From: eSchool News
http://www.eschoolnews.com/resources/minimizing-classroom-disruptions/articlesmcs/index.cfm?rc=1&i=36857&i-d
By Lee Sleeper
In a perfect world, public school acceptable-use policies (AUPs) wouldn't be necessary. However, school network administrators know that access to the internet and other network resources can be too tempting for students at times.
On any given day, abuse of the network can range from inadvertent to criminal, and the network administrator's challenge is to prevent minor annoyances from turning into major problems. The answer starts with comprehensive network monitoring software built on solid reporting functionality. At the Bullard Independent School District in Bullard, Texas, we use a product from California-based network services provider Lightspeed Systems called Total Traffic Control v6.0.
Total Traffic Control serves as our first step in identifying significant non-educational internet usage. When we first implemented this tool, the traffic hitting our T-1 line was averaging about 900 Mbps during peak times of the day.
Using Lightspeed's customized reporting tools, we identified a large amount of non-educational traffic hitting the internet from school computers. We shared this information with the district's campus administrators who, in turn, held a series of meetings with school staff to discuss the district's AUP. We also reinforced with all students the terms of the AUP agreement they signed along with their parents. Very precise reports gave us the tools to do that in a way that left no room for debate.
Second, we used Total Traffic Control's reports to quickly identify who and where the users and abusers were on the network. Using these reports, we began to realize that many of the bandwidth issues we were experiencing were the result of students using our computers as their own personal radio devices, downloading music files or sharing curious files.
After installing Total Traffic Control and sharing the reports with campus administrators, total bandwidth usage dropped 30 percent within two weeks. Music downloads, accessing inappropriate web sites, and anything else that contradicted the AUP was made more difficult, giving the district more available internet bandwidth.
Finally, we implemented procedures to provide appropriate reports to the district superintendent and principals when users violated the terms of the AUP. Total Traffic Control formats these reports to demonstrate compliance with the Children's Internet Protection Act and, if necessary, to provide forensic evidence to law enforcement.
Total Traffic Control v6.0 also includes a desktop security agent that can be deployed to discover all known "good" programs running on the network. Based on this discovery process, and our AUP, network administrators can allow only permitted programs to run anywhere on the network, allow only permitted programs to "talk" on the network (i.e., "unofficial" programs can run locally only), and/or allow all programs to run. The software then allows for reports that identify any new programs installed on the network. After deploying these tools, Ballard now has a better handle on its network traffic patterns and the ability to control this traffic as necessary. Based on our district's experience, we've created this checklist for efficient, cost-effective AUP enforcement:
1. Select monitoring software with easy-to-read reports.
Your monitoring software should generate reports that are easy enough to be used and understood by non-technical district employees. Ideally, these non-IT individuals can be assigned administrative rights to access what they need directly.
2. Gather "before" and "after" snapshot reports.
Keep a snapshot of network traffic before you change anything. Then take another snapshot after implementing AUP enforcement actions. This includes blocking search results for inappropriate keywords and phrases, forcing Google Safe Search, blocking P2P traffic, etc. This approach will document the impact of AUP enforcement and guarantee the network is being used for educational purposes.
3. Identify and monitor key "Canary in the Coal Mine" reports.
For example, Total Traffic Control has several reports that can identify potential problems quickly. From these reports, we can drill down to actual machines to determine if our AUP is being violated. Sample reports include Bandwidth Traffic by User, which indicates potentially troublesome large downloads, and Suspicious Search Engine Queries, which detects anyone persistently trying to evade our filtering policy.
4. Be patient and thorough.
Monitor traffic--make sure to save reports for reference--and periodically review key reports for anomalies. Inadvertent AUP violations should not be your focus. Rather, systematic abusers are the users who most likely create substantial problems. If a clear pattern of inappropriate behavior is established, there is no chance that impermissible content arrived "by accident" on a user's desktop.
5. Involve appropriate personnel.
Some AUP violations are relatively minor and are best handled by IT staff blocking inappropriate activities. But others might have substantial personnel and even legal ramifications. Issues at this level are turned over to campus administrators and the district superintendent for appropriate action.
AUP enforcement is possible on a limited budget with a limited staff. Success requires sufficient investment in appropriate technology tools, as well as sound procedures--a small price to pay to protect children, ensure regulatory compliance, and uphold your district's reputation as an institution in which learning comes first.
Lee Sleeper is the technology director for Bullard Independent School District.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment