1. No category

digital campus blueprint

Cisco Research
Broadmeadows Digital Campus Blueprint
Outlining Capability for Greener, Safer,
More Sustainable Schools
Cisco Systems
ANZ Public Sector – Strategic Programs & Solutions
Updated: September 2011
Cisco Research
Contents
Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
K –12 Architectural Framework. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Capability Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Fundamental Concepts and Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
K –12 Service Framework. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Reference Architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
The K–12 Service Framework. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Core design considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Leveraging the network for full value. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Technology Overview:
The K–12 Service Foundation – A Borderless Network Infrastructure. . . . . . . . . . . . . . . . . . . .8
Critical Technologies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Stacking switches in wiring closet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Quality of service enablement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Medianet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Smart Operations Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
IPv6 capability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1. Greener Schools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Critical Technologies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Power usage monitor in hardware. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Cisco EnergyWise. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Digital building systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2. Safer Schools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Critical Technologies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Identity management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Network admission control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Centralised access control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Cisco Integrated Security Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Video surveillance cameras using IP network infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3. Smarter and More Efficient Schools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Critical Technologies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Quality of service enablement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Intelligent recognition and management of end device. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Cisco Unified Communications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Unified communications integrated applications – improving productivity
and responsiveness and reducing costs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Remote site survivability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Virtual desktop infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Private and public clouds. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Technical Case Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Current State Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Technology Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Enabling Change: Netbook Rollout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Video Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Business use cases. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Technology solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Energy and Facilities Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Support and operations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Terms of Use. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
page 2 of 27
Cisco Research
Preface
As part of Cisco’s support for Australia’s education reform initiatives, this blueprint looks
to support state education departments in ensuring technology-enabled solutions are
complementary to the acceleration of education outcomes and objectives outlined in the
2008 Melbourne Declaration on Educational Goals for Young Children. It seeks to further
advance the value of the network in centralising, standardising and enabling efficiencies
across school systems.
This blueprint emphasises the first phase in any approach to support change at scale
across the ICT network. It establishes a baseline of network services that can be leveraged
and expanded to enable the next generation of classroom learning environment reforms.
Ultimately, this expanded network presence can be used as a platform for future integrated
child and family service delivery across regional, remote, urban and rural communities.
This blueprint also builds on recent state and Commonwealth investments in education
provided through programs such as the Digital Education Revolution; the Building
Education Revolution; the framework for educational outcomes proposed in the Melbourne
Declaration; and state-based initiatives such as Victoria’s Department of Education and
Early Childhood Development (DEECD) eduSTAR ICT Design Model for Schools: Best
Practice Guide for Implementing ICT into School Buildings work.
Scope
K –12 Architectural Framework
This blueprint is an Architectural Framework of core technical services for K–12 education
systems built across a network environment. While the implementation of the baseline
infrastructure is instrumental to building and supporting a modern learning environment,
this blueprint does not look in detail at specific system-wide approaches to efficiency,
environmental and security solutions. As such, it does not specifically address how
technology can support holistic system reform, instructional technology, learning
environment design, or the direct support of informal learning environments across the
community or integrated service delivery approaches.
In forming a blueprint for K–12 education, three core services are considered for anchoring
the network, and providing immediate benefit at scale across the system:
1. Greener Schools: As energy costs rise and administrative budgets are reduced, intelligent
and energy-efficient buildings are high on the priority list for schools and education
departments. Converging disparate building networks into a common IP backbone marries
energy efficiency, technology infrastructure and green initiatives. This may involve virtualising
the infrastructure to reduce the size and cost of the physical cable plant.
2. Safer Schools: Creating and maintaining a safe environment and protecting the welfare
of students is top of mind for schools. Traditional risk factors within schools such as physical
violence, theft and vandalism need to be mitigated. Controlled building access, or using
radio-frequency identification (RFID) tagging to protect assets, is quickly becoming a
popular practice. Emergency response capabilities are critical to counter natural or other
threats to schools.
Cisco’s Open Platform for Safety and Security (COPSS) ensures the platform and
networking are in place to provide the necessary technology to enable schools to reach
out immediately in emergency response situations. This allows schools to provide critical
information to everyone at once (including emergency services, parents, teachers and
students) to proactively reduce and thwart threats before they evolve into crisis situations.
3. Smarter and More Efficient Schools: With school budgets and funding sources tightly
monitored and regulated in the current economic climate, many Australian schools are
striving to improve operational efficiencies. Schools can increase productivity and flexibility,
reduce costs and improve responsiveness with fewer resources by using network and
technology solutions to improve communications, automate routine tasks and streamline
management and operations.
page 3 of 27
Cisco Research
The diagram below provides a visual summary of this K–12 Architectural Framework.
Cisco has produced other papers that address these specific issues, which are available
along with supporting white papers and thought leadership documents, at
www.transformglobaleducation.com. An additional community of leading practice
is supported at www.GETideas.org.
Capability Overview
Fundamental Concepts and Services
The reference architecture for the K–12 Architectural Framework is predicated on enabling
21st century learning by integrating technology in the classroom. The ‘classroom of the
future’ is service-enabled, enhancing the learning environment by facilitating collaboration
with other schools across the community, the state or even nationally.
This technology integration extends beyond the classroom to facilities management, with
digital building systems placing energy efficiency controls at the teacher’s fingertips via
XML applications integrated with the IP phone in the classroom. These controls include
climate and lighting, as well as more sophisticated intelligent building solutions that reduce
power consumption by deactivating areas of the school that are not in use, or powering off
devices after school hours.
Physical security can also be converged onto a common IP backbone within a school
and across a school district. IP video surveillance cameras and line-powered bells and
alarms can be directly integrated with the network. Video surveillance and analytics can be
monitored and stored locally at the school and centrally to enhance physical security. Bells
and alarms are integrated with emergency response applications, enabling emergency
instructions to be delivered through the communications infrastructure back to the district,
as well as to public safety and emergency service providers. Additionally, digital signage
provides real-time awareness of emergency alerts and messaging, both in the classroom
and throughout the school.
School administration applications securely converge data-rich information about students
with the communications system. Access to this information allows schools to record
student attendance and notify parents of absences via automated messages or voicemail.
