I have chosen two new ways to get my blog more exposure. I linked my blog to facebook, I felt that with the shear magnitude of people that visit the website, surely to goodness someone will visit my blog. The second strategy I initiated was ping-o-matic, which hopefully solved my only peeve, which was when I searched with Google.com my blog would not be in the search results.
So far through google analytics I have a total of 40 views with the average session time of 2min 30 secs. I will keep you up to date and we will see which way is the best to get the viewers.
The disseminating information through a blog and twitter is going to be very useful. I have created a blog rcpstech.blogspot.com that I am trying to populate with as many how-to's as I can possible do. In the past information was sent to the teacher either through email or newsletter, by using a blog the teachers can revisit the information as often as they wish. Also they can search the blog for articles that they might have missed. Also I have put entered information that I deem necessary for me to remember for my job, it is like a notebook of past experience.
Followup:
Just so my readers know ping-o-matic and facebook really increases your exposure. My viewer percentage is up 1050% in the last two weeks, the average page time length is 3 minutes these stats are from google analytics.
Thanks to all that viewed it.
Thursday, April 21, 2011
Wednesday, April 13, 2011
WAP Downgrade from LWAPP to Autonomous AP and to bind to another WLC
If the Cisco 1230 LWAPP was a member another wireless network the certificate must be removed and regenerated to bind to another network controller.
Follow these steps to revert from lightweight mode to autonomous mode by loading a Cisco IOS release using a TFTP server:
Step 1 The PC on which your TFTP server software runs must be configured with a static IP address in the range of 10.0.0.2 to 10.0.0.30.
Step 2 Make sure that the PC contains the access point image file (such as c1200-k9w7-tar.122-15.JA.tar for a 1200 series access point in the TFTP server folder and that the TFTP server is activated.
Step 3 Rename the access point image file in the TFTP server folder to the default image name - it will c1200-k9w7-tar.default for an 1200 series AP c1130-k9w7-tar.default for an 1130 series AP
Step 4 Connect the PC to the access point using a Category 5 (CAT5) Ethernet cable.
Step 5 Disconnect power from the access point.
Step 6 Press and hold the MODE button while you reconnect power to the access point.
Step 7 Hold the MODE button until the status LED turns red (approximately 20 to 30 seconds), and release the MODE button. For the 1130 APs, hold the button until the console indicates that the button is pressed (the R LED will be solid red): button is pressed, wait for button to be released... button pressed for 25 seconds process_config_recovery: set IP address and config to default 10.0.0.1
process_config_recovery: image recovery image_recovery: Download default IOS tar image tftp://255.255.255.255/c1130-k9w7-tar.default
Once it starts uploading, the E & R LEDs will both be blinking (1130 AP). Once you release the button, you should see the console extracting files from the tarball on the TFTP server.
Step 8 Wait until the access point reboots as indicated by all LEDs turning green followed by the Status LED blinking green. You can also observe the console to see when it reboots - this is a better bet, as some APs behave differently than others in terms of LED operation.
Step 9 After the access point reboots, reconfigure the access point using the GUI or the CLI
Now plug in a live network ethernet to join to the WLC, CAPWAP discovery should find the device and add to the system. It will auto generate a new certificate (SSC)
Follow these steps to revert from lightweight mode to autonomous mode by loading a Cisco IOS release using a TFTP server:
Step 1 The PC on which your TFTP server software runs must be configured with a static IP address in the range of 10.0.0.2 to 10.0.0.30.
Step 2 Make sure that the PC contains the access point image file (such as c1200-k9w7-tar.122-15.JA.tar for a 1200 series access point in the TFTP server folder and that the TFTP server is activated.
Step 3 Rename the access point image file in the TFTP server folder to the default image name - it will c1200-k9w7-tar.default for an 1200 series AP c1130-k9w7-tar.default for an 1130 series AP
Step 4 Connect the PC to the access point using a Category 5 (CAT5) Ethernet cable.
Step 5 Disconnect power from the access point.
Step 6 Press and hold the MODE button while you reconnect power to the access point.
Step 7 Hold the MODE button until the status LED turns red (approximately 20 to 30 seconds), and release the MODE button. For the 1130 APs, hold the button until the console indicates that the button is pressed (the R LED will be solid red): button is pressed, wait for button to be released... button pressed for 25 seconds process_config_recovery: set IP address and config to default 10.0.0.1
process_config_recovery: image recovery image_recovery: Download default IOS tar image tftp://255.255.255.255/c1130-k9w7-tar.default
Once it starts uploading, the E & R LEDs will both be blinking (1130 AP). Once you release the button, you should see the console extracting files from the tarball on the TFTP server.
Step 8 Wait until the access point reboots as indicated by all LEDs turning green followed by the Status LED blinking green. You can also observe the console to see when it reboots - this is a better bet, as some APs behave differently than others in terms of LED operation.
