School network (EDP)
The school network or school network refers to a computer network in schools that is used primarily for teaching purposes .
Ideally, different schools in a municipality are operated on a common intranet. This means that services such as secure Internet access, data backup, provision of applications, Moodle servers, video conferencing, user management and much more can be implemented through a central data center with full-time staff. A successful example of this integration is the “ Koblenz School Network ”.
For security reasons , schools usually have two separate networks: the school network for the class and computer rooms, and the administration network for the school administration. When one speaks of the school network or the school server , one usually means the network for the classrooms and computer rooms, the " educational network".
Problem Description
The requirements for computer networks in schools are basically the same as in larger companies, universities and other institutions. In the school, however, the computer users change almost every hour. In the school network, students must therefore be able to access their data from any computer. At the same time, it must be ensured that the computers are adequately protected against accidental or intentional manipulation . An identical work surface on all computers ensures that lessons can run smoothly. Only then can it be guaranteed that the students will find functions exactly where they themselves and the teacher expect them. In addition, the teacher should be able to access the students' computers in order to change access rights to programs, to observe the actions of the students and, if necessary, to help them.
Necessary and desired functions in the school computer network are:
- Central management and storage of student work on the server so that each student can access their data from any computer
- Common folders on the server, in which tasks and results can be saved and collected centrally
- User management that enables students to be transferred at the end of the school year (automatic assignment to new groups)
- Blocking access to websites that are harmful to minors (the school has this obligation through the Youth Protection Act)
- Virus and vandalism security as well as insensitivity to "youthful experimentation"
- Limitation of the storage space ( files , e-mails , ...) that students or teachers may use on the server ( disk quota ); Limiting or accounting for printed pages
- Hosting the school website (at least as a working platform for a website project)
- Hosting a school intranet (e.g. for teaching content)
- Central provision of CD images with learning programs, lexicons etc .; secured against "illegal copying"
- Data backup of client computers (e.g. as an image ) in order to be able to restore them quickly (e.g. after hardware errors or student sabotage)
- Cache , firewall and parental control filters for Internet access
- Remote control of student computers (screen transfer, locking, ...) from the teacher's computer
- Projection of the screen of the teacher's computer or a student's computer via a video projector ("beamer")
- Mail server
- Provision of network drives
- Printer control
- Access control of Internet access
- Access control of printers
- Access control of email software, chat software, instant messaging software and other communication options
- Access control to software (release only of certain programs for teaching)
- Access control to peripheral devices (e.g. deactivating USB sticks , CD-ROM drives, etc.)
- Control of the workplace environment depending on the type of lesson (e.g. specification of the visible programs in the start bar, "exam environment")
Solution approaches for client backup
Hard disk guard
Hard drive monitors protect the hard drives from changes. They are available in hardware or software. The use of hardware is associated with a somewhat higher installation effort, since the card has to be installed individually in each computer. Both versions can be controlled centrally via software. This makes it possible to administer several computers from one workstation. In addition, software versions often offer additional functions such as protection against plugging in a USB storage device or internet lock that can be operated directly by the teacher in class. The hardware version is considered to be safer because it protects the system before the operating system is loaded and can also protect the BIOS.
There are several methods with which a hard disk guard concept can be implemented. The two most important are described below.
Redirection of hard disk access
In this mode, the hard disk guard redirects hard disk access: The desired operations are not performed on the protected hard disk, but are logged using a buffer (usually a hidden file or partition ). Should z. For example, if a file is created on the hard drive, the hard drive monitor actually creates the file in the buffer memory. If this file is now read, the hard disk monitor also redirects this operation to the buffer memory; Edit and delete operations are also redirected in this way. These processes are completely transparent to the operating system, the applications and the user and do not show any noticeable loss of speed. Apart from installing the hardware or software, no further changes or adjustments are necessary.
To restore the original state, the hard disk monitor only needs to empty the buffer memory. This can be done at regular intervals, e.g. B. with every restart, or done manually by a key combination during the start-up process and does not cause any significant delay.
Image of the hard disk
In this mode, a complete memory image of the main hard drive exists either on a hidden partition or on a hidden hard drive. All operations are applied to this hard drive as usual. If the original state is to be restored, the hard disk monitor reloads the hidden image on the hard disk, which can be very time-consuming.
Software solutions
In the Linux Solution of the country Baden-Wuerttemberg , the Rembo / mySHN (software Remote Boot ), which the Sheila (Sheila stands for concept S ven healing end A rbeitsstationen) realized. The students have the opportunity to try everything out on the computer, even formatting the hard drive is possible. During the next boot process , the image is restored from a hidden partition on the hard drive or (if this is not possible) via the network. This does not require the administrator to intervene, relieving them of bothersome repair tasks.
After program changes by the administrator, new images are sent in parallel to all clients assigned to the corresponding hardware class. The changes are only made incrementally, i.e. H. only parts that have changed are replaced. This makes the distribution efficient.
