Network Overhauls Increased Security, Speed and Control for These Small IT Teams

Downtime Is Not an Option for Thousands Accessing School Networks

School networking infrastructure is a major priority for K–12 IT leaders, second only to cybersecurity, according to the Consortium for School Networking’s 2022 EdTech Leadership Survey Report.

But for some districts, network solutions are just the beginning of better connectivity.

“It’s more than just a network,” says CoSN COO Robert Duke. “There are a lot of other moving pieces.” He says districts also need adequate staffing, planning and device sustainability, not to mention funding and strategies to address digital equity.

In summer 2019, Price took all these moving pieces into consideration as he looked to modernize the district’s network. Equipment was a hodgepodge, switches were at the end of life, coverage was spotty, and staffers had no easy way to monitor, control or troubleshoot network challenges.

The district was preparing for a one-to-one Chromebook deployment that Price knew the old network couldn’t handle. “It would have been a nightmare trying to maintain and provide the coverage that was needed,” he says.

The district also needed a solution that eased network management. Eight people make up the IT department, but only one focuses on the network. Plus, troubleshooting, such as fixing devices that couldn’t connect, had become an ordeal.

With partial funding from E-rate, the district implemented Wi-Fi 6 access points (APs), Series 2930F and 3810 switches, and Aruba Central. With multi-gig switches and 1-gigabyte speeds for each school, supporting those 9,000 devices is a breeze.

That became crucial in fall 2020, when in-person learning resumed and students brought their new Chromebooks to campus. IT staffers stress-tested the network to be sure it could handle the influx, but they needn’t have worried, says Price: “It was seamless.”

That’s also how IT Systems Specialist Brendan Lovelady describes network management, thanks to Aruba Central’s single pane of glass and the artificial intelligence that monitors usage for hot spots and areas needing more Wi-Fi capacity.

WATCH NOW: Learn how this one-man IT staff supports an entire K–12 school.

Vestavia Hills deployed Aruba ClearPass, which delivers role- and device-based secure network access control, after the rest of the upgrade was complete. It provides granular control — preventing devices from connecting if they lack proper security patches, for instance — and segmentation, ensuring user groups can access only the network areas they need to.

How Pflugerville ISD Found the Right Vendor for Its Networking Needs

Pflugerville ISD evaluated vendors in a “bake-off,” inviting companies onsite for timed demonstrations of their solutions. The idea was to see how long it took to load the software, set up and configure the tools, and operate within the district’s environment.

It was important to know “how it functions when you come into our data center and have us put it through the wringer,” says Victor Valdez, chief technology and operations officer for the district.

His staffers also noted the skill and certification levels of vendors’ teams to be sure their results would translate for the IT department.

“Given our small staff, we needed to look at something that was going to be manageable for us,” says Angele Fitzhenry, director of technical services.

With eight vendors for wireless and four for wired, the bake-off was time-consuming but worthwhile, says Valdez.

“When it comes to security, we have to put in this time,” he says. “We’ve heard of so many districts that are getting hit by ransomware, phishing schemes and so forth.”

Pflugerville ISD ultimately chose ClearPass, Aruba 600 Series Wi-Fi 6 APs, CX 6300 switches, AirWave network management and Aruba User Experience Insight. With funds from a 2018 bond, the district completed most of the implementation in 2020 and will add Aruba Central this year.

Improved Network Visibility Offers Better Control

Starting with Pflugerville ISD’s wired network, Senior Network Engineer Michael Bohler oversaw a phased deployment that upgraded one school at a time until the team had learned the equipment and the back-end work. Then, they rolled out to the whole district.

The big challenge was the number of connected devices for HVAC, security systems, intercoms and the like. “As we started upgrading, we realized all the things that needed to be plugged in, managed and secured,” says Valdez.

With improved visibility came better control of both inventory and security.

“One thing that makes the network so good is that nothing can be plugged into the network that we don’t want plugged in,” Bohler says.

At the same time, vendors have to connect to maintain HVAC and other systems. In the past, they used the wired network, which posed too many vulnerabilities. Bohler’s solution was simple but elegant: Lock down the network, but provide vendors with USB Ethernet adapters that permit only the necessary access.

DIVE DEEPER: What is EVPN-VXLAN, and can it benefit K–12 schools?

“A contractor can plug in, but because we’ve restricted these devices, he can’t go out to our servers or see what computers are on there,” says Bohler.

Troubleshooting instances have also dropped significantly. Instead of the IT team traveling around the district helping teachers connect printers, the Aruba solution identifies each device and assigns the proper virtual LANs.

As in Vestavia Hills, less troubleshooting means more time focused on initiatives that advance teaching and learning.

“Unfortunately, our network team had become device management people,” says Fitzhenry. “Now, they’re able to be more like enterprise network management, and that’s tremendous.”