Student records can be securely accessed by the school nurse via the IP phone or a
wireless handheld device in the event of a medical incident, and announcements and alerts
can be delivered to specific classrooms.
page 4 of 27
Cisco Research
Mobile communications – in the form of a Wi-Fi IP phones – can be provided to teachers,
enabling them to roam freely throughout the school, and between schools. This also gives
teachers immediate access to communications resources in the event of an emergency,
further augmenting safety and security practices at the school.
These are just some of the possibilities that can be achieved with the K–12 Architectural
Framework. By laying out the Service Framework and underlying infrastructure to
support these baseline services, schools can further expand their capabilities through
inter‑school collaboration.
K –12 Service Framework
The K–12 Service Framework is a fundamental building block of 21st century schools.
This foundation creates an infrastructure that transforms the network beyond simple
connectivity and bandwidth, to a platform for delivering differentiated services, thereby
extracting further efficiencies from the infrastructure.
The Service Framework leverages the capabilities of proven, interoperable technologies,
enabled through service tiers which are pervasive across the network infrastructure.
Services build off one another to form specific school and system offerings. Service tiers
provide a methodology for categorising and differentiating services to create solutions to
schools across K–12.
In designing any K–12 environment, these service delivery considerations must be
addressed to implement a foundation that is:
•Available and scalable
The network-as-a-platform has taken on a new role and is now considered critical
infrastructure, requiring high levels of availability and scalability. Classic perimeter security
is no longer sufficient as users become more mobile. Security must be pervasive across
all levels of the architecture and network.
•Focused on functionality
Services and solutions are integrated into the network foundation as integral offerings
to schools. For instance, security, unified communication, collaboration and mobility are
all critical elements of the network. Because the network is aware of these services and
solutions, and understands their functions, the network can make an informed decision
about how to direct relevant information across the school and system infrastructure.
•Adaptive and interoperable
An intelligent network must be able to provision, optimise, analyse and defend itself.
These capabilities must be embedded to enable self-governance, which in turn results
in lower operational costs, greater capabilities and increased adaptability. Interoperability
helps reduce duplication, inefficiencies, and training requirements. It can also reduce
communication conflicts that can arise from stand-alone proprietary systems.
page 5 of 27
Cisco Research
Reference Architecture
The reference architecture provides the foundation to deliver enhanced services and
solutions that will optimise school operations, while allowing schools to adapt and respond
to the changing needs of students and educators.
The K–12 Service Framework
The following figure is a notional architecture for a school network, based on the concepts
and methodologies of the K–12 Service Framework. This diagram depicts a Metropolitan
Area Network (MAN), which proposes a multi-school network within the state-wide system
that links central departmental systems with associated schools via Gigabit Ethernet (GigE)
connections over optical fibre.
This topology, by design, follows enterprise architecture best practices with a well-defined
hierarchical core, distribution and access layer, to further enhance the concepts and
methodologies of the design guidelines.
A similar hierarchy can be seen in individual schools featuring a similar layered network
topology, which will still allow services to be incorporated at the school level to provide
a level of autonomy, service distribution and localised management.
Core design considerations
By following key design principles, the fundamental networking architecture can support
required services regardless of a school’s location, as part of a system or a specific location
on a campus.
page 6 of 27
Cisco Research
Some of these key considerations are:
• Latency and bandwidth: GigE access where possible, as speed of access is a high priority.
• High availability: Implement a strategy for sub-second convergence. There is a need to
account for protection at the access layer. Implement a strategy that leverages centralised
and localised school services as backups for each other, ensuring there is a survival
strategy. Each school needs to be able to function on its own, should its connection
to the central system be severed.
• Quality of service: Essential for collaboration services such as unified communications,
videoconferencing, telepresence and digital media.
• Mobility: Implement high-speed wireless LANs to provide mobile access to voice
services, voice applications and multimedia services.
• Identity and confidentiality: Authentication and authorisation of endpoints and end users
on the network. Enforce encryption policies, leverage network admission control and
endpoint security strategies to mitigate risks and neutralise threats.
These and other considerations will be detailed in the next section of this blueprint, which
addresses the individual technology services that define the K–12 Reference Architecture.
Leveraging the network for full value
Resilient borderless networks are instrumental to modern learning environments. Basic
issues of connectivity, wireless access and mobility are immediately evident as necessary
to create those modern learning environments.
The network can also drive greater value by enhancing online security in teacher-student
interactions, improving efficiency by reducing the total cost of ownership (TCO) for network
systems, and improving the student experience by enabling video and user-selected devices.
Closing the “Architecture Gap”
Cisco Architectural Strategy in Action
Educational
Challenges
Increased Educational
Outcomes
Operational
Efficiency
Sm
ts
E-Learning
Video
Raise Student / Teacher
Satisfaction
ia
Consistent
Mobility
Change Student
/Teacher Interactions
C
ce
W
is
e
M
ed
Streamline
Education Efficiencies
gy
vi
s
p
Ga
Increase
Productivity
er
er
re
ctu
En
ite
Lower Energy
Costs
ch
ar
Ar
Reduce Total
Cost of Ownership
ne
t
le
an
Ai
An
Tr
u
yC
st
on
r
Se
ne
c
ct
Technology Innovation
LAN
Switching
Branch
Routing
Wireless
Datacenter
Switching
Datacenter
Routing
These services are enabled by a resilient network fabric that allows schools and state-wide
systems to develop an architectural approach to building and delivering services. Cisco’s
Service Ready Architectures and Validated Design for Schools is available at:
www.cisco.com/go/designzone.
page 7 of 27
Cisco Research
Technology Overview:
The K–12 Service Foundation – A Borderless Network Infrastructure
The foundation of the K–12 Reference Architecture is the enterprise architecture through which
all services and technologies flow for K–12 school and state-wide system environments.
Critical Technologies
Stacking switches in wiring closet
Stacked fixed-configuration switch solutions make sense in the wiring closet when:
• a modular switch is overkill
• when port density may change up or down over time without a concern about
reconfiguration downtime
• the flexibility to add new fixed-configuration switches in a phased approach is desired.
Stacked switches in the wiring closet are well suited to high demands for system uptime,
when use of existing power supplies is desired, or when management of a single switch
versus multiple switches reduces the number of devices to configure.
Cisco Systems has several stacking solutions for the wiring closet that allow the switches
to be managed as one switch and to share one or more uplinks to the distribution layer in
the building.