Step 9 After the access point reboots, reconfigure the access point using the GUI or the CLI
Now plug in a live network ethernet to join to the WLC, CAPWAP discovery should find the device and add to the system. It will auto generate a new certificate (SSC)
Wednesday, March 30, 2011
Wireless Enterprise Management
Wireless is a pretty nice technology, set it up and go. Plus it beats wired devices, one hand down. A wired device has great speed and bandwidth, but there has to be a ethernet run for each computer that needs to be connected. With new wireless standards, the speed and bandwidth is now starting to rival that of wired devices.
From a users point of view, wireless means you're able to move around unconfined by wires. But from an administrators point of view, wireless means another device that needs to be setup. Setting up a wireless device is a small, relatively easy process, but when you are setting up a couple thousand devices it can become time consuming. When you have that many devices it also becomes hard to distinguish who is a legitimate user and who is not.
Enterprise Management
There are a couple of ways to make sure everyone that is attaching to the network is an authorized user. The easiest is mac authentication, but it is also the most time consuming. It works by the network engineer recording the mac address of all devices in the wireless system. Only the devices that are entered into the system will be able to attach. If an authenticated user brings another device in, it will not work. This is an OK method, but if you have a lot of turn-over it can be time consuming to keep it up to date.
Another method would be a radius server. A radius server is much like the mac address list mentioned earlier, except it contains a list of users that have the ability to have access. A radius server is good because the list is built off of another list like LDAP or AD. LDAP and AD is a sort of database of all users that have the ability to login to the network. Those user rights are just extended to the wireless devices. This keeps you from having to maintain multiple lists.
One nicety of having wireless authentication verified through AD is that all wireless profiles (setup) can be pushed out with a group policy. Meaning you never have to touch a computer to setup the wireless configuration. At least with a Microsoft Windows box.
From a users point of view, wireless means you're able to move around unconfined by wires. But from an administrators point of view, wireless means another device that needs to be setup. Setting up a wireless device is a small, relatively easy process, but when you are setting up a couple thousand devices it can become time consuming. When you have that many devices it also becomes hard to distinguish who is a legitimate user and who is not.
Enterprise Management
There are a couple of ways to make sure everyone that is attaching to the network is an authorized user. The easiest is mac authentication, but it is also the most time consuming. It works by the network engineer recording the mac address of all devices in the wireless system. Only the devices that are entered into the system will be able to attach. If an authenticated user brings another device in, it will not work. This is an OK method, but if you have a lot of turn-over it can be time consuming to keep it up to date.
Another method would be a radius server. A radius server is much like the mac address list mentioned earlier, except it contains a list of users that have the ability to have access. A radius server is good because the list is built off of another list like LDAP or AD. LDAP and AD is a sort of database of all users that have the ability to login to the network. Those user rights are just extended to the wireless devices. This keeps you from having to maintain multiple lists.
One nicety of having wireless authentication verified through AD is that all wireless profiles (setup) can be pushed out with a group policy. Meaning you never have to touch a computer to setup the wireless configuration. At least with a Microsoft Windows box.
Sunday, March 27, 2011
Wireless Security
Wireless Networks provide many benefits to network users such as, mobility, decreased workload on the engineer from pulling cables through ceilings, and increasing diversity of devices. But wireless network has some serious security holes that increase the risk of deploying WiFi in your school or enterprise.
Any time you reference any WiFi network you are using a family of 802.11 standard protocols that make wireless possible.
Authentication
802.11 networks use two authentication methods: open-system authentication and shared-key authentication. In both schemes, each mobile client must authenticate to the access point. Open-system authentication might better be called "no authentication", because no actual authentication takes place: the wireless client says "please authenticate me, I need access", and the AP does so, and asks no questions.
The shared-key authentication method is much like the open-system authentication, the wireless client requests access to the wireless network the AP says "ok" but what is the password. The client must then return the correct password in order to connect to the network.
Other issues arise for WiFi that create major security concerns
1. The wireless client doesn't have any way to challenge the validity of the identity of the AP that they are attaching to, so an attacker can easily set up a rogue AP that unaware clients can connect to.
2. The AP has no way to tell whether the wireless client is authorized to be on the network or not. If you have the password not matter how you got it, you can jump right in the network, whether you're supposed to be there or not.
3. A major problem that I had is the AP authenticates only the wireless client and not the user of the the station. Any computer that has a legal right to be attached to the network has full access, but the user may not be very honest.
So to keep yourself a little safe, use at least WEP (wired equivalency privacy) the password is passed in the clear text, but it is better than nothing. It will keep the novices users from accessing your network. For a more robust authentication you can used WPA, the data is encrypted and little harder to break.
Speaking of encrypted....
