Transcription
Wireless Infrastructure Cisco Wireless WLANS Eastridge High School Heat Map AirServer
Cisco Wireless Started with Cisco 1142 APs Sawtooth pattern (every other classroom) Upgraded wireless network in many stagesreplacing all 1142’s with nearly 500 CiscoAPs, mostly CAP2702 Three 5508 Cisco Wireless Controllers,2 active, 1 failover Cisco Prime – Overall wireless health,maps, bulk configuration
Wireless Networks EIGUEST – Captive portal with EULA &“Accept” button to join network for BYOD Eastiron Student Mobile – WPA2 PSK Eastiron Student Mobile – WPA2 PSK STAFF – WPA2 PSK (Legacy)
Eastridge High School
Eastridge High School Heat Map
AirServer What is it? An application that gets installed on aPC or Mac to project the iPad to screen Similar products: AppleTV, Reflector Uses AirPlay technology built into iPads Have to allow Bonjour traffic to traverse wired networkto wireless network, this is done with magic Linux boxes EIGUEST network excluded from “AirServing” We recommended that passwords be in placefor every instance of AirServer Flexible for instruction No hardware Better password management
Inventory Designed our own inventory system Labeling system Case Selection Distribution and Collection of devices Cart selection iCave
Device Labeling System Use two labels to identify iPads Student Name and bar code East Irondequoit or BOCES asset tag Bluetooth Socket Scanners join studentto iPad in inventory Labels printed with Graphic Products –DuraLabel Pro 300
Designed our own inventory system Written in Classic ASP – Visual Basic & .NET Very fluid and adaptable Written by one of our programmers Yes we have programmers! Integrated Student Device Management Main office staff scan IPP (iPad Protection Plan) Device and User history Student link to Infinite Campus schedule iPad Info Tab – Create damage reports, etc iPad Apps Tab – See all apps on device, with forbiddenapps shaded red Teachers and parents have access to this info
Case Selection STM Bags DUX case was selected Pros Durability Versatility – Stands up portraitand landscape at two angles Has plexi-glass back so labels can be scanned Smart cover Cons Not indestructible Covers susceptible to rips and removal Make sure headphone jack is big/oval
Distribution Primary (K-2) Deliver carts before first day of class Grades 3-12 Distribution Held two 8 hour day time hand out sessions and threeevening sessions in the Middle School Cafeteria. The rest were handed out in the schools by school or IT Staff.
Collection Primary (K-2) Roll carts to secure location in building for summer updates Intermediate (3-5) and Middle School (6-8) Staggered hand-in sessions Teachers bring students down at scheduled time Placed chargers in labeled bags and separated per grade Scanned back “IT Dept.” when student hands in High School Account for exams, students need their device for finals! Multiple, staggered hand-in sessions including evenings Scan back to “IT Dept.” when student hands in If student did not hand in charger label is not placed on bag,student initials label indicating no charger handed in.
Cart Selection Ergotron Charging Carts Versatile Fit iPad 4 and Air w/Case Easy to setup Powerful Extra Power Outlets Mobility
“iCave” Converted classroom in the Middle School Purchased nine metal shelving units Storage for all devices in the summer During school year the room is a support center for students inthe middle school Purchased a 32 port stand-alone charging station Charge all devices tocapacity and thenshut down Security Two Live Cameras Unbreakable Windows FOB Entrance Only Tinted Windows
Mobile Device Management jamf PRO DEP and VPP Leverage Active Directory Configuration Profiles Distributing apps directly to iPads Classroom Management Apple Classroom Casper Focus Restricting students
Apple DEP – Device Enrollment Program Allows for over the air configuration of iPads Allows EICSD to gain sole ownership and use of iPads If iPads go missing or stolen only EI domain userscan sign into device Allows leveraging of Active Directory on setup Automatic enrollment in MDM (Casper Suite) Quick setup of iPads EI Techs setup all iPads for students Expedites hand-out process Minimize mistakes and questions
Apple VPP – Volume Purchase Program Allows for purchase of apps and books in volume Allows for distribution with MDM Directly to individual iPad or Student Install to AD groups Special pricing for purchase of 20 apps or more It is now possible send to devices instead of users/Apple ID
