People always ask me how we modernized the extensive IT infrastructure for the San Francisco Unified School District, the seventh largest school district in California, with more than 55,000 students.
I believe it's important to start by acknowledging — and communicating to all stakeholders — that the process will take time. Think of IT modernization as a journey to be completed in several phases, not as a quick fix.
When we started this process back in 2007, most of the district's 160 sites relied on 1.5-megabit-per-second T1 lines. In our larger high schools, that meant 2,000 or more students, teachers and staff shared a single T1 line.
We also ran our traffic on an outdated, low-bandwidth network with no centralized data center. Many of the servers were distributed in branch offices and schools districtwide, which was inconvenient given SFUSD's 49-square-mile coverage area. Our systems administrators had to drive from site to site to manage changes and upgrades or to handle a networking issue. Often, the servers were plugged in to a power strip under someone's desk. If a custodian unplugged a server to vacuum at night, it remained offline until one of the systems administrators could get to the site and power it up again.
Lighting the Way
Here are six best practices that came out of SFUSD's infrastructure modernization experience.
1. Get Buy-in from Stakeholders
Nothing happens without support from the taxpayers. In 2008, San Francisco voters passed Proposition A, a school parcel tax that funds the district in excess of $20 million annually for 20 years. SFUSD uses the tax money to boost teacher salaries, increase professional development and invest in information technology.
Prop A provided us with capital to get started. But there are other options. To maximize funding, apply for discounts on telecommunications services, Internet access and internal connections via the Schools and Libraries Program of the Universal Service Fund (also known as E-Rate).
Finally, make sure that district leaders are engaged in the early planning, support the costs and are frequently updated on the progress of the modernization work that's taking place.
2. Forge Close Ties with the Curriculum and Facilities Departments
Work with curriculum and instruction team members to identify expectations for technology use in schools. This often requires some creative interpretation to identify what's needed to meet goals today and to "future proof" for explosive capacity growth in the years ahead.
It's also important to work with facilities management personnel to coordinate technology infrastructure dependencies for such things as dedicated space for data closets, power, cooling and data cabling.
Most of SFUSD's sites ran on antiquated Category 3 cabling and, in some cases, had legacy token-ring cabling, so it became clear early on that upgrading cabling and electrical capacity would be critical. There's no use in buying the latest switches, routers, virtualized servers and wireless gear if your electrical systems can't handle the load.
$4.8 million The amount of E-Rate funding the San Francisco Unified School District received for its wide area network upgrade
3. Build a Centralized Data Center Where You Can Secure and Harden All of Your Services
In the past, SFUSD servers were distributed throughout the district, which made data management cumbersome and time-consuming. Today, we've virtualized close to 80 percent of our servers, all of which reside on racks in a centralized data center at the district's headquarters in San Francisco. Now, the majority of our computing resources are in one place, which makes it much easier for us to manage changes and patches, to respond to outages, and to provision new servers and services.
For example, we used to have schools running their own student information servers, which provide class schedules, as well as attendance and student discipline data. These have been consolidated into the data center and are now virtual servers, which increases reliability and improves data consistency. This migration also has eliminated the need for schools to fund server replacements over time.
Forming strong ties with the facilities management team also came in handy when we needed to specify our power and cooling needs for the data center. We worked very closely with the facilities team, which provided reliable power for both technology equipment and redundant cooling systems by adding a diesel generator out in the parking lot that automatically provides power during any extended utility power outage.
4. Deploy a Fiber Ring Around the District
After we secured the funding, worked out our power requirements and made plans to build a new data center, our top priority was improving the district's bandwidth access.
Today, we have a 10 Gigabit Ethernet fiber ring throughout the district, and each site has a Gig-E connection from the school or administration building to the fiber ring. This increased our bandwidth by nearly 700 times, which put us in a position to support the voice, data and video traffic that modern teaching and learning require.
5. Improve Access from the Wide Area Network to the Desktop
We are currently transitioning the local area networks from 10Base-T Ethernet and 100Mbps Fast Ethernet to Gigabit Ethernet. Each network closet on every floor received Gigabit Ethernet switches and, where possible, a 10 Gig-E uplink to the main data closet. What's more, our users now have a dedicated Gig-E connection back to the wiring closet.
We also eliminated the Gig-E uplink bottleneck to pass more traffic from closet to closet and floor to floor at 10 Gig-E speeds. Each closet also will soon have Power over Ethernet (PoE) switches to support Voice over IP phones, wireless access points and other network devices without having to add electrical outlets.
6. Extend Access with Wireless Networking
Students, teachers and administrators expect to use their wireless devices today. By leveraging PoE provided in the LAN upgrade, we can vastly expand the deployment of wireless access points throughout the classrooms and common areas.
Extending wireless access also puts SFUSD in a position to support the bring-your-own-device trend. We've started down the BYOD path by offering guest Internet access to students, teachers and administrators who bring their own smartphones and tablets to school. Users can browse the web, check email and use productivity apps without compromising the district's network security.
BYOD can become a thorny issue, of course — especially when not all students' families can afford smartphones or tablets. This shouldn't stop a district from rolling out wireless, however. Even if your district decides to have students use only school-issued devices, those products contain wireless cards. Wireless will provide flexibility for teachers, help districts comply with statewide mandates for online testing and help students work collaboratively.
The Right Technology for the Job
Here's an overview of the technology that powers San Francisco Unified School District's modernized infrastructure.
Fiber ring technology: Cisco Catalyst 6509-E virtual switching system clusters in four hub sites
10 Gigabit Ethernet switches: Cisco Catalyst 3750X for edge and distribution Gigabit Ethernet switches; Cisco Catalyst 3750G and Cisco Catalyst 2960-S for Layer 2/Layer 3 local switching and access layer mixture of Power over Ethernet, depending on the closet and Voice over IP/wireless requirements
Wireless access points: Mixture of Cisco Aironet 1142N and Cisco Aironet 1131G wireless access points running via Cisco Wireless Services Module and Cisco Wireless LAN Controllers (the district is migrating to Ruckus ZoneFlex 7363 and Ruckus ZoneFlex 7982 wireless access points running on a pair of redundant Ruckus ZoneDirector 5000 WLAN controllers)