Encryption
Wireless access point is much like a radio station and the radio in your car. No matter where you are you are able to hear the same broadcast as everyone else. Now what if you has a sensitive information that was being broadcasted out and you didn't want non-authorized users to get it. The best way would be to jumble up the information so that only the correct receiver would know how to unjumble it to get the information.
Encryption in wireless network does just as you think it would, all data is scrambled and encoded with the same key that allows you to attach to the network.
Any time you reference any WiFi network you are using a family of 802.11 standard protocols that make wireless possible.
Authentication
802.11 networks use two authentication methods: open-system authentication and shared-key authentication. In both schemes, each mobile client must authenticate to the access point. Open-system authentication might better be called "no authentication", because no actual authentication takes place: the wireless client says "please authenticate me, I need access", and the AP does so, and asks no questions.
The shared-key authentication method is much like the open-system authentication, the wireless client requests access to the wireless network the AP says "ok" but what is the password. The client must then return the correct password in order to connect to the network.
Other issues arise for WiFi that create major security concerns
1. The wireless client doesn't have any way to challenge the validity of the identity of the AP that they are attaching to, so an attacker can easily set up a rogue AP that unaware clients can connect to.
2. The AP has no way to tell whether the wireless client is authorized to be on the network or not. If you have the password not matter how you got it, you can jump right in the network, whether you're supposed to be there or not.
3. A major problem that I had is the AP authenticates only the wireless client and not the user of the the station. Any computer that has a legal right to be attached to the network has full access, but the user may not be very honest.
So to keep yourself a little safe, use at least WEP (wired equivalency privacy) the password is passed in the clear text, but it is better than nothing. It will keep the novices users from accessing your network. For a more robust authentication you can used WPA, the data is encrypted and little harder to break.
Speaking of encrypted....
Encryption
Wireless access point is much like a radio station and the radio in your car. No matter where you are you are able to hear the same broadcast as everyone else. Now what if you has a sensitive information that was being broadcasted out and you didn't want non-authorized users to get it. The best way would be to jumble up the information so that only the correct receiver would know how to unjumble it to get the information.
Encryption in wireless network does just as you think it would, all data is scrambled and encoded with the same key that allows you to attach to the network.
Wednesday, March 16, 2011
Wireless Network Management Devices
It can take a lot of access points to give blanket coverage for a build, because just when you think that you have all the spots covered, someone will find a spot in the whole building that doesn't have access. I think sometimes that people just go around looking for a deadzone.
In one of my schools there is 37 access points, it would be a full time job to correctly configure all those access points to work correctly. Like I have stated in previous blogs, you have to survey the building for wall density, calculate for a common receiving area, placement for adjacent access points.
Building Structure
When you are in the process of finding a place to put the access, you need to look at a couple of things. 1) Remember an access point emits radio wave, and all radio waves travel in a clear line of sight. 2) Don't put the access point to close to a wall, you need a good centrical wave pattern. 3) Radio wave will go through walls, but you loose speed and bandwidth throughput. Don't try to broadcast through concrete, it may go through. but you wont be happy with the results. Always spring for another access point.
AP Placement
When you are mounting you APs you need to keep a couple things in mind. 1) you need to adjust channels on the AP's to not conflict with each other. When you have AP's that are adjacent to each other that are on the same channel they are going to butt heads, you can see in my previous blog for example. 2) If you have the AP's to close together, the client workstation with jump back and forth between the APs. This toggling of wireless connectivity will cause problems with the client, so one of the AP broadcasting power needs to reduced.
Now couple all that with other features that can be provided via stand alone access points, like multiple SSids, Radius Accounting and Authentication. You can see why you need a device to manage all you access points. So stay tuned for an introduction to a Wireless Lan Controller (WLC).
In one of my schools there is 37 access points, it would be a full time job to correctly configure all those access points to work correctly. Like I have stated in previous blogs, you have to survey the building for wall density, calculate for a common receiving area, placement for adjacent access points.
Building Structure
When you are in the process of finding a place to put the access, you need to look at a couple of things. 1) Remember an access point emits radio wave, and all radio waves travel in a clear line of sight. 2) Don't put the access point to close to a wall, you need a good centrical wave pattern. 3) Radio wave will go through walls, but you loose speed and bandwidth throughput. Don't try to broadcast through concrete, it may go through. but you wont be happy with the results. Always spring for another access point.
AP Placement
When you are mounting you APs you need to keep a couple things in mind. 1) you need to adjust channels on the AP's to not conflict with each other. When you have AP's that are adjacent to each other that are on the same channel they are going to butt heads, you can see in my previous blog for example. 2) If you have the AP's to close together, the client workstation with jump back and forth between the APs. This toggling of wireless connectivity will cause problems with the client, so one of the AP broadcasting power needs to reduced.