The Cisco stacking solutions are:
• Catalyst 2960S (single IP address for stack management, two stack ports per switch),
up to nine per stack
• Catalyst 3750X and 3750G Series (single IP address for stack management, two
StackWise ports per switch), up to nine per stack.
Quality of service enablement
Voice, video and other real-time classes of IP network services have strict requirements
concerning packet loss, delay and the variations in delay (also known as jitter). To meet
these requirements, the fabric of the K–12 Reference Architecture incorporates Quality
of Service (QoS) features throughout its infrastructure to allow the proper prioritisation of
real‑time traffic.
The QoS components for the K–12 Reference Architecture are provided through rich IP
traffic management, queuing and shaping capabilities. Key elements that enable QoS include:
• traffic marking
• enhanced queuing services
• link fragmentation and interleave (LFI)
• compressed RTP (cRTP)
• low latency queuing (LLQ)
• link efficiency
• traffic shaping
• call admission control (CAC) – bandwidth allocation
• embedded event management
• network-based traffic flow statistics gathering
• Dynamic Host Configuration Protocol (DHCP) snooping
• Cisco LAN Management Solution (LMS)
• authentication and identity services.
page 8 of 27
Cisco Research
Medianet
The infrastructure must be ‘media aware’. Rather than a network, the infrastructure forms
a media network, or medianet. A medianet is aware of the content and applications
being used and configures and optimises itself accordingly. The infrastructure devices
communicate among themselves and (in the future) with the media sources and sinks
(endpoints). By doing this, an end-to-end view of the media path through the network can
be established for monitoring and troubleshooting.
Smart Operations Environment
Managing network infrastructure devices individually can lead to significant operational
expense. Potentially hundreds of configurations must be stored, maintained and audited.
Stacking can greatly reduce the device count, but for some environments many individual
devices may remain.
A smart operations environment allows for one to two switches to maintain a database of
connected downstream switches. In this database, configuration and software information
is stored and backed up automatically to a central server. In the event of a new device
being deployed, a suitable configuration is automatically retrieved, a software image is
downloaded and the new device is provisioned in a matter of minutes. Once a smart
operations environment has been set up, the skill level required to install a new device is
greatly reduced.
IPv6 capability
IPv6 deployments are still in the very early stages in the K–12 environment. However, the
explosion of portable devices in the classroom means IPv4 address spaces – even private
ones – are being exhausted. The challenge facing administrators is to either:
• delay moving to IPv6 and re-address the IPv4 addressing scheme, thereby delaying the
inevitable need to move to IPv6
• move to IPv6 today, which raises other challenges around application support and
compatibility with IPv4-based Internet as it exists today.
When investing in a long-term infrastructure, IPv6 capabilities must be considered. Over the
next few years, IPv6 will become a viable option for network addressing and will alleviate
some issues being encountered in large-scale IPv4 environments.
page 9 of 27
Cisco Research
1. Greener Schools
Measuring, managing and monitoring energy use is key to cutting costs, power
consumption and greenhouse gas emissions, and reducing the environmental footprint of
systems and buildings.
Using converged IP-based network technology across the system can bring together
disparate sets of systems to manage power in a building, and to manage devices with a
common view and set of policies such as wireless, building, lighting and PC control. This
convergence can in turn help reduce resource use while maintaining service accessibility,
responding to growing green regulatory requirements, reducing the environmental effects
of school buildings and increasing power consumption driven by device proliferation, and
addressing growing public demands for greener facilities that meet community expectations.
Critical Technologies
Power usage monitor in hardware
On a per-port and per-device basis, power usage monitoring is the ability to monitor Power
over Ethernet (PoE) usage by client devices and aggregate this information for querying
by remote power management applications. This allows building field controllers to report
information through the converged network, as well as receive secure instructions for
operational changes.
With further enhancements, time-based power management is also possible. Through
per-port power conserving features in hardware such as the Cisco Catalyst® switching
range, devices may be controlled automatically to conserve power during off-hours. The
PoE Management Information Base (MIB) would be used to collect and interpret data from
the access layer switches.
Cisco EnergyWise
Cisco EnergyWise® technology is an innovative architecture integrated within the Cisco
Catalyst switching portfolios that promotes system-wide sustainability by reducing energy
consumption across an entire, state-wide infrastructure. It leverages a highly intelligent
network-based approach to communicate messages that measure and control energy
between network devices and endpoints. The network discovers Cisco EnergyWisemanageable devices, monitors their power consumption, and takes action based on
business rules, to reduce power consumption.
Cisco EnergyWise technology uses a unique domain-naming system to query and
summarise information from large sets of devices, making it simpler than traditional network
management tools. Its management interfaces allow facilities and network management
applications to communicate with endpoints and each other using the network as a
unifying fabric. The management interface uses standard single network management
protocol (SNMP) or Secure Sockets Layer (SSL) to integrate Cisco and third-party
management systems.
Digital building systems
Merging building and IT systems over IP can deliver efficiencies and benefits that fully
leverage the capabilities of network convergence. These benefits include:
• optimised remote control, monitoring and reporting of building systems, including
centralised management of a distributed state-wide infrastructure
• intelligent heating, ventilation, and air conditioning (HVAC) and lighting systems,
resulting in reduced energy consumption costs
• single cable plant deployment, providing compelling reductions in infrastructure
cabling costs.
page 10 of 27
Cisco Research
2. Safer Schools
A safe school employs the right tools to ensure the safety of students, staff and faculty
and responds immediately and effectively in the event of an incident. Providing a safe
school environment can be a key differentiator for student and staff recruitment. Building a
reputation for safety also facilitates broader integration of a school into the local community
and enhances the community’s reputation as a whole.
Enhancing school security does not require security solutions to be unified in one
environment, but requires collaboration between environments. Whether it is network
security, video surveillance, video analytics, emergency services, unified communications
applications, or a combination of these services, it is the convergence of these solutions
that provides a more secure school environment.
Critical Technologies
Identity management
As the number of network devices increases in schools, the need for identity management
techniques also increases. There is now a desire for a mechanism to associate identities
with the port-of-access to the LAN to establish authorised access. The IEEE 802.1x standard
ties the Extensible Authentication Protocol (EAP) to the wired and wireless LAN media and
supports multiple authentication methods.
The IEEE 802.1x standard defines a generic framework that can use different authentication
mechanisms without implementing these mechanisms outside the backend authentication
infrastructure and client devices. The standard specifies a protocol framework between
devices desiring access to a LAN (supplicants) and devices providing access to a
LAN (authenticators).
