opportunities
for teachers to plan and deliver more engaging lessons. It
also provides the technologies for school administrators to
simplify operations, better comply with regulations, and
provide a safe environment for students and teachers. The
growing number of mobile and IoT devices — alongside the
associated security concerns — requires stringent network
requirements to ensure that it is ready to support the digital
schools of the future.
Brochure
K-12 Education Networking Guide
23
23
Page 24
Connected education
Where education connects with technology that works.
For your school, college or university. With global reach and local
focus, we deliver purpose built networking and communications
for the education environment that enable secure, reliable
collaboration between your faculty and students.
https://www.al-enterprise.com/en/industries/education
www.al-enterprise.com The Alcatel-Lucent name and logo are trademarks of Nokia used under license by ALE. To view other trademarks used by afliated
companies of ALE Holding, visit: www.al-enterprise.com/en/legal/trademarks-copyright. All other trademarks are the property of their respective owners. The
information presented is subject to change without notice. Neither ALE Holding nor any of its afliates assumes any responsibility for inaccuracies contained
herein. © Copyright 2021 ALE International, ALE USA Inc. All rights reserved in all countries. MPR00031692EN (February 2021)
Loading...