Now couple all that with other features that can be provided via stand alone access points, like multiple SSids, Radius Accounting and Authentication. You can see why you need a device to manage all you access points. So stay tuned for an introduction to a Wireless Lan Controller (WLC).
Wednesday, March 2, 2011
Wireless Access Points
When we first started the iLearn project, we didn't allow the ipods to connect to the wireless network in the schools. Instead single access points was installed in the classrooms where the ipods was to be used. We did this for a couple of reasons, 1) we had not perfected the wireless security for the ipods 2) we didn't realize how the ipods would be used, and 3) the terms of the iLearn grant stipulate that their be unlimited access to the students. The third item is what cause the most problem, the networks in the schools are protected by a content filter, and to allow access to the ipods would require that access be given to all users attached to the network. When you used a single access point you have to do a little bit of research, to keep from conflicting with other APs in the area. Here is a couple of rules for installing APs for use:
1) Check the signal strength and channel of adjacent APs, if you are going install a new AP you need to make sure you are ample distance away from the other APs. If you are to close to the other APs and also happen to talk on the same channel, the signal will be diminished or there could be areas where there is not signal.
Let me elaborate on this a little: Wireless signal operates in a radio frequency, the WiFi signal is a relatively weak signal. Its signal strength follows the same laws as all wireless devices. 1) the farther away from the source the weaker you signal will become. 2) objects that interfere with the signal, also decrease the signal strength. Walls, doors, Low-E glass will limit radio waves 3) radio waves propagate out in a circle fashion, they don't bend around corners.
1) Check the signal strength and channel of adjacent APs, if you are going install a new AP you need to make sure you are ample distance away from the other APs. If you are to close to the other APs and also happen to talk on the same channel, the signal will be diminished or there could be areas where there is not signal.
Let me elaborate on this a little: Wireless signal operates in a radio frequency, the WiFi signal is a relatively weak signal. Its signal strength follows the same laws as all wireless devices. 1) the farther away from the source the weaker you signal will become. 2) objects that interfere with the signal, also decrease the signal strength. Walls, doors, Low-E glass will limit radio waves 3) radio waves propagate out in a circle fashion, they don't bend around corners.
The channel of the AP. Since an AP uses radio frequency to broadcast data, different AP have to be on different channels to keep from butting heads. The picture to the left shows the loss in signal if a channel conflict is created. Notice the breaks in the rings, for good signal the rings would be complete and not broken, much like the rings in a tree.
Here is a example of what it looks like when two APs are to close together and talking on the same channel.
2) Different SSIDs The SSID is the name of the AP that gets broadcast. If the AP is going to be a continuation of a existing wireless network which would allow roaming, then it is best to keep the same SSID name. This way no matter where you are at in the school the same wireless network would be available. But on the otherhand, if you are just going to have a hotspot, which is a dedicated wireless area that usually has one use, in this case connecting ipod to the internet.
After we figured out the wireless security of the ipod and realized that all the teachers will be using the devices in the school; we allowed the ipods to attach to the wireless network in the school which also allowed roaming.
Tuesday, March 1, 2011
Network Segmentation
Background knowledge:
1. Ethernet a electronic signaling method related to the physical cabling of a network. Ethernet communication allows only one device to talk at a time. So out of 253 device only one can talk, if two try to talk it is considered a network collision. Ethernet can have multiple architectures, most common is a hybrid between hub-spoke and star.
2. Access Points(AP) is a device that allow wireless device to connect to the network. Access Points are usually connected via ethernet to a switch. Access Points broadcast on certain frequencies 2.4ghz range small variations allow for channels.
3. IP address is much like a phone number for any network device.
In our schools the networks are divided into class C ranges. A class C network can support 253 network devices. This sounds like a lot of devices, but really after you figure in everybodys laptop, desktop, smartboard computer, printer, and student workstations these devices amount up. Now, All these devices are scattered all over a school and all are just waiting to talk, which shows the reason to have a traffic handling device with some intelligence. A traffic handling device that connects a computer to the network is a switch, a switch has some intelligence in that it keeps a log everyone that has talked on the network and trys to keep traffic decreased by linking the talker to the listener instead of pushing it out to every device on the network aka broadcast. But what if you have more that 253 devices, what if you have 400 device. Then you have to create another network and logically divide the school into to separate pieces. This is why you probably should create a network just for your wireless traffic, something totally different from the network that desktop computer talk on.
If you connect to a AP with a handheld or mobile device you are competing on the same network.
Example 1:
If you have two APs each on different ends of the school. After you have join the network you are given an IP address, while you stay in the location of the AP can get to the network of internet, but if it is a mobile device then it is likely to move. If a student goes to the other end of the school, the mobile device won't work, because it was joined to AP on the other network. For the device to work it will have to renew the IP address that is was previously issued. This is called "Roaming". This is a reason to have just a network for wireless devices and have it the same throughout the school. If all APs are on the same network, then the student will not have to renew the IP address on the mobile device. RECOMMENDED.
Example 2:
If you have a limited number of wireless mobile devices, then there is not reason that they could not be on the same network as you desktop computers. This makes it easier to communicate with other devices since they are on the sames. But just remember this way provides little growth. And since all devices are on the same network they are all competing to talk and share the bandwidth.
NOT RECOMMENDED
NAT/PAT
Not related to the network topology or implementation, but important none the less. Many network like Radford City operate on private numbers. The difference between private and public numbers is private numbers are non-routable, which means that can't go out onto the internet and public can. So why not use public numbers, well public numbers require money and private are free. Well we are using private number, but they are not routable, this is where NAT comes in. NAT (Network Address Translation) is the process of modifying IP address information in IP packet while in transit across a traffic routing device for the purpose of mapping one IP address into another. Basically this means the translation changes the IP address from a non-routable to a number that is routable. This way you can purchase less numbers and use what you have more efficiently. PAT is much the same idea as NAT but it involves ports on the IP address. With PAT it is possible to have thousands of computers using the same IP address, just each network computer is assigned a port number.
Bandwidth Competition
I talked a little bit about this is example 2. As stated before Ethernet is a shared medium. Everyone has to wait until it is there turn to talk. The time a device has to wait depends on the network bandwith, and the amount the device has to transmit. When I mentioned the network bandwidth, I mean the amount of throughput a network has. Throughput is a typical method of performing a measurement is to transfer a 'large' file and measure the time taken to do so. The throughput is then calculated by dividing the file size by the time to get the throughput in megabits. The more devices that you have on network the more the throughput is shared.
1. Ethernet a electronic signaling method related to the physical cabling of a network. Ethernet communication allows only one device to talk at a time. So out of 253 device only one can talk, if two try to talk it is considered a network collision. Ethernet can have multiple architectures, most common is a hybrid between hub-spoke and star.
2. Access Points(AP) is a device that allow wireless device to connect to the network. Access Points are usually connected via ethernet to a switch. Access Points broadcast on certain frequencies 2.4ghz range small variations allow for channels.
3. IP address is much like a phone number for any network device.
In our schools the networks are divided into class C ranges. A class C network can support 253 network devices. This sounds like a lot of devices, but really after you figure in everybodys laptop, desktop, smartboard computer, printer, and student workstations these devices amount up. Now, All these devices are scattered all over a school and all are just waiting to talk, which shows the reason to have a traffic handling device with some intelligence. A traffic handling device that connects a computer to the network is a switch, a switch has some intelligence in that it keeps a log everyone that has talked on the network and trys to keep traffic decreased by linking the talker to the listener instead of pushing it out to every device on the network aka broadcast. But what if you have more that 253 devices, what if you have 400 device. Then you have to create another network and logically divide the school into to separate pieces. This is why you probably should create a network just for your wireless traffic, something totally different from the network that desktop computer talk on.
If you connect to a AP with a handheld or mobile device you are competing on the same network.
Example 1:
If you have two APs each on different ends of the school. After you have join the network you are given an IP address, while you stay in the location of the AP can get to the network of internet, but if it is a mobile device then it is likely to move. If a student goes to the other end of the school, the mobile device won't work, because it was joined to AP on the other network. For the device to work it will have to renew the IP address that is was previously issued. This is called "Roaming". This is a reason to have just a network for wireless devices and have it the same throughout the school. If all APs are on the same network, then the student will not have to renew the IP address on the mobile device. RECOMMENDED.
Example 2:
If you have a limited number of wireless mobile devices, then there is not reason that they could not be on the same network as you desktop computers. This makes it easier to communicate with other devices since they are on the sames. But just remember this way provides little growth. And since all devices are on the same network they are all competing to talk and share the bandwidth.
NOT RECOMMENDED
NAT/PAT
Not related to the network topology or implementation, but important none the less. Many network like Radford City operate on private numbers. The difference between private and public numbers is private numbers are non-routable, which means that can't go out onto the internet and public can. So why not use public numbers, well public numbers require money and private are free. Well we are using private number, but they are not routable, this is where NAT comes in. NAT (Network Address Translation) is the process of modifying IP address information in IP packet while in transit across a traffic routing device for the purpose of mapping one IP address into another. Basically this means the translation changes the IP address from a non-routable to a number that is routable. This way you can purchase less numbers and use what you have more efficiently. PAT is much the same idea as NAT but it involves ports on the IP address. With PAT it is possible to have thousands of computers using the same IP address, just each network computer is assigned a port number.
Bandwidth Competition
I talked a little bit about this is example 2. As stated before Ethernet is a shared medium. Everyone has to wait until it is there turn to talk. The time a device has to wait depends on the network bandwith, and the amount the device has to transmit. When I mentioned the network bandwidth, I mean the amount of throughput a network has. Throughput is a typical method of performing a measurement is to transfer a 'large' file and measure the time taken to do so. The throughput is then calculated by dividing the file size by the time to get the throughput in megabits. The more devices that you have on network the more the throughput is shared.