Network admission control
Within the state-wide and school environment, protecting sensitive student and staff
information is a top priority. Network admission control provides registration and enforcement
utilities that allow a school or state-wide network administrators to authenticate, authorise
and evaluate users and their machines in a controlled environment prior to granting access
to the network and internal resources – either through wired or wireless access. Being able
to deploy network admission control in out-of-band or in-band topologies allows flexibility in
implementation, as well as the ability to address wireless and VPN access.
Some of the key benefits of deploying network admission control include the following:
• Multiple user groups can have defined roles correlated to the areas of the network they
can access.
• Full network admission control features are available for wireless networks and those
users entering via VPN connections.
• Guest access control, to define the areas they can access.
• Security and encryption for staff can be for specific areas only.
• Automatic security policy updates can be enforced throughout the state.
• Authentication and authorisation with single-sign-on.
Centralised access control
Even with a relatively limited number of devices on the network to manage, maintaining
robust access security on those devices over time is a challenge. With the addition of new
user groups – including teachers, thousands of students, administrators and guests – the
security challenge grows exponentially.
page 11 of 27
Cisco Research
A centralised access control system receives requests from devices throughout the
network, then checks credentials, clearances, authorisations and posture – the collection of
attributes that play a role in the conduct and ‘health’ of the endpoint device that is seeking
access to the network. That means Cisco Secure Access Control Server for Windows
(ACS) has to interact with various external user databases (Microsoft Active Directory or
LDAP) and engines to come up with the right decision. Cisco Secure ACS then registers
the request and enforces the relevant action on the network device – allowing the right
access to the right user. Cisco Secure ACS can act on both user access and device
administration policies.
Cisco Secure ACS supports both key device protocols – RADIUS and TACACS+ – required
for identity and access control. This allows access control to be centralised in a single
system. Cisco Secure ACS has the interfaces to interoperate with existing identity and
policy databases and systems to make multi-dimensional access policy decisions. It is not
just a single server, it is a system that can be deployed and distributed as needed to meet
availability, performance and resiliency requirements. Cisco Secure ACS provides the tools
and interfaces to manage deployments supporting large numbers of users and network
devices. Cisco Secure ACS reporting, alerting and troubleshooting capabilities provide
maximum visibility into authentication and authorisation activities across the network.
Cisco Integrated Security Features
The network switches that handle wired and wireless user access to the network are
often the source locations for attacks on an internal network. These switches are also the
best place to protect the network. Specific features in the wireless network hardware and
software can help prevent these types of common attacks, including:
• MAC flooding attacks
• DHCP rogue server attacks
• DHCP exhaustion attacks
• ARP spoofing attacks
• IP spoofing attacks.
The Cisco Integrated Security Features (CISF) enables these preventative measures.
Features such as Port Security, DHCP Snooping, Dynamic ARP Inspection and IP Source
Guard are used at the network edge, to stop these attacks closest to the source.
Video surveillance cameras using IP network infrastructure
Schools and administrative regions can use centralised digital network to store captured
video for review and analysis.
page 12 of 27
Cisco Research
3. Smarter and More Efficient Schools
Leveraging the reference architecture for the K–12 Architectural Framework, Cisco Unified
Communications delivers innovative and integrated solutions that ensure the central
department is communicating in the most effective and efficient manner. These IP-based
communication services improve state-wide communications, safety and productivity,
while offering significant cost savings to optimise operational efficiency.
Through more effective network use, schools can improve asset management by better
conforming to appropriate usage policies and providing more consistent user experiences
across physical and virtual campus environments. A resilient network is important to drive
video usage in classrooms, secure cloud and wireless environments, and manage the
proliferation of devices.
Critical Technologies
Quality of service enablement
Voice, video, and other real-time classes of IP network traffic have strict requirements
concerning packet loss, delay and the variations in delay (also known as jitter). To meet
these requirements, the reference architecture for the K–12 Architectural Framework
incorporates QoS features to allow the proper prioritisation of real-time traffic, such as traffic
classification, queuing, traffic shaping, compressed Real-Time Protocol (cRTP) and TCP
header compression.
Intelligent recognition and management of end device
As the variety of PoE devices and capabilities increase over time (IP phones, access points,
building operations), the network’s ability to understand what is physically connected to the
Ethernet ports becomes even more critical. Different devices draw different amounts of
power, have different traffic profiles, and may have different VLANs associated to multiple
functions. Network hardware should be able to communicate with these devices, recognise
them, and automatically make the appropriate network modifications to support the end user.
Cisco Systems has implemented several enabling hardware and software technologies
throughout the network to support seamless Unified Communications. When an Ethernet
device is connected in a school building, the Ethernet switch will automatically sense
the type of device connecting and automatically apply the following functions using
six key technologies:
• Power: determines what kind of power the device needs, including PoE pre-standard or
IEEE 802.3af, applies the power, monitors power use while connected and reports power
consumption to management tools.
• VLAN association: determines what type of device is connected, then applies the proper
VLAN policy to the device.
• Automatic QoS enablement: enables QoS on the port to properly match the traffic profile
of the device.
• Trust boundary: determines appropriate trust levels for the device based on trust policies
in force across the network, and puts these into effect immediately.
• Location detection: provides CDP information to the device, which allows it to register
location-to-location services (CER) on the network.
• Auto Smartport: uses custom macros to automate the handling of device enablement.
Cisco Unified Communications
Unified Communications is the delivery of fully integrated communications, by enabling
data, voice and video to be transmitted over a single network infrastructure using
standards-based IP.
page 13 of 27
Cisco Research
Unified communications integrated applications – improving productivity
and responsiveness and reducing costs
By leveraging the flexibility provided by XML applications that use the IP phone as a
delivery endpoint, schools can improve productivity and responsiveness and reduce costs.
Examples include:
• Student attendance: take attendance, record absences and send messages to the
student’s parents via Cisco Unified Messaging across the K–12 infrastructure.
• Real-time look-up of student records: for medical information, data and parent contact
information.
• A single interface to reach emergency services: school or state-wide emergency
messages delivery, weather/natural disasters notification, photo notification of on-site
visitors, etc.
