Opening the door and peering into the wiring closet where network devices are installed can be an intimidating experience. These rooms tend to be filled with white noise (generated by fans moving air which is cooled by air conditioners that operate day and night during all seasons) and racks of switches with large tangles of cables connected to ports with blinking green (or at least you hope green) lights indicating healthy connections. Other devices found in those rooms have far fewer ports and cables, but they are the most important devices as one (the unified threat management appliance) protects the network and its data from malware (viruses) and other threats (including hackers who attempt to hijack your data for ransom or use your network to their own purposes) and another (the gateway) connects all of the devices on your network to the Internet.
It is possible to “break” the network by disconnecting the wrong cable or turning off the wrong device in the wiring closet. To keep the network safe, the prudent IT professional will secure the closest and the devices it contains, but the prudent school administrator will understand how to gain access if necessary.
Who has access to the IT network can be a contentious topic in school IT management. IT professionals know how to configure it and they (very reasonably) want to minimize unskilled and unauthorized individuals from accessing it. School leaders can generally be considered unskilled in regard to IT network administration, so it is reasonable to limit their ability to access certain features of the network configuration. At the same time, school administrators are the individuals who are ultimately responsible for what happens in schools and who might need to take steps to prevent previously authorized individuals from accessing the network. In most situations, IT professionals and school administrators are professional and ethical (even when they disagree), but IT networks (and the data contained on them) are too valuable to be controlled by too few individuals.
As computers and networks have become vital for school management and teaching and learning, it is no longer appropriate for school leaders and teachers to avoid understanding the many services that keep the IT networks in their schools functioning for students and teachers. Everyone involved with IT management in schools must be able to differentiate local area networks from the Internet (to understand the total costs, management options and limitations, technology support); and also differentiate consumer, business, and enterprise networks (and the complexities of the management tasks that arise from large scale networks).
Local Area Networks
Local area networks (LAN) entered most educators’ experience in the mid-1990’s when the first servers to be regularly accessed by teachers and students arrived in schools. Early uses of LAN’s in schools included connecting multiple computers to a shared a printer and sharing files using a folder (or directory) on a server which multiple users could access. As educators began to understand the advantages of networks, the LAN’s in buildings became connected in more sophisticated ways. In many school districts, different campuses were connected to a single LAN so teaching resources developed in one school could be used in another, computers in different buildings could be accessed from a single location, and business operations could be consistently and efficiently managed from all sites.
In textbooks that introduce computer networks, readers often find descriptions of metropolitan area networks which are networks that extend across cities. Few network administrators use that term, and school IT managers are likely to hear IT professionals refer to the LAN which connects users access across many campuses. In rural areas, LAN’s can connect schools separated by many miles.
As Internet technologies matured and became more sophisticated, they have been used for many purposes that were once fulfilled with servers located on local area, but LAN’s continue to be an essential aspect of school infrastructure. The easiest way to differentiate the LAN from the Internet is to answer the question “Who has physical access to and control over the devices?” Those that an individual can physically touch in a school building are part of its LAN, otherwise it is likely an Internet resources. Of course, actually touching a server requires access to the locked wiring closet where they are secured; select IT professionals and school leaders should be the few who have keys to those doors. Network users also access many LAN and Internet services via web browsers another application, so the experience of using network resources often is the same for LAN and internet resources for the user.
As the boundaries between the Internet and LAN services have blurred, it has become more difficult to predict which services are provided by LAN resources and which are provided by Internet resources. Consider the example of library card catalogs. The long drawers filled with index cards documenting a library’s collection were replaced with databases decades ago. (I used the drawers until I earned my undergraduate degree in 1988. When I returned to the same library two years later when enrolled in a graduate course at the university, the cabinets had all been replaced with computer terminals.) Because the databases containing library catalogs are large and they are accessed frequently, the first digital card catalogs tended to be installed on LAN servers. Requests to view records were sent through circuits to a server located quite close to the client computer from which a library patron requested the record. Technicians and LAN administrators configured and managed the hardware and software that made the card catalog available to library patrons by going to the library and unlocking the closet where the computers were running.
As we will see in the next chapter, card catalogs are now web-based services and schools pay a fee to store their card catalogs on the Internet. Librarians continue to maintain the database storing their collection, but the computers on which the information is stored are maintained by technicians at other sites (sometimes sites far removed from the school). This change has been possible, inpart, because the network connections between the library and Internet are sufficiently robust and reliable that patrons get library information as quickly over the Internet as they did over the LAN previously.
Fundamental Concepts of Networking
Fundamentally, computer networks are simple systems. To build a network, one provides a pathway to move data from one node to another (through electrical signals transmitted over wires or radio signals that travel through the air), gives every node a unique address (so the network “knows” where to deliver packets), and then keeps track of it all (so the network “knows” where to direct each packet of information so it arrives at the correct address).
A consumer network can be set up for less than $100 and has sufficient capacity to provide robust and reliable connections for (perhaps) 10 devices using it at any moment. To create a consumer network environment, one visits an electronicsstore or office supply store (or web site) and purchases a device that functions as the gateway between the computers and the Internet and routes traffic from the small network to the Internet; the same device assigns addresses to each node, and sends packets to each node within the small network. The nature of the cable that connects the gateways to the circuits outside the building depends on the service purchased from an Internet service provider (ISP); sometimes it is a coaxial cable, sometimes an Ethernet cable, and rarely a telephone cable. Typically, one configures the following on a consumer network as well:
- Wireless access, so that mobile devices can connect to the network;
- Filtering to prevent access to certain sites or to set other rules to limit what can be accessed, when it can be accessed, and on which computers can access the network;
- Firewall to deny unwanted incoming traffic access to the network.
The ease with which one can set up a consumer network can lead technology-savvy consumers (including teachers and school leaders who may be involved with IT management in schools) to misunderstand the task of managing the networks necessary to provide robust and reliable network connections to the hundreds of networked computers and devices in schools. Those require IT professionals to install and manage business or enterprise networks. Consumer devices are designed to be “plug-and-play” systems, so many of the essential functions are preconfigured into the devices as defaults settings and these will work with the defaults settings that are set on consumer devices. As long as nothing is changed, and the number of devices is fewer than about 10, a consumer network will be reliable and robust.
Business class networks are built using network devices with circuits that provide robust and reliable connections to several tens of users. In all but the smallest schools, enterprise networks are necessary to provide sufficient performance. Enterprise networks are very sophisticated and the devices necessary to provide adequate performance on an enterprise network are far more expensive than consumer or business grade devices. Consider, for example, switches; these devices provide additional ports, so devices can share a single connection to the network. On a home network, one might use a switch to allow three desktop computers in a home office to access the Internet through a single cable. On an enterprise network, the system administrator might use a managed switch to connect two new computer rooms full of desktops to the network. The switch (with five ports) for home would cost less than $50, but the enterprise switch (with 48 ports) would cost around $5000. Notice the difference in relative price; consumer ports cost about $10 per port. Enterprise ports cost more than $100 per port!