Thursday, February 24, 2011
Wifi Planning Mode
*Note: All blogs will be wrote from the perspective that there is no wireless infrastructure in place. I am not saying that my way is 100% correct or other peoples are wrong, this is the way that I did it and why.
Planning
When we decided to participate in the grant, it was small, only about 50-100 ipods. Radford City currently already had a wireless infrastructure that was put in place for SOL testing. So adding a couple more devices is nothing to what was already there.
No one told me the amount of devices that we would one day receive (400+ ipods, 150 Macbooks).
So in the planning stage, you need to try to take the following in consideration:
1. Total number devices (future growth)
2. Location(s) that the devices will be used
3. Primary application/use of the wireless device
4. Who manages the devices
5. Classroom supervision
-- I am sure there are more, just can't think of any at the moment. I will add as I think of it.
Total number of devices
This is a major factor. Will the network infrastructure support an increased number of devices? A wireless access point can carry approx 40 devices without being loaded down and experiencing a delay. If you have large numbers of device extra APs are needed. Are the handheld devices going to connect to the internet? If so, then the bandwidth needed to supply adequate downloads many need to be increased. For example, if the teacher wants the students to watch a youtube video, a dozen devices each pulling video can put a hurt on network usage and slow everyone down.
So you may need to purchase extra access points(AP), and/or increase bandwidth to the internet.
Location(s) that the devices will be used
Will the handhelds be used all within one classroom, multiple classrooms, or throughout the whole school/division? If a low number of handhelds (<40) are going to be used in a single classroom and no where else, then a single access point should be sufficient. If the handhelds are going to be used in the whole school then multiple APs will need to be placed in the school to provide coverage. If the handheld are going to be implemented district wide, adjustments to the network will be needed (network segmentation, vlans, dhcp).
Primary application/use of the wireless device
Will the user will be using pre-downloaded applications or surfing the internet? Being in a K-12 school the students need to be protected from harsh content on the internet, unlike college students. Increasing the content filter licenses may be required to protect the students properly. Applications used in class need to be download before issuing to the class. Application download or ipod syncing is a different (HUGE) topic not discussed in these blogs.
Who manages the devices
This is a easy one, in our case who is in charge of the money and the accounts that purchase itunes applications. You would be surprised, especially with the new ambiguous Volume Purchasing Program, which is another (HUGE) topic not discussed in these blogs.
Supervision
With small kids they often do as they are told, but when you deal with teens they have a mind of their own. When students break the rules of the technology user policy, who is going to enforce it?
Planning
When we decided to participate in the grant, it was small, only about 50-100 ipods. Radford City currently already had a wireless infrastructure that was put in place for SOL testing. So adding a couple more devices is nothing to what was already there.
No one told me the amount of devices that we would one day receive (400+ ipods, 150 Macbooks).
So in the planning stage, you need to try to take the following in consideration:
1. Total number devices (future growth)
2. Location(s) that the devices will be used
3. Primary application/use of the wireless device
4. Who manages the devices
5. Classroom supervision
-- I am sure there are more, just can't think of any at the moment. I will add as I think of it.
Total number of devices
This is a major factor. Will the network infrastructure support an increased number of devices? A wireless access point can carry approx 40 devices without being loaded down and experiencing a delay. If you have large numbers of device extra APs are needed. Are the handheld devices going to connect to the internet? If so, then the bandwidth needed to supply adequate downloads many need to be increased. For example, if the teacher wants the students to watch a youtube video, a dozen devices each pulling video can put a hurt on network usage and slow everyone down.
So you may need to purchase extra access points(AP), and/or increase bandwidth to the internet.
Location(s) that the devices will be used
Will the handhelds be used all within one classroom, multiple classrooms, or throughout the whole school/division? If a low number of handhelds (<40) are going to be used in a single classroom and no where else, then a single access point should be sufficient. If the handhelds are going to be used in the whole school then multiple APs will need to be placed in the school to provide coverage. If the handheld are going to be implemented district wide, adjustments to the network will be needed (network segmentation, vlans, dhcp).
Primary application/use of the wireless device
Will the user will be using pre-downloaded applications or surfing the internet? Being in a K-12 school the students need to be protected from harsh content on the internet, unlike college students. Increasing the content filter licenses may be required to protect the students properly. Applications used in class need to be download before issuing to the class. Application download or ipod syncing is a different (HUGE) topic not discussed in these blogs.
Who manages the devices
This is a easy one, in our case who is in charge of the money and the accounts that purchase itunes applications. You would be surprised, especially with the new ambiguous Volume Purchasing Program, which is another (HUGE) topic not discussed in these blogs.