Remote site survivability
In a school and system-wide environment, survivable remote site telephony (SRST) allows
the use of a centralised call-processing model, while providing backup communications
paths in case of a network failure across the WAN or MAN. Upon a WAN/MAN failure, the
school IP phone or gateway registers the failure on the SRST-enabled router, which then
provides telephony services for locally connected phones and PSTN voice modules.
• All Cisco IP Phones are supported.
• VG224, VG248, or ATA 180 Series can be used for analogue devices.
• Flexibility of PSTN trunk choice – FXO, DID, E1, BRI & PRI.
Virtual desktop infrastructure
As portable computing numbers increase exponentially in the classroom, a number of new
challenges are arising for Australian education systems.
Students and teachers increasingly want the flexibility of bringing their own devices into
classroom environments. This is potentially challenging on a number of fronts, including:
maintaining security while allowing access to a standard service-oriented architecture
(SOE) for these devices, and catering to low-power computing devices for high power
applications such as video.
Desktop virtualisation decouples the desktop operating system from the client device. The
applications and operating system reside in a data centre and client devices access them
via a lightweight screen-sharing protocol.
What is
a Virtual
Desktop?
page 14 of 27
Cisco Research
By virtualising desktops, any client device can access the virtualised operating system
and applications. Desktop virtualisation extends the life of client devices by a number of
years, as CPU and other capabilities do not need to increase to support more complex
applications. It also allows schools to support almost any client device, be it smartphone,
Apple, Microsoft Windows or a tablet-based option.
Private and public clouds
There is plenty of interest around cloud-based offerings, with good reason. In K–12 learning
environments, both public and private cloud solutions warrant consideration.
• Public cloud: Open or public clouds for K–12 solutions pose some challenges, including
concerns about student information being stored by third parties and the need to protect
access to that data.
• Private cloud: This presents some viable options for schools that do not want to own
and maintain large amounts of infrastructure, but still want the ability to deploy their own
server-based applications (or virtual desktop environments).
Infrastructure as a Service (IaaS): Infrastructure hosted in a central data centre allows
technicians in schools to provision servers via a portal with a choice of operating system,
RAM, storage and CPU configurations. Suitable applications can be deployed on the virtual
server and it can be used as a normal physical server at the school. A service catalogue
can be established, allowing commonly deployed server configurations and applications
to be chosen via the portal and rapidly deployed. This gives a school all of the advantages
of running its own server infrastructure without the complications of power, space, cost
and maintenance.
Software as a Service (SaaS): This provides schools with a service catalogue of hosted
applications, allowing them to subscribe to these applications and have them delivered
via the underlying network infrastructure. Similar offerings already exist in most state-run
educational systems, but it is important to understand that the infrastructure supporting
the IaaS offering above is identical to the infrastructure for the SaaS offering.
Conclusion
Cisco’s Borderless Networks architecture is being used in K–12 learning environments
across Australia and around the world to consolidate multiple networks into a single IP
network. This allows more efficient delivery of IT functionality within, and across, multiple
schools, as well as the provision of additional services across the network to improve the
experience for students and staff with an anywhere, anytime and any device approach.
The Cisco Borderless Network Architecture uses the power of the network to provide:
• a consistent policy architecture for staff, students and guests
• transparent mobility with location services for anytime, anywhere learning and asset
tracking
• security for devices on the local network and across cloud services, enabling
collaboration with other schools, law enforcement and school departments, while
maintaining student privacy
• reduced energy costs and improved sustainability for efficient and cost-effective operation
• optimised application performance for video and Web 2.0 services, providing a more
engaging learning environment
• policy-based access control and identity-aware networking, to enable access and
collaboration while protecting business-critical applications
• compliance with current and future educational regulatory requirements.
page 15 of 27
Cisco Research
Case Study:
Broadmeadows School Regeneration Project
Technical Case Study
Introduction
The Broadmeadows School Regeneration Project (BSRP) Digital Campus involves
establishing a sound foundational network infrastructure in schools, to enable nextgeneration teaching and learning. The BSRP is located in the suburb of Broadmeadows,
Australia, 16 kilometres north of the Melbourne CBD. The project represents a large multiyear capital investment by the Victorian Government, aimed at redeveloping the learning
environment to improve teaching and supporting student outcomes in this economically
challenged and increasingly diverse community.
The BSRP Digital Campus employs a foundational network infrastructure on BSRP
campuses that have sufficient capabilities to support next-generation learning
technologies, such as video technology, which can be used to support student learning
and teacher development, and to improve campus safety and security.
Cisco performed a high-level review of existing campus LAN and wireless LAN – as well as
the campus WAN connectivity currently being deployed – and looked at opportunities for
enhanced operational efficiency in unified communications and energy management.
Current State Summary
Table 1: BSRP current state summary
School
WAN
LAN
IPT
CCTV
Dallas (and Upfield merged) Primary School and
Kindergarten
Bethal Primary School
Broadmeadows Primary School
Broadmeadows Special Developmental School
Coolaroo South Primary School
Dallas North Primary School
Hume Valley School
Hume Central Secondary College (HCSC)/(Town Park)
Meadows Primary School
Broadmeadows Valley ( Dimboola St)
Deployed
Optioned
Deferred
page 16 of 27
Cisco Research
Technology Summary
Table 2 provides a high-level overview of technology deployed across the BSRP campus,
and links these solutions back to the guiding principles of the blueprint.
Table 2: Borderless network architecture blocks
Technology
Description and Assessment
LAN and WAN
Switching and
Routing
The WAN is managed by Telstra under the eduSTAR portfolio of services known as the
VicSMART Wide Area Network.
More information: http://www.education.vic.gov.au/about/directions/vicsmart/faqs.htm
The service consists of a Cisco ISR router that delivers speeds between 4 mbps and
20 mbps depending on the school’s bandwidth requirements. This service provides
connectivity to DEECD shared services such as eduMail and the Internet.
LAN is based on Cisco Catalyst 3750 as the core switch and Cisco Catalyst 3560
as the administration and access switches.
Observations:
• Hume Central Secondary College (HCSC) reported regular high utilisation on
the WAN link.
• Only the merged schools at the Dimboola Road Campus (HCSC), Meadows Primary
School and Broadmeadows Valley Primary School reported a LAN infrastructure
as described above.
Wireless LAN
The Victorian DEECD is in the process of deploying the eduSTAR.net wireless network
– a Wireless LAN infrastructure that will be implemented in all Victorian Government
schools and as a robust and fully managed enterprise wireless network.