Leverage Active Directory Whenever possible leverage Active Directory (LDAP) Student and staff iPads are logged into with AD creds linkingdevice to user We can populate fields in MDM with AD information Create Smart Groups Target AD groups for app installs How are you going to install specific apps to specificstudents in specific classes? What if they change classes? Customized scripts link LDAP, Infinite Campus and MDM LDAP keeps things organized in your MDM
Configuration Profiles All student devices have (at least) five Configuration Profiles Student – Wi-Fi Includes name of wireless network and password Global Proxy Includes Proxy Certificate Proxy Login – Web Clip Helps students login into proxy off campus MDM Enrollment Profile Restrictions Profile Different age restrictions and access to apps iMessage – Not allowed at intermediate level
Classroom Management How to keep students focused and on task? Apple Classroom Lock individual students to a particular app See what students are working on with their iPads Restricting Student Devices Take away ability to install apps Take away camera, Game Center, FaceTime or AirDrop Students can earn back freedom Apps and Software with Usage Controls Schoology LMS See how often students access app and when On or off campus
Web Filtering and App Content Lightspeed Global Proxy Web Filter Proxy SSL exclusions Problem App Management Using proxy to block Device lockdown Apps & software that bypass proxy traffic
Lightspeed Web Filtering & Global Proxy Global Proxy Used to filter internet content on student iPadsanywhere in the world Proxy address and certificate are pushed with MDM Use Lightspeed client on desktops Allows for exclusion of proxy login if identity is known Exclude district IP range Students will only get prompted to loginto proxy when off campus
SSL Exclusions and Blocking Apps Many apps and websites need SSL exclusions to function,usually requires a phone call to Lightspeed – Great support! Management of problem apps Jamf now has the ability to “hide” certain apps If traffic of app is detected by proxy a rule can be createdto exclude that traffic blocking the app
Transparency of student iPad Content Lists of students with forbidden appsemailed to principals iPad Apps in Infinite Campus Available to teachers and admins List of student apps on parent portal in Infinite Campus Daily email of New Social Media apps New Picture and Video apps All new apps
iPad Specific Details Encourage all students to log into iCloud Backup and Find My iPad Use iCloud for Notability backup iPad Space Pictures and videos Games jamf Reporting Using iCloud on PC to transfer pictures andvideos so they can be removed from iPad iPad Printing – Using Lantronix xPrintServers,but moving to PaperCut solution
Other Considerations Going from 0 to 60 or 300 iPads to 3000 Once infrastructure was in place we couldhandle more without issue Broken iPads In-house insurance with escalating scaleper break up to three Dealing with students Much more face to face with students Instruction Only instruct on technical aspects ofdevices. Creating educational videos www.eastiron.org/ipads
Other Considerations, cont. Recommendations Allow students to take home devices Student achievement, student/parent engagementis much higher with actual 1:1 Extends the school day off campus Have resources in place before rollout MDM, LMS Selection and Global Proxy Testing Groups and AD Ready Storage Considerations Cloud? LMS? Select specific online resources Be able to track metrics and analytics Student achievement and usage Single Sign On, and API to sync AD and resources at login
Other Considerations, cont. Buy In Office of Instruction Approval of paid apps Track student analytics and achievement Main office staff Handle money for insurance premiums and breakage 1st contact for parents Counseling Center Staff Inform IT Dept. of incoming and departing students,collection and distribution is ongoing Registrar’s Office 1st line of dissemination of iPad information (IPP) iPad Protection Plan
Other Considerations, cont. Buy In – cont. Administrators Principals – Distributing information and excitement Organization of staff for iPad Discipline – Adds new dimensions for discipline andteaching Digital CitizenshipTeachers Support Staff Obvious Reasons, PD, Classroom ManagementTwo of our most important assets are the “iPad Ladies” atthe middle and high schools. They are the first line of ITsupport for the buildings.Student Technicians Work in progress Help IT Dept. collect and distribute iPads
Where do we want to go?The SAMR ModelCheck out - http://www.schrockguide.net
Lightspeed Web Filtering & Global Proxy Global Proxy Used to filter internet content on student iPads anywhere in the world Proxy address and certificate are pushed with MDM Use Lightspeed client on desktops Allows for exclusion of proxy login if identity is known Exclude district IP range Students will only get .