Supervision
With small kids they often do as they are told, but when you deal with teens they have a mind of their own. When students break the rules of the technology user policy, who is going to enforce it?
Introduction
Radford City Public Schools participated in a grant venture with Pulaski County Public Schools, Radford University, New River Community College. The grant was headed by Dr. Dunleavy of Radford University and sponsored by the Virginia Department of Education.
The grants purpose was to investigate if wifi-enabled mobile device capable of delivering web 2.0 applications and educational instructional material would significantly impact on how educators teach in future classrooms.
The first requirement of the grant "wifi-enabled" is the chief purpose of the current and future blog entries. These blog entries will provide a "sort of" primer or "how-to" in accomplishing a wifi setup on different levels.
The grants purpose was to investigate if wifi-enabled mobile device capable of delivering web 2.0 applications and educational instructional material would significantly impact on how educators teach in future classrooms.
The first requirement of the grant "wifi-enabled" is the chief purpose of the current and future blog entries. These blog entries will provide a "sort of" primer or "how-to" in accomplishing a wifi setup on different levels.
Tuesday, February 22, 2011
TO THE CLOUD.....
In future articles we will be discussing practical and impractical of implementing a wireless network to deliver network/Internet content.
Articles will be consisting of but not limited to the following topics:
Articles will be consisting of but not limited to the following topics:
- Network Segmentation
- Device proliferation
- Roaming devices
- Broadcast crashes
- Bandwidth Competition
- Network Tranlation (NAT/PAT)
- Wireless Access Points
- Single Access Points -vs- Multi-Access Points
- SSIDs
- Channel calculations
- Coverage areas/Deadzones
- Secuity (touched on)
- Wireless Network Management Devices
- Usage
- ?
- Benefits
- Device Connectivity
- Authentication
- Encryption
- Certificates
- Enterprise Security
- Managing Users
- Proxy
- Content Filter
- Issues Encountered
- Hardware
- Software
- Personnel
Thursday, February 17, 2011
Horizon Report - Technology's Future
Mobile Devices.
In the past five years the processing power of the average mobile device has increased exponentially, expanding the productivity of a user. Now a user can surf, email, chat, and take videos and pictures all from their phone. With the introduction of tablet computers, you can now read and write documents, video/audio conference, and share information with others.
Tablets have the ability to access the web, and many companies (i.e. Google, Microsoft) have produced web based applications that provide desktop functionality within the confines of the tablet/handheld device.
But the same problem that all school systems face is procuring enough mobile devices to use in the classroom. I think in the future this problem will be eliminated, because almost all students in our school system already carry a smart phone that is capable of accomplishing many of these tasks. Students already want to use their personal devices in the classroom. I say let them. They can use their phones for different tasks, many phones will read e-books, so put their textbook on the phone. They can use the phone in class to communicate with the teacher (either through Twitter, or SMS). Phones also have built-in video cameras, why not do video conferencing with the student when they need help with their assignment or if they have a question. All this can be done and the school system never even bought a single device. Now if for instance you have a student that doesn't have a device, then one should be afforded to them.
Gesture-Based Computing
The article states that it is four to five years before it is adopted or perfected. I think it will be here sooner than is anticipated. This is why I think so, like all new devices I try to see how they work (what makes them tick). When the Nintendo Wii came out I had to have one. Well, the first night I threw my shoulder out. As I was on the mend, I wanted to figure out how thing worked, so I did some research online and found where people were reversing the roles of the controller and the light emitter bar. Since the Wii-mote is bluetooth, you could bind it to your laptop and use it as a device to move the mouse. Here is a link for the how-to: http://www.wikihow.com/Turn-Your-Wii-Controller-Into-a-Mouse
This has been refined throughout the years, and appears to be very operative now. From what I have noticed it appears that people are binding the Wii-mote to the ipad now. I would like to try motion control on a computer, I bet it would be pretty cool.
In the past five years the processing power of the average mobile device has increased exponentially, expanding the productivity of a user. Now a user can surf, email, chat, and take videos and pictures all from their phone. With the introduction of tablet computers, you can now read and write documents, video/audio conference, and share information with others.
Tablets have the ability to access the web, and many companies (i.e. Google, Microsoft) have produced web based applications that provide desktop functionality within the confines of the tablet/handheld device.
But the same problem that all school systems face is procuring enough mobile devices to use in the classroom. I think in the future this problem will be eliminated, because almost all students in our school system already carry a smart phone that is capable of accomplishing many of these tasks. Students already want to use their personal devices in the classroom. I say let them. They can use their phones for different tasks, many phones will read e-books, so put their textbook on the phone. They can use the phone in class to communicate with the teacher (either through Twitter, or SMS). Phones also have built-in video cameras, why not do video conferencing with the student when they need help with their assignment or if they have a question. All this can be done and the school system never even bought a single device. Now if for instance you have a student that doesn't have a device, then one should be afforded to them.