Observations:
• Wireless LAN was deployed across three schools in the BSRP campus.
Unified
Communications
There is limited deployment of IP telephony across the BSRP campus. It is important
to outline that a unified communications system goes beyond just IP telephony and
includes elements such as presence, instant messaging, audio conferencing, web or data
collaboration, unified messaging (a common message store for voicemail, email, and faxes),
mobility, and/or telepresence, which are all accessible in an ad hoc, multimodal fashion
through a single client interface or within an embedded application interface.
Some of the other elements of unified communications are discussed in the Building
Quality Standards Handbook, DEECD, (2008). http://www.eduweb.vic.gov.au/edulibrary/
public/propman/facility/BuildingQualityStandardsHandbook.pdf
Observations:
• Schools reported some use of Microsoft SharePoint Workspace (previously known
as Microsoft Grove).
• Schools also use Skype for communication.
Video Pedagogy
Schools used the borderless network infrastructure to enable more video-based
collaboration. This included a number of innovative approaches under the Victorian
DEECD’s Ultranet project.
http://www.education.vic.gov.au/about/directions/ultranet/default.htm
page 17 of 27
Cisco Research
Technology
Description and Assessment
Video Security
Video security is deployed across:
• Hume Central Secondary College (HCSC)
• the Dimboola Road campus (HCSC)
• Meadows Primary School
• Broadmeadows Valley
Observations:
• There are three independent systems in place, although centralised monitoring
or management has not been enabled.
Refer to the Video Security section of this document for additional information.
Facilities and
Energy Efficiency
Network-enabled building management systems were not deployed as part of the BSRP.
Enabling Change: Netbook Rollout
This initiative, which commenced in 2009, has provided approximately 10,000 students with
a wireless-enabled netbook to use anywhere, at any time. The first year of the trial produced
several highlights, and many teachers reported marked increases in student engagement;
increases in the volume and quality of student work produced; and students taking a
greater role in managing their own learning.
The netbook trial is continuing, with the rollout extending across the following regions
and student groups:
• Loddon Mallee Region: Year 7
• Barwon South Western and Grampians regions: Year 6
• Northern Metro Region (Hume cluster): Years 5–8
There are more than 1,500 netbooks available within the Broadmeadows schools (shared
between approximately 3,500 students). These netbooks are a critical tool in enabling
effective use of video. The EduStar 2.0 project contains the following audiovisual
applications:
• Audacity – A free, open-source software for recording and editing sounds
(http://audacity.sourceforge.net)
• Debut Video Capture Software – An easy-to-use video recorder program that lets users
capture video files directly onto their computer
(http://www.nchsoftware.com/capture/index.html)
• DVD Flick – A simple but powerful DVD authoring tool that lets users take a number of
video files stored on their computer and turn them into a DVD that can be played back in a
DVD player, media centre or home cinema (http://www.dvdflick.net)
• Format Factory – A multifunctional media converter (http://www.formatoz.com/)
• HandBrake – An open-source (general public licence), multiplatform, multithreaded video
transcoder, available for Mac OS X, Linux and Windows (http://handbrake.fr/details.php)
• Pencil – A free, open-source animation and drawing program for Mac OS X, Windows, and
Linux, which lets users create traditional hand-drawn animated cartoons using bitmap and
vector graphics. (http://www.pencil-animation.org)
page 18 of 27
Cisco Research
• Pivot Stickfigure Animator – A unique program that allows users to create stick figure
animations easily and without any artistic skills
(http://www.snapfiles.com/get/stickfigure.html)
• QuickTime Player – A powerful multimedia technology with a built-in media player that
lets users view online video, high-definition movie trailers and personal media in a wide
range of file formats (http://www.apple.com/quicktime/what-is/)
• Songsmith (Academic Edition) – A program that generates a musical accompaniment to
match a singer’s voice. The user only needs to choose a musical style and sing into the
computer’s microphone, and Songsmith will create the backing music
(http://research.microsoft.com/en-us/um/redmond/projects/songsmith/)
• VLC media player – A powerful media player that plays most media codecs and video
formats (http://www.videolan.org/vlc)
• VirtualDub – A video capture and processing utility for 32-bit and 64-bit Windows
platforms (http://www.virtualdub.org/)
• Wax 2.0 – A flexible, high-performance video composition and special effects software
(http://www.debugmode.com/wax/)
• Windows DVD Maker – An application included in premium editions (Home Premium
and Ultimate) of Windows Vista, Windows 7 and above editions, which allows users to
create DVD movies that can be played using DVD-playback software or on a standalone
consumer DVD player
• Windows Live Movie Maker – A program that lets users create movies and slide shows
from photos and videos, and share them with friends and family
(http://explore.live.com/windows-live-movie-maker)
• Windows Media Center – A piece of software that turns a PC into a powerful TV, bringing
TV shows and entertainment to one place
(http://www.microsoft.com/windows/windows-media-center/what-is-it/default.aspx)
• Windows Media Player – A standard inclusion in Windows, that lets users watch and
listen to multimedia entertainment
(http://windows.microsoft.com/en-US/windows/products/windows-media-player).
While the above list of software provides comprehensive capabilities for media recording
and playback, there is still scope to further enhance the power of the netbooks by enabling
them with:
• a high-quality VoIP client that supports voice and video calling between devices in the
DEECD network
• access to a web-conferencing and collaboration service to allow device-to-device web
meetings and e-learning class delivery
• access to a social video system (in the DEECD cloud) that helps create highly secure
video communities in which to share ideas and expertise.
Video Security
Overview
School administrators are entrusted with creating a safe learning environment for their
students and staff. In primary schools and pre-school environments, the main safety
concern is monitoring entries and exits to the school, to make sure unauthorised adults do
not enter or leave with a child. In secondary schools and high schools, major goals include
preventing violent activities such as theft, graffiti, vandalism, and fighting and bullying
between students.
IP-enabled video surveillance at the Broadmeadows school campus enhances security
and safety for staff, students and visitors, and for facilities and equipment, by connecting
page 19 of 27
Cisco Research
separate video surveillance systems. In addition to video analytics, the value of video
surveillance has grown significantly with the introduction of motion, heat and environmental
sensors. Video surveillance enables school administrators to monitor activities within
individual campuses and throughout the Broadmeadows school precinct, so they can
prevent, deter, detect, and respond to safety incidents.