From version 4 of paedML three alternatives are offered for self-healing:
- LINBO - Linux Boot System, developed by Klaus Knopper (* 1968), the developer of the Linux distribution Knoppix
- Rembo (see above in the further development of MySHN)
- Tivoli (further development of Rembo by IBM)
FOG
FOG is designed for installation on a Red Hat / Fedora / Centos computer or on an Ubuntu / Mint computer. There is an additional package for SuSE. There is a special adjustment for Slackware ( Arktur ).
Solution approaches for servers
The state of Baden-Württemberg has developed paedML , a "model solution for school computer networks" for server systems in schools, which is intended to reduce the administrative effort and cover the relevant needs.
Windows server
Windows - operating systems are designed as a "personal computer" and therefore give the user a lot of freedom in the configuration of his workstation . When using Windows in the school network, the administrators are therefore very much required to meet the specified conditions to protect against unwanted changes. Windows server systems work with the assignment of user rights . With the Windows utility Gpedit.msc, profiles can be set and defined as immutable. This approach requires the administrator to have good specialist knowledge and a structured approach. If a hard drive prepared in this way is cloned, i. H. If exact copies are created, the previously prepared compilation of programs and user rights can be copied to other hard drives. This is done over the network using Norton Ghost , Drive Image or other clone software .
Problems: If the computers are too different in the hardware structure, several sample installations must be maintained in parallel. If a sample installation fails, it must be set up again. In addition to the costs for the Windows server operating system, Microsoft also incurs license costs for each client for use in the network (in addition to the operating system costs of the client).
macOS Server
Another option is the macOS Server operating system based on Apple's macOS .
The schools see the advantages of this solution in the flexibility of the system. On the one hand, the operating system like Linux offers an open platform for free software (so numerous open source projects from the Linux world can also be used directly under Mac OS X), and on the other hand, the manufacturer's administrator is similar As with Windows, it is supplied with powerful administration tools. The price is often seen as an advantage, because apart from the acquisition costs for the server hardware, there are no further license costs (including for clients).
Since Apple has many years of experience in the education sector as the manufacturer of Mac OS X (especially in the USA), it is not surprising that the operating system provides numerous functions that other systems have to purchase using special software or develop specifically for schools. These include, for example, the integrated virus filtering for e-mail, imaging of clients (Macs), cross-platform provision of network drives, uniform administration for all connected clients (Unix / Linux, Mac and PC), mass import and export of users and groups, relocation of User groups for new classes (groups), quoting for e-mail, printing and hard disk space as well as a system with a firewall that is basically secure from the start.
The disadvantage of a “Mac OS X Server” solution is currently the still little know-how about this operating system at the schools themselves. In addition, remote maintenance without using a Mac is only possible free of charge with VNC or via SSH.
New projects are currently being formed to make the server even easier for school use. More information can be found at:
- The neoschool school server solution
- OpenMacSchoolServer
These advanced projects complement the basic functions of Mac OS X Server with a predefined user structure and file structures for schools, content filtering on the web, PC imaging, backup solutions for schools, management of Windows clients, content management for schools, an e-learning platform and a web interface for basic remote maintenance also from Windows or Linux systems.
Linux server
In the meantime, several solutions have been developed as packages for the special problems in school networks. Most Linux distributions do not incur any license fees, and they can be easily adapted to the needs of schools. The cost savings on the software side can e.g. B. invested in better hardware or in educational software .
Preconfigured server solutions for school use:
- Edubuntu
- c't / ODS school server Arktur
- Linux sample solution
- Linuxmuster.net
- Open School Server
- Skolelinux
- logoDIDACT
- IServ
- Univention Corporate Server @ school
Disadvantages of solutions based purely on Linux in schools are often the existing infrastructure with installed Windows clients and associated software.
Advantages are the relatively low costs and the open structure of an open source system, which allows any adjustments to local conditions.
The use of Linux on "obsolete", older hardware is a good starting point in schools. In order to be able to execute today's modern Linux programs on these older clients, however, Linux terminal server solutions are available, through which the computationally intensive applications are executed on a current computer and their inputs and outputs via the computer terminals upgraded, older clients are redirected.
A terminal server-terminal client solution is, however, overwhelmed with many graphic applications (e.g. video editing); Furthermore, it is estimated that a server is required for every 20 to 40 clients.
See also
literature
- Karl Sarnow (2000): Linux in school . ISBN 3-934678-21-1
Individual evidence
- ↑ mySHN
- ↑ fogproject.org . Retrieved August 1, 2014.
- ↑ odsfog.tgz ( TGZ ) Arktur school server . December 23, 2013. Retrieved August 1, 2014.
- ↑ Workshop: Setting up thin clients in the network - Configuring the Linux Terminal Server Project (LTSP) . IDG Business Media GmbH . July 28, 2012. Retrieved August 1, 2014.