Gesture-Based Computing
The article states that it is four to five years before it is adopted or perfected. I think it will be here sooner than is anticipated. This is why I think so, like all new devices I try to see how they work (what makes them tick). When the Nintendo Wii came out I had to have one. Well, the first night I threw my shoulder out. As I was on the mend, I wanted to figure out how thing worked, so I did some research online and found where people were reversing the roles of the controller and the light emitter bar. Since the Wii-mote is bluetooth, you could bind it to your laptop and use it as a device to move the mouse. Here is a link for the how-to: http://www.wikihow.com/Turn-Your-Wii-Controller-Into-a-Mouse
This has been refined throughout the years, and appears to be very operative now. From what I have noticed it appears that people are binding the Wii-mote to the ipad now. I would like to try motion control on a computer, I bet it would be pretty cool.
Wednesday, February 16, 2011
Problem - Enter a better Mobile Device
After reading the article it got me thinking, in my school system we have used a whole assortment of handheld/mobile devices. And throughout the years the handhelds come and go, but each device that was purchased was always going to be the one that was going to make kids smarter. They fall short, for a number of reasons. Maybe the teacher doesn't want to support the device, or maybe the student just loses interest, whatever the reason the device has gone to the wayside. But I have always had a different thought, it wasn't the user that failed with the device, but it was the device that failed the user. Just for an example, everybody is on the iPod bandwagon. I don't think that the iPod is going to be the device that teaches our kids and makes them geniuses. I believe it will fall to the wayside just like the Palm did, not because it is a bad product, or poorly engineered, but mainly because it is being mismanaged. In my opinion, Apple as a company is a dictator with all its products. I truly believe they do not care about the users that purchase their devices. Apple has the mentality if we didn't think of it then you don't need it. Now, I am not an Apple basher it is just it is the latest to mobile party, other companies have the same mentality (i.e. Hewlett Packard, Dell). When you do make valuable suggestion to better their product and make it more usable, they retaliate by saying "Why would you want that?" or " I can't foresee that ever being used". Companies need to realize that they need to listen to the users, because customers are the driving force for them being in business.
Note: Just for example when the Iphone 4 came out there was a immediate problem with the wireless signal which would decrease and drop calls. Steve Jobs said, "Just don't hold it that way", never admitting that there was a design flaw. Eventually they did release a rubber cover that would insulate you from the phone antenna to increase reception.
Note: Just for example when the Iphone 4 came out there was a immediate problem with the wireless signal which would decrease and drop calls. Steve Jobs said, "Just don't hold it that way", never admitting that there was a design flaw. Eventually they did release a rubber cover that would insulate you from the phone antenna to increase reception.
Sunday, January 30, 2011
Choices, Choices, Choices....
For the past decade plus years, Radford City Schools has used Novell Netware as infrastructure storage and user management and throughout this time it has worked. It gave us no problems that could not be fixed by downloading a patch. But as always, all good things must come to an end. Novell announced a couple of years ago that it will be discontinuing Netware and replacing it with a new Linux based Open Enterprise System (OES), and I thought "Cool, Linux!". After evaluating it for two years, I think we are going in a different direction. I mean people go to Linux because it is cheap (in cheap I mean FREE). But we were having to pay for it since Novell owned it. The maintenance part of Linux isn't much better either, everything is command-line, not that it's any different from the old Netware. But if you are not familiar with the Novell version of Linux and their OES addons, it can be a bit formidable. When you go online and research your problem within Novell's website, you will find that there is never an answer for your problem. Now I am not saying Novell's product is bad, in fact their Linux is good, but I feel there may be easier, cheaper alternatives available. Now enters "Big Softy".
Microsoft server offered all I could possibly want from a network operating system: manages my users, stores their stuff, updates (which we all know, all too well), compatibility with other network devices, and tons of information. Did I mention ease of use, if you can use a Windows Desktop OS's then server will be no problem. All of this, and did you know that over a 3 year period Microsoft was even cheaper than Novell. What's not to love?
Microsoft server offered all I could possibly want from a network operating system: manages my users, stores their stuff, updates (which we all know, all too well), compatibility with other network devices, and tons of information. Did I mention ease of use, if you can use a Windows Desktop OS's then server will be no problem. All of this, and did you know that over a 3 year period Microsoft was even cheaper than Novell. What's not to love?
Adventures in Technology at RCPS (Administration POV)
Good Day to all you information gathering geeks. In the follow excerpts of this website you will find technology ideas that I have discovered, utilitzied, and crap that I have just dreamed up. At anytime please feel free to comment, we can't learn from each other unless a discussion is going on. So without further adieu, here is the talking stick!
Subscribe to:
Posts (Atom)