Business use cases
Based on the BSRP experience, the following seven examples demonstrate best practice
use of the network to improve security.
Table 3: Video security use cases
ID
Use Case
Descriptions
VID-SEC-01
Enhance student safety
Video surveillance enables real-time response and intervention.
VID-SEC-02
Improve response time
Increased situational awareness through an IP-connected video
network means faster responses to emergencies.
VID-SEC-03
Monitor student activity
Administrators and staff can view video from wired and wireless
cameras across school grounds at any time, simultaneously.
VID-SEC-04
Protect campus assets
Centralised management optimises resource allocation
by allowing remote monitoring after school hours or during
summer vacations.
VID-SEC-05
Involve parents
Limited video access to specific classrooms or for specific
activities can encourage greater parental participation and
engagement in the educational process.
VID-SEC-06
Manage devices
and alarms from a
centralised location
Centralised management allows all campus security systems
to be controlled from one centralised location with the ability to
transfer control and monitoring to any other point in the network
in an emergency.
VID-SEC-07
Place cameras where
needed on the campus
Wireless camera options allow camera placement without
additional wiring.
Technology solution
Video security solutions include software and hardware to support video transmission,
monitoring, recording and management. The video surveillance solution works in unison
with the advanced features and functions of the IP network infrastructure – switches,
routers and other network security devices – to enable secure, policy-based access to
live and recorded video. All components of the video surveillance solution are linked on an
intelligent IP network and resilient infrastructure with high availability.
A key part of the video surveillance solution is its ability to enable education administrators
and security personnel to view, manage and record video locally and remotely using the
IP network and a standard Internet browser. Video can be securely accessed anywhere, at
any time, enabling faster response, investigation and resolution of incidents. Video can be
recorded and stored locally or off-campus (for example, in a Security and Facilities Operation
Centre), allowing it to be managed and aggregated with video from multiple locations.
Network-centric video surveillance solutions are easier to manage and deploy and provide
standardised capabilities throughout the Broadmeadows school precinct.
page 20 of 27
Cisco Research
Solution components – IP cameras
Table 4: Examples of video surveillance IP camera components
Device
Description
IP cameras
Feature-rich, professional digital cameras have an enhanced progressive scan imager
for excellent video and colour – even in the most demanding lighting conditions. These
fully featured high-resolution cameras use MPEG-4 compression to produce DVD-quality
video. They also include automatic day/night mode, dual streams, bi-directional audio,
motion detection, alarm inputs and outputs, and an analogue BNC connector for ease
of installation.
IP dome cameras
High-resolution, feature-rich digital IP dome cameras deliver superior performance in a
wide variety of environments. These vandal-resistant, rugged, outdoor cameras can cope
with high or low temperatures, moisture and dust.
IP gateway
encoders
IP gateway encoders enable a wide range of analogue video cameras – including pan-tiltzoom (PTZ) models – to be connected and controlled over an IP or Ethernet network. In
many cases, IP gateway encoders eliminate the need for analogue matrix switches, fibre
optic distribution amplifiers and multiplexers, and physical security personnel can access
the video in remote locations over the IP network, reducing video surveillance deployment
and operational costs.
Solution components – network-centric
Table 5: Examples of video surveillance centralised management components
Software
Description
Media Server
The Media Server software manages, stores and delivers video for network-centric video
surveillance, and performs the following networked video surveillance system functions:
• Collection and routing of video from a wide range of cameras and encoders over an IP
network
• Secure local, remote and redundant video archiving capabilities
• Event tagging for review and archiving purposes
• Bandwidth management for live distribution and historical recording.
Operations
Manager
Operations Manager enables users to efficiently and effectively configure and manage
video throughout the campus. The software provides a secure web portal to configure,
manage, display and control all video in an IP network. This allows users to manage a large
number of security assets, cameras, encoders, DVRs and event sources, as well as digital
monitors powered by Virtual Matrix.
Operations Manager authenticates and manages access to video feeds. It is a centralised
administration tool for managing media servers, virtual matrices, cameras, encoders and
viewers – and for viewing network-based video.
page 21 of 27
Cisco Research
Sample solution (Blair Street)
Figure 1 – Blair Street video security
Energy and Facilities Management
Introduction
Measuring, managing and monitoring energy use is central to reducing overall costs,
organisational power consumption, greenhouse gas emissions, and total environmental
footprint. Using converged IP-based network technology to connect disparate systems can
improve power management in schools and other DEECD buildings.
This can be achieved using devices with a common view and set of policies such as
wireless control, building control, lighting control and PC control. This in turn helps reduce
resource consumption while maintaining service accessibility. It helps building operators
respond to increased ‘green’ regulatory requirements; reduce the environmental effects
of school buildings; cut growing power consumption driven by device proliferation; and
address growing public demands for greener facilities.
Technologies
Power usage monitor in hardware
On a per-port and per-device basis, a power usage monitor checks PoE usage by client
devices, then aggregates this information for query by remote power management
applications. Building field controllers can report information through a converged network,
as well as receive secure instructions for operational changes.
page 22 of 27
Cisco Research
With further enhancements, users can achieve time-based power management. Through
per-port power conserving features in hardware, devices may be controlled automatically
to conserve power after hours. The PoE MIB would be used to collect and interpret data
from the access layer switches.
Intelligent Environmental Controls
Intelligent climate and lighting controls enable the DEECD and schools to reduce and
optimise their energy consumption. Intelligent controls can reduce or power down
environmental controls when building are not occupied.
Cisco EnergyWise Technology
Cisco EnergyWise is an innovative architecture, added to the existing Cisco Catalyst
switching portfolio, which can promote system-wide sustainability by reducing energy
consumption across an entire state-wide infrastructure.
Cisco EnergyWise uses a highly intelligent network-based approach to communicate
messages that measure and control energy between network devices and endpoints.
The network discovers Cisco EnergyWise manageable devices, monitors their power
consumption and takes action based on business rules to reduce power consumption.
EnergyWise uses a unique domain-naming system to query and summarise information
from large sets of devices, making it simpler to manage than traditional network
management tools.
Cisco EnergyWise’s management interfaces allow facilities and network management
applications to communicate with endpoints and each other, using the network as a unifying
fabric. The management interface uses standard SNMP or SSL to integrate Cisco and thirdparty management systems.
Digital building systems
Merging building and IT systems over IP creates efficiencies that fully leverage the
capabilities of network convergence. These benefits include:
• optimised remote control, monitoring and reporting of building systems, including
centralised management of a distributed state-wide infrastructure
• intelligent HVAC and lighting systems, resulting in reduced energy consumption costs
• single-cable plant deployment, reducing infrastructure cabling costs.
page 23 of 27
Cisco Research
Support and operations
Operational support
The introduction of new or changed IT services will create additional support requirements
for the DEECD support team. The following section lists the baseline skills for operating
the proposed infrastructure, as a guideline for its future implementation. Table 6 provides a
benchmark of the functional roles that should be allocated, while Table 7 outlines the skills
required to operate and maintain each technology solution described in this document.
Table 6: Baseline operational support matrix
ITIL role
Support function
Comment
Incident
management
Level 1
A core function of this role is the ability to work as part of a team with a solid work ethic,
a willingness to learn and a can-do attitude. This role is expected to work in a busy
environment and to ensure satisfactory outcomes for users. This role is not expected
to have deep networking skills, but must be able to follow and understand basic
troubleshooting processes, and must be able to clearly document the result of various
troubleshooting steps in the event of an incident.
Configuration
management
Level 2
The responsibilities of this role include diagnosing and resolving client incidents, and
performing prescribed changes to the network within DEECD’s agreed service levels. This
role is accountable for deploying devices, and monitoring and reporting on production
devices. This role will typically have a varied background and hands-on desktop, server
and network experience, and is expected to have a good understanding of networking
technologies.
Problem
and change
management
Level 3
This role will work as the hands-on technical lead to support the development of all
strategies for the network and related services. The role also includes liaising with vendors
and external service providers, and providing general stakeholder management on a
single program of work. The role is a mix of operational maintenance and support, solutions
development and technical environment governance.
Service lifecycle
designer
IT Architect
The purpose of this role is to develop and maintain appropriate infrastructure architectures
across DEECD’s overall ICT solutions. This role will represent the infrastructure group and
act as a stakeholder in the project teams of all IT programs across the schools. This role is
responsible for developing functional solutions; estimating effort and funding requirements
of new infrastructure-related services; making decisions that impact other dependent
programs; and taking responsibility for the lifecycle of all infrastructure solutions deployed
in the schools. This role will participate in the development of solution architectures in
collaboration with other solution architects and engineers, including vendor, business, data,
security and applications architects. This role will provide architecture leadership across all
DEECD ICT teams, projects and business groups. This role formally participates in DEECD’s
Enterprise Architecture forum.
page 24 of 27
Cisco Research
Table 7: Functional Operational Support Matrix for BSRP
Functional role
Knowledge
required
Campus LAN
dot1x
Layer 2 VLAN’s
ITIL function
Incident
Management
Role
performed by
Level 1
Core responsibilities
Core competencies
• A basic understanding of IT networking technologies
• Ability to understand and document user issues
Basic IP
internetworking
• Excellent verbal, written, presentation and influencing skills
Port assignment
Service and support
• Evaluating, determining and resolving a range of user or
hardware problems
User/Password
policy
management
• Following escalation procedures to ensure efficient resolution
of on-site issues
• Instructing/Training users on connectivity processes
Educational background and experience
• 1+ years experience in networking technologies
• CCNA training preferred
Unified
Communications
Voice and video
technologies
MGCP
SIP, H323, H239,
H264
Unified
messaging
Incident
Management
Level 1
Core competencies
• A basic understanding of voice and data technologies
• Excellent communication, written and collaboration skills
Service and support
• Following escalation procedures to ensure efficient resolution
of on-site issues
• Instructing/Training users on unified communications
activities
Education background and experience
• 2+ years experience in IP communications streams
page 25 of 27
Cisco Research
Conclusion
There are numerous pressures on schools today, many of which are clearly focused on
student outcomes. The Broadmeadows School Regeneration Project (BSRP) demonstrates
the important link between the learning environment and learning outcomes.
Creating change affects the facilities, faculty and school campus as a whole. In considering
change, schools today – like those in the BSRP – must ensure student experience and
performance remains a priority. School leaders are realising that the possibility of student
achievement attracts a new students and the best teachers available.
The success of the BRSP shows that the future of education is an activity, not a place.
The campus will be virtual, and it can be borderless. As we move to that virtual campus
environment, we will see more demand from teachers wanting upload lesson plans or
learning material instantly to a learning management system. We will see more demand by
parents wanting to know their children are in a safe learning environment so students can
focus on their academic and athletic performance. We will see more demand for rich media
and visual learning content that works on any device anywhere, and in doing so, facilitates
the learning process.
Securing these elements through a standardised operating environment and resilient
network is the foundation of ensuring the success of these changes. Together, these
components will clear the pathway to a better learning environment for all. This is the
achievement and promise of the BSRP, and the foundation of this technical blueprint.
page 26 of 27
Cisco Research
Terms of Use
Legal Disclaimer
The information contained in this Architectural Framework document is proprietary and
confidential to Cisco Systems, Inc. (Cisco). The Architectural Framework document is
furnished in confidence to the party requesting the document, with the understanding that
it will not, without the express written permission of Cisco, be used or disclosed for other
than evaluation purposes.
This Architectural Framework document is not and should not be construed as an offer
to contract. Some information contained in this Architectural Framework document may
reference future technology under development. All such information is subject to change.
It should be noted that, in preparing this Architectural Framework document, Cisco has
made certain assumptions. Except as expressly stated in the Architectural Framework
document or as otherwise expressly agreed upon in writing by the parties, any descriptions,
documentation, or references to third party products, to the extent they are provided in this
Architectural Framework document, shall be for informational purposes only.
Trademarks
Every effort has been made to identify trademark information in the accompanying
text. However, this information may unintentionally have been omitted in referencing
particular products. Product names that are not so noted may also be trademarks
of their respective manufacturers.
Cisco, Cisco Systems, the Cisco logo, Cisco IOS, IOS and WebEx are registered trademarks
of Cisco Systems, Inc.
©2011 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A
listing of Cisco’s trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the
word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Intel, the Intel Logo, Intel Core, and Core Inside are trademarks of Intel Corporation in the U.S. and other countries.
EG1637/GRD1185/0911
page 27 of 27

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz