Master Show - To Parent Directory
advertisement
ICT Technician’s Update Conference 17 March 2008 Introduction Penny Patterson You Tube and Schools Penny Patterson Network Access Control Steve Hanna Juniper Networks Network Access Control for Education By Steve Hanna, Distinguished Engineer, Juniper Co-Chair, Trusted Network Connect WG, TCG Co-Chair, Network Endpoint Assessment WG, IETF Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› Implications of Expanded Network Usage Critical data at risk As Access Increases Mission-critical network assets Mobile and remote devices transiting the LAN perimeter Broader variety of network endpoints Perimeter security ineffective Endpoint infections may proliferate Network control can be lost Network Security Decreases Faculty, staff, parent, and/or student access Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› Network Access Control Solutions Features Control Access • to critical resources • to entire network Based on • User identity and role • Endpoint identity and health • Other factors With • Remediation • Management Benefits Consistent Access Controls Reduced Downtime • Healthier endpoints • Fewer outbreaks Safe Remote Access Safe Access for • Faculty, Staff • Students, Parents • Guests • Devices Network access control must be a key component of every network! Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› What is Trusted Network Connect (TNC)? Open Architecture for Network Access Control Suite of Standards to Ensure Interoperability Work Group in Trusted Computing Group (TCG) Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› TCG: The Big Picture Applications Desktops & Notebooks •Software Stack •Operating Systems •Web Services •Authentication •Data Protection Printers & Hardcopy Mobile Phones Storage TCG Standard s Servers Networking Copyright © 2008 Juniper Networks, Inc. Security Hardware www.juniper.net ‹#› TNC Architecture Overview Access Requester (AR) Policy Enforcement Point (PEP) Policy Decision Point (PDP) Wireless Wired Network Perimeter Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› Typical TNC Deployments Uniform Policy User-Specific Policies TPM Integrity Check Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› Uniform Policy Access Requester (AR) Policy Enforcement Point (PEP) Policy Decision Point (PDP) Remediation Network Non-compliant System Windows XP SP2 x OSHotFix 2499 x OSHotFix 9288 AV - McAfee Virus Scan 8.0 Firewall Production Network Compliant System Windows XP SP2 OSHotFix 2499 OSHotFix 9288 AV – Symantec AV 10.1 Firewall Copyright © 2008 Juniper Networks, Inc. Network Perimeter Client Rules Windows XP - SP2 - OSHotFix 2499 - OSHotFix 9288 - AV (one of) - Symantec AV 10.1 - McAfee Virus Scan 8.0 - Firewall www.juniper.net ‹#› User-Specific Policies Access Requester (AR) Guest User Ken – Faculty Linda – Finance Policy Enforcement Point (PEP) Policy Decision Point (PDP) Guest Network Internet Only Classroom Network Access Policies - Authorized Users - Client Rules Finance Network Windows XP OSHotFix 9345 OSHotFix 8834 AV – Symantec AV 10.1 Firewall Copyright © 2008 Juniper Networks, Inc. Network Perimeter www.juniper.net ‹#› TPM Integrity Check Access Requester (AR) Policy Enforcement Point (PEP) Policy Decision Point (PDP) TPM – Trusted Platform Module - Hardware module built into most of today’s PCs - Enables a hardware Root of Trust - Measures critical components during trusted boot - PTS interface allows PDP to verify configuration and remediate as necessary Production Network Compliant System TPM Verified BIOS OS Drivers Anti-Virus Software Copyright © 2008 Juniper Networks, Inc. Client Rules - BIOS - OS - Drivers - Anti-Virus Software Network Perimeter www.juniper.net ‹#› TNC Architecture in Detail Access Requester (AR) Policy Enforcement Point (PEP) Policy Decision Point (PDP) (IF-M) t Collector IntegrityCollector Measurement Collectors (IMC) Verifers Integrity Verifiers Measurement Verifiers (IMV) (IF-IMC) (IF-IMV) (IF-TNCCS) TNC Server (TNCS) TNC Client (TNCC) (IF-PTS) Platform Trust Service (PTS) TSS (IF-T) Network Access Requestor (IF-PEP) Policy Enforcement Point (PEP) Network Access Authority TPM Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› TNC Status TNC Architecture and all specs released • Available Since 2006 from TCG web site Rapid Specification Development Continues • New Specifications, Enhancements Number of Members and Products Growing Rapidly Compliance and Interoperability Testing and Certification Efforts under way Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› TNC Vendor Support Access Requester (AR) Policy Enforcement Point (PEP) Policy Decision Point (PDP) Endpoint Supplicant/VPN Client, etc. Network Device FW, Switch, Router, Gateway AAA Server, Radius, Diameter, IIS, etc. Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› TNC/NAP/UAC Interoperability Announced May 21, 2007 by TCG, Microsoft, and Juniper NAP products implement TNC specifications • Included in Windows Vista, Windows XP SP 3, and Windows Server 2008 Juniper UAC and NAP can interoperate • Demonstrated at Interop Las Vegas 2007 • UAC will support IF-TNCCS-SOH in 1H2008 Customer Benefits • Easier implementation – can use built-in Windows NAP client • Choice and compatibility – through open standards Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› NAP Vendor Support Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› What About Open Source? Several open source implementations of TNC • University of Applied Arts and Sciences in Hannover, Germany (FHH) http://tnc.inform.fh-hannover.de • libtnc https://sourceforge.net/projects/lib/tnc • OpenSEA 802.1X supplicant http://www.openseaalliance.org • FreeRADIUS http://www.freeradius.org TCG support for these efforts • Liaison Memberships • Open source licensing of TNC header files Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› Summary Network Access Control provides • Strong Security and Safety • Tight Control Over Network Access • Reduced PC Administration Costs Open Standards Clearly Needed for NAC • Many, Many Vendors Involved in a NAC System • Some Key Benefits of Open Standards • Ubiquity, Flexibility, Reduced Cost TNC = Open Standards for NAC • Widely Supported – HP, IBM, Juniper, McAfee, Microsoft, Symantec, etc. • Can Use TPM to Detect Root Kits TNC: Coming Soon to a Network Near You! Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› For More Information TCG Web Site • https://www.trustedcomputinggroup.org Juniper UAC Web Site • http://www.juniper.net/products_and_services/ unified_access_control Steve Hanna • • • • • Distinguished Engineer, Juniper Networks Co-Chair, Trusted Network Connect Work Group, TCG Co-Chair, Network Endpoint Assessment Working Group, IETF email: shanna@juniper.net Blog: http://www.gotthenac.com Copyright © 2008 Juniper Networks, Inc. www.juniper.net ‹#› LGfL Network 2009 - 2012 Stuart Tilley Synetrix Technician Conference – Network overview and proposed enhancement 2008 - 2012 17th March 2008 Presented by :Stuart Tilley - Network & Systems Overview • Introduction • Current Network Overview • Proposed Technology Refresh – – – – – Core Network Access Network Access bandwidth URL filtering Edge CPE • Summary Introduction • Current Network Implemented in April 2002 • Designed and Built by Synetrix a key LGfL service provider • Emerging Technology (MPLS) and vendor choice has provided a platform for; – – – – Delivery of High availability and scalable Broadband services Secure and safe educational environment New service development and delivery Shared community network (LPSN) • Network Refresh - keeping pace with technology to and beyond 2012 The London Network – Physical Topology Enfield Barnet Haringey Harrow Waltham Forest Romford Newham Camden Park Royal Tele House Hayes Earls Court Welling Lambeth Bexley Heath Richmond Lewisham Core Core Network Node Merton AP Aggregation Point Croydon Core 10Gbps Links Bromley Nodal Loop 1Gbps Nodal Loop 100Mbps Purley The London Network Physical Network Topology • 3 Core locations and 21 Aggregation Points serving 33 London Authorities • Resilient dark fibre connecting core locations (10Gb/sec – OC192 SDH) • AP’s connected to core by resilient nodal loops currently 1Gb or 100Mb capacity • Resilient Service Hosting – SLB • Resilient Tier 1 ISP’s (Thus, Abovenet, UKERNA, BBC) – Total Internet Capacity 6Gbps • All Broadband services delivered over fibre (scalable bandwidth) The London Network – Logical Waltham Forest Camden 6Bone VPN1 VPN1 Native IPv6 peering VPN2 VPN2 BGP4 VPN3 AP AP Edge sites connected at 2, 5, 10 & 100Mbps Ethernet BBC BGP4 Edge sites configured Into appropriate VPN at any AP 100Mb 160Gbps Router 1Gbps UKERNA 2Gbps BGP4 2Gbps VPN 3 VPN 1 VPN 2 VPN1 Edge sites access core services via resilient MPLS core/access network with QoS applied dependant on application VPN2 VPN3 Internet or BGP4 10 Gb c ps e MPLS VPN's 10 Gb p AP sc or Newham e Telehouse Participate in same L2 broadcast domains as Earls Court SLB 1Gbps 160Gbps Router VPN 3 VPN 1 VPN 3 VPN 2 URL URL Participate in same L2 broadcast domains as Park Royal 160Gbps Router VPN 1 Virus Virus email email & & Web Web Virtual Firewalls Dark Fibre - 0C192 MPLS (10Gbps) SHDS or Dark Fibre - 100M-2.4Gbps MPLS SHDS - WES 100Mbps URL URL Virus Virus Gigabit Firewall SHDS - WES 1000 (1Gbps) SLB MPLS VPN's 10Gbps core MPLS VPN's VPN 2 Virtual Firewalls Park Royal Earls Court MPLS IP VPN's LEA1 LEA2 LEA3 vpn 1 vpn 2 vpn 3 Gigabit Firewall Author Stuart Tilley Date 25/01/2006 email email & & Web Web The London Network Logical Network • MPLS core network • Dedicated RFC2547bis Layer3 VPN’s – Provides fully routed Virtual WANs per ‘customer’ (LEA or LA) – Totally autonomous routing policy and access control per Virtual WAN – WMSv1 & v2 – Virtual WANs distributed across complete physical network • QoS Support Network Statistics • • • • • Total of edge bandwidth purchased 23Gbps Total traffic transiting network 3Gbps (average) Total capacity of Juniper access layer 228Gbps Total Capacity of Juniper core 480Gbps Total Internet Bandwidth - (Sept 2002) 30Mbps today averaging over 2Gbps • HTTP traffic via URL service 1.5GMbps • Requests served from Cache 400Mbps Proposed Core Technology upgrade • Upgrade existing Juniper M160 with Next Generation MX960 • Fully resilient chassis (redundant HW) such as; – – – – Power Supplies Cooling fans Routing Engines (RE) Switch Control Board • Fully resilient design/configuration – Dual Dense Port Concentrators (DPC’s) 10G + 1G – Support resilient backbone and core switching • JUNOS code – leading standards development • Low risk migration Proposed Core Technology Upgrade Proposed MX960 core build Telehouse Core MX960 Juniper 1 PEM 0 1 2 3 YELLOW ALARM MASTER 0 ® NETWO RKS FAIL OK FAIL OK FAIL OK OK FAIL NC C NO NC C MX960 NO OFFLINE OK FAIL RED ALARM ACO/LT ONLINE FAN RE 0 OK OK FAIL RE 1 OK FAIL OK FAIL FAIL OK FAIL OK FAIL OK FAIL OK FAIL OK FAIL 0 1 2 3 4 5 0 1 2 6 7 8 9 10 11 ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE OK/FAIL OK/FAIL OK/FAIL OK/FAIL 2/0 2/5 FABRIC ONLY FABRIC ACTIVE OK/FAIL 0/0 0/5 2/0 2/5 1/0 1/5 3/0 3/5 FABRIC ONLY FABRIC ACTIVE 0/0 0/0 TUNNEL TUNNEL LINK LINK RE-S-1300 RE-S-2000 0/0 1/0 1/5 DPC 40xGE DPC 4x10GE DPC 40xGE DPC 4x10GE SCB SCB OK/FAIL 0/0 0/5 0/0 1/0 1/0 TUNNEL TUNNEL TUNNEL LINK LINK LINK TUNNEL LINK 3/0 3/5 0/0 0/0 TUNNEL TUNNEL LINK LINK 0/0 0/0 TUNNEL TUNNEL LINK LINK s p Gb 10 1G bp s Earls Court Core Park Royal Core MX960 MX960 Juniper ® NETWO RKS PEM 0 1 2 3 0 MASTER 1 ONLINE YELLOW ALARM NC FAN OK FAIL OK FAIL OK FAIL OK FAIL OK FAIL C NO NC C OK FAIL Juniper MX960 NO OFFLINE RE 0 OK RED ALARM ACO/LT ® NETWO RKS PEM 0 1 2 3 0 MASTER 1 ONLINE NC FAN RE 0 OK FAIL FAIL OK OK FAIL OK FAIL OK FAIL OK FAIL OK FAIL OK FAIL OK FAIL OK FAIL OK FAIL OK FAIL RED ALARM C NO NC C MX960 NO OFFLINE RE 1 OK FAIL YELLOW ALARM ACO/LT OK FAIL RE 1 OK FAIL OK FAIL FAIL OK OK FAIL OK FAIL OK FAIL OK FAIL FAIL 0 1 2 3 4 5 0 1 2 6 7 8 9 10 11 0 1 2 3 4 5 0 1 2 6 7 8 9 10 11 ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE ONLINE OK/FAIL OK/FAIL DPC 40xGE DPC 4x10GE 0/0 0/5 SCB OK/FAIL 2/0 2/5 OK/FAIL FABRIC ONLY FABRIC ACTIVE FABRIC ACTIVE 0/0 TUNNEL TUNNEL LINK LINK LINK RE-S-1300 TUNNEL TUNNEL LINK LINK LINK 0/0 TUNNEL LINK 1/0 1/5 3/0 3/5 1/0 1/5 3/0 3/5 0/0 1/0 1/0 TUNNEL TUNNEL TUNNEL LINK LINK LINK TUNNEL LINK 3/0 3/5 0/0 1/0 1/5 RE-S-2000 RE-S-1300 RE-S-2000 0/0 1/0 1/0 TUNNEL 0/0 2/0 2/5 0/0 TUNNEL LINK 0/0 0/0 0/5 FABRIC ONLY FABRIC ACTIVE 0/0 TUNNEL 3/0 3/5 OK/FAIL OK/FAIL 2/0 2/5 FABRIC ONLY FABRIC ACTIVE 0/0 1/0 1/5 DPC 40xGE OK/FAIL OK/FAIL 0/0 0/5 FABRIC ONLY DPC 4x10GE OK/FAIL 2/0 2/5 SCB OK/FAIL OK/FAIL DPC 40xGE DPC 4x10GE DPC 40xGE DPC 4x10GE SCB SCB OK/FAIL 0/0 0/5 0/0 0/0 TUNNEL TUNNEL TUNNEL LINK LINK LINK TUNNEL LINK 10Gbps 0/0 0/0 0/0 0/0 TUNNEL TUNNEL TUNNEL TUNNEL LINK LINK LINK LINK Aggregated 10Gbps uplinks supporting L2 & L3 services Stack 10G 1 1 2 MGMT 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 41 42 43 44 45 46 47 48 45x 46x 47x 48x Solid ON = Link Blinking = Activity 45x 46x 47x 48x Solid ON = Link Blinking = Activity 2 MGMT 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 41 42 43 44 45 46 47 48 45x 46x 47x 48x Solid ON = Link Blinking = Activity 45x 46x 47x 48x Solid ON = Link Blinking = Activity 2 STACK NO. FAN PSU-I PSU-I PSU-E TM 2 36 37 38 39 40 CONSOLE Shared Ports Summit X450e-48p Stack 10G 1 1 MGMT Stack 10G 1 1 2 STACK NO. FAN PSU-E 48 TM 2 MGMT 36 37 38 39 40 CONSOLE Shared Ports Summit X450e-48p Stack 10G 1 1 2 STACK NO. FAN 48 2 STACK NO. FAN PSU-I PSU-I PSU-E PSU-E Summit X450e-48p TM Extreme Virtual Switch providing server aggregation Shared Ports CONSOLE Summit X450e-48p TM Shared Ports Extreme Virtual Switch providing server aggregation CONSOLE Proposed Access Technology Upgrade • Replace Existing M10 with Juniper M10i • Fully resilient chassis (redundant HW) such as; – – – – Power Supplies Cooling fans Routing Engine (RE) Forwarding Engine Board (FEB) • Fully resilient Design/Configuration – 2 x 1Gbps Nodal loop Interfaces – 2 x 1Gbps Virtual switch uplinks (initial deployment) Proposed Access Technology Upgrade • Replace Existing Extreme S48i aggregation switch with Juniper EX4200. • Redundant Power supply • Virtual Chassis Configuration (max 10) • 48 port 10/100/1000 capability • Architecture design based high end core routing products – Packet Forwarding Engine – Routing Engine Proposed Access Technology Upgrade • Fully resilient design\configuration – Virtual chassis deployment – Multiple 1Gbps uplinks (resilience) Existing Design Proposed Design Aggregation Point (AP) Aggregation Point (AP) 1Gbps Nodal Loops 1Gbps Nodal Loop Fully resilient M10i (redundant PSU, routing and forwarding engines) 100Mbps Nodal Loop Juniper NETWORKS 3 2 1 0 Ethernet 1000BASE-X SFP ETHERNET 1000 BASE LX/SX/LH LINE STATUS RX ACTI V ITY ACTIVITY LINK STATUS 0/ TX RX ETHERNET 100BASE-TX Ethernet 1000BASE-X SFP LINE STATUS RX ACTI V ITY ACTIVITY LINK 1/ LT TX RX Internet ETHERNET 1000 BASE LX/SX/LH STATUS STATUS PORT 0 RX LINK STAT US M10 TM PORT 1 RX LINK NETWORKS PORT 2 RX LINK PORT 3 RX LINK Juniper ETHERNET 1000 BASE-TX R P rocessor ETHERNET 1000 BASE-TX ETHERNET 100BASE-TX 3 STATUS PORT 0 RX LINK PORT 1 RX LINK STAT US PORT 2 RX LINK PORT 3 RX LINK MGMT LINK ACT LINK ACT LINK PIC 0/3 PIC 0/2 PIC 0/1 PIC 0/0 PIC 1/3 PIC 1/2 PIC 1/1 PIC 1/0 2 PICS ON/OFF 0/2 0/1 1 PC CARD 0/0 0/1 AUX/MODEM MGMT AUX/MODEM MGMT HDD MASTER RESET MINOR ALARM CONSOLE OFFLINE PC CARD 0/0 FAIL JUNIPER NETWORKS LABEL THIS SIDE PORT 0 CONSOLE ONLINE RE-400 MAJOR ALARM 0/2 FAIL JUNIPER NETWORKS LABEL THIS SIDE PICS ON/OFF ACT 0/3 PORT 1 HDD MASTER RESET MINOR ALARM PORT 0 1/ 0 RE-400 MAJOR ALARM 0/3 PORT 1 LINK AUX/MODEM ACT 0/ CONSOLE ONLINE OFFLINE Resilient 200Mbps Capacity Links 1 50 RT 49 RT PO MT MG PO 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 41 40 42 43 44 45 46 47 48 2Gbps Aggregated Uplink CONSOLE 49 EX4200 48 port 10/100/1000 switches (max 10 per stack) Extreme Networks Summit48si 50 R 1 50 RT 49 RT PO MT MG PO 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 41 40 42 43 44 45 46 47 48 CONSOLE 49 Extreme Networks Summit48si 50 R 2, 5, 10, 100 Service delivery BT LES service Active Equipment (A end) Virtual Switch Point to Point fibre delivered via ‘A’ end and ‘B’ end BT serving exchange 2, 5, 10, 100 & 1000Mbps Service delivery Sample AP Configuration BT LES service Active Equipment (A end) BT LES service Active Equipment (B end) BT LES service Active Equipment (B end) Edge Site Edge Site 1 50 RT 49 RT PO MT MG PO 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 1 POR MT MG 50 T POR 49 T CONSOLE 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 CONSOLE 49 50 Extreme Networks Summit48si R 49 50 Extreme Networks Summit48si R Access Bandwidth Upgrade • All current 100Mbps nodal loops upgraded to 1Gbps – – – – – – – – – – – – Merton – Croydon Merton – Earls Court Bromley - Croydon Bromley – Welling Lewisham - Welling Welling – Bexleyheath Romford – Bexleyheath Romford – Telehouse Waltham Forest – Camden Haringey – Camden Haringey – Barnet Hayes - Harrow • Prevent degradation of service in the event of primary loop failure • Enhanced Traffic Engineering capability Access Bandwidth Upgrade Enfield Barnet Haringey Harrow Waltham Forest Romford Newham Camden Park Royal Tele House Hayes Earls Court Welling Lambeth Bexley Heath Richmond Lewisham Merton Croydon Core AP Bromley Core Network Node Aggregation Point Core 10Gb Links Nodal Loop 1Gbps Purley URL Filtering Platform Enhancements • Evaluation exercise underway “Squid MkII” vs Bluecoat 8100. • Scaled to 2.5Gbps (N+1 resilience total 5Gbps) • Additional Active/passive F5’s deployed to scale beyond 2.5Gbps • Current total filtered traffic 1.5Gbps • Expect 500Mbps year on year increase URL Filtering Platform Enhancements 32GB RAM for super fast access to the most frequently accessed cached-objects. Represents a 16x performance benefit over current hardware 2x 1Gbps copper ethernet interfaces. One facing the internet, the other facing the user, representing a 10x performance improvement over current hardware 2x 4-Core CPU allowing 8 concurrent execution threads/ process to handle users requests, cache-lookups and drive the high-performance XFS file system 4-Core CPU SQUID Represents a minimum of 8x performance benefit over current hardware XFS Allocation Groups allow concurrent (multi-threaded) access to stored objects. 4-Core CPU XFS Filesystem Supports stripe-aligned storage blocks for better RAID performance Balanced-Trees for fast i-node lookups Ideal for many small files (typically 25KB) EXT3 Filesystem for operating system Disk 1 Disk 2 Operating System (RAID1) Mirrrored Disks Hot-Swappable Disk 3 Disk 4 Disk 5 Disk 6 Disk 7 Cached Objects (RAID5) Hot-Swappable Represents a 4x performance benefit over current hardware Disk 8 Replacement CPE • • Extreme 24e3/S200 replaced with Juniper J2320 Features – – – – • Forwarding performance IMIX 400Mbps 3DES performance 170Mbps 4 onboard 10/100 ports 3 Physical Interface Card (PIM) slots ES code – Combines session state information/next hop forwarding • MPLS support fast reroute (resilient fibre services) Summary • • • High availability, scalable future proof infrastructure Low risk implementation/migration Continued delivery of existing Network Centric services such as; – – – – – – • Securestore Desktop Content Control (DCC) Campus Monitoring Protection (CMP) High Definition Video Conferencing (HDVC) Secure Remote Access (SRA) Broadband Resilience Service (BRS) Enhanced distributed functionality – enabling new service developments such as: – – – – Virtual Private LAN Services (VPLS) Broadcast video High capacity Resilient Broadband Services Security Services Per-User URL Filtering Stewart Duncan Technical Manager Current URL Filtering • LGfL URL Filtering Service is based around the NetSweeper Product • Policies can currently be configured by IP address and time of day • Reporting features are available to report on IP based sessions What is required? •Schools and LAs would like to identify end users for reporting •Have the ability to setup different policies for individual users or groups of users •IT Managers and Head Teachers need the ability to track URL traffic for an individual rather than a specific IP address What are LGfL doing to help? • LGfL working with Synetrix and Atomwide to enable the platform to offer Per-User /Group level Filtering • Enabling the USO to link with the NetSweeper Platform • Allow local management of User Policies through a web based front-end Where we are so far • A trial is currently taking place in various locations across London • So far the trial is going well and bugs are being identified and cleared up What does it Look like? The new front end allows configuration of multiple groups each with a separate policy. What does it Look like? Here you can configure which users belong to which policy within the USO. What does it Look like? Users are then prompted to log in when they run Internet Explorer and try and access the web. What does it Look like? If users try and breach the policy they belong to, the standard deny page is displayed with details of the Group Name they belong to. Summary • Per User Level Filtering will be available for Schools and LAs soon. • It is available from Synetrix • Support is available on 08700 636465 (option 1) or by email. • The service will cost: • £145 setup and £225 per year SIF The Schools Interoperability Framework Rupert Hay Campbell Barking and Dagenham SIF in Barking & Dagenham Rupert Hay-Campbell Contents • What is SIF? • About Barking & Dagenham – MIS systems in use – Data requirements & issues • SIF in Barking & Dagenham What is SIF? • In the UK SIF has developed out of a number of Government initiatives: – Harnessing Technology – School Management Information systems and value for money Recommendation 3 That Becta will establish a supplier-independent and open interoperability architecture to create the opportunity for improved interoperability at the school level and at the LEA or regional broadband consortium (RBC) level. Additionally Becta’s interoperability arrangements will draw, to the maximum extent possible, on ongoing work across Government on interoperability standards. School Management Information Systems and Value for Money, Becta 2005, p. 4 What is SIF? • An open standard, launched in the USA in 1997 – Over 300 software vendors, school districts and other organisations are members • A standard, not a product • Standards are developed by the members, not imposed by a central authority • Clear governance model • Certification of products What is SIF? • Hub and spoke model of data integration • Zone Integration Server – A software application that acts as the hub ensuring that data is routed to the correct applications • SIF agent – A piece of software that connects an application to the ZIS SIF – Publish/Subscribe model 2. The ZIS works out which applications subscribe to the data items Data SIF Agent LA Zone Integration Server SIF Agent LA Main System 1. A change is made to the data held in a publishing application 3. The Data is then sent to the subscribing applications SIF Agent School Network SIF Agent SIF Agent Catering System Data School MIS Library System SIF – Request/Response model 1. An application requests data relating to an object SIF Agent 3. The provider responds with the requested data LA Zone Integration Server SIF Agent LA Main System SIF Agent 2. The ZIS identifies the default provider for the object and routes the request School Network SIF Agent SIF Agent Req. Catering System Data School MIS Library System What is SIF? What would a national SIF infrastructure look like? • Multiple zones • Hierarchy of zones • What happens to school census? Data challenges • Large number of data systems in schools and Children’s Services • Data systems do not share information – Inefficient working with large scale re-entry of data, data errors and inconsistencies • ContactPoint and LDQT represent significant challenges • Learning Platform developments Further information Rupert Hay-Campbell MIS Adviser Tel: 020 8270 4880 Email: rupert.hay-campbell@lbbd.gov.uk Web sites: www.sifinfo.org/uk http://localauthorities.becta.org.uk/index.php?section=ndi&catcod e=la_ndi_02 The LGfL USO Ian Lehmann Operations Manager What is USO? Unified Sign On (USO) A term used by LGfL to describe an authentication system where the same username and password is used to gain access to a wide variety of systems. In this scenario it is necessary to enter the username and password once for each service that is accessed. However, a user can alter his/her password in one place and have that change propagate to all systems What is the LGfL USO? • A database of users within London and the UK • A database of users which can be maintained by nominated contacts in schools and Local Authorities • A system for authenticating against LGfL protected resources both Web (Shibboleth) and non-web based. Service access illustration for LGfL USO User Account holders: All Users USO Username Single Username & Password LGfL Podcast service LGfL Weather Station monitoring system LGfL Premium content The Digitalbrain portal Click to Meet video conferencing system Sophos Anti-Virus update service Windows Update Services (WSUS) LGfL Support services and advisory web sites PAN London Admissions System Other VLE/MLEs, including: It’s Learning, Moodle, First Class Uniservity Adobe Connect web collaboration suite Atomwide WebScreen Atomwide Shibboleth enabled Email Filtering Atomwide VPN Remote Access Services Synetrix USO Integrated Filtering (UIF) Synetrix Email Systems’ Email Content Control Synetrix Remote Secure Access Service Synetrix E-Safety Service LGfL MLE (Fronter) LGfL StaffMail LGfL LondonMail LGfL MailProtect With ADSync and/or LASync options Access to School LAN ‘Home’ and ‘Shared’ areas, and to applications authenticated via the local AD Access to LA AD authenticated applications inc.: Capita SIMS Learning Gateway Service access illustration for Non Full-USO User Account holders: Digitalbrain Username For Digitalbrain Service, plus: LGfL Podcast service LGfL Weather Station monitoring system LGfL Premium content The Digitalbrain portal LGfL MLE (Fronter) Fronter Username For Fronter Service, plus: USO Username (Staff Only) For USO/Shibboleth services, inc.: With ADSync and/or LASync Access to School LAN ‘Home’ and ‘Shared’ areas, and to applications authenticated via the local AD Access to LA AD-applications inc.: SIMS Learning Gateway SharePoint Corporate Services Shibboleth-enabled services: Atomwide/LGfL USO-only Services: Click to Meet video conferencing system Sophos Anti-Virus update service Windows Update Services (WSUS) LGfL Support services and advisory web sites PAN London Admissions System Other VLE/MLEs, including: It’s Learning, Moodle, First Class, Uniservity Adobe Connect web collaboration suite Atomwide WebScreen Atomwide Shibboleth-enabled Email Filtering Atomwide VPN Remote Access Services Synetrix USO Integrated Filtering (UIF) Synetrix Email Systems’ Email Content Control Synetrix Remote Secure Access Service Synetrix E-Safety Service LGfL StaffMail LGfL LondonMail LGfL MailProtect What other advantages does the LGfL USO provide? • The USO provides a school or Local Authority with one database of users for authentication against any service. • The LGfL USO can provide authentication for the Per User Level Filtering service offered by NetSweeper. • The LGfL USO can also be used to synchronize with the local school or LA Active Directory system. What does ADSync Look like? The LGfL USO ADSync does provide one Username and Password for all services How can you get the LGfL USO for your school or LA? •Details of the LGfL USO are available from your LA or LGfL representative •Alternatively see www.uso.lgfl.net for further information or contact lgflsupport@atomwide.com LGfL Managed Email Services Brian Durrant Chief Executive London Grid for Learning StaffMail StaffMail • • • • • • • • For Staff, Governors and Admin Delivered in conjunction with Atomwide Dual Hosted (Telehouse and Park Royal) Fault Tolerant & Resilient Full Exchange 2007 Functionality 5GB Mailbox Limit Max 20MB Email Size inc. attachments Provided ‘free’ to LGfL Schools StaffMail Features • Personal and shared calendaring • Personal and shared address books • Accessible via: – MS Outlook – MS Outlook Web Access – Outlook Mobile Access (compatible PDA or m’phone) • POP3, SMTP, IMAP protocols supported, and mail forwarding StaffMail Login Screen • Access to StaffMail is via LGfL USO StaffMail Outlook Web Access StaffMail & MailProtect • All email scanned for viruses, spam and inappropriate content by LGfL MailProtect. • Staff can control spam including access to spam release, email spam digest reporting, and email in/out reporting. StaffMail on-line identity & domains • By default each user will receive an email address based upon their USO account name with a domain name of lgflmail.org • For example, ‘John Smith’ may receive a USO user name of jsmit001.318 and an email address of jsmit001.318@lgflmail.org • LAs may supply own domain (eg. lbwf.org) and this may be applied to all users in the LA • Schools may supply their own domain name “schoolname.la.sch.uk” and to be applied to all of the users in the USO in their school StaffMail Address Books • Each user may add and delete entries from their own private address book • a school staff member will see: – all staff at their school - only – all pupils at their school that are using LondonMail – the LA shared list • a LA staff member will see: – school lists of staff – the LA shared list LondonMail LondonMail • A Microsoft Live@edu service, branded LGfL, offered as a turn-key solution for use by pupils. • highly availability web-mail service for curriculum use • inbound and outbound mail filtering by MicroSoft • protects against viruses, spam and inappropriate content • all inbound email also scanned for viruses, spam and inappropriate content by LGfL MailProtect. • Exchange Functionality hosted by Microsoft in Dublin • 5GB Mailbox Limit • Max 20MB Email Size including Attachments • Provided ‘free’ to LGfL Schools LondonMail Features • Personal and shared calendaring • Personal address books • Accounts will be accessible via: – MS Outlook – MS Outlook Web Access – Outlook Mobile Access (compatible PDA or m’phone) • POP3, SMTP, IMAP protocols supported, and mail forwarding LondonMail Outlook Web Access LondonMail - identities & domains • each user is allocated an email address based upon their existing USO or new USOlite account name • ‘John Smith’ receives jsmit001.318 and an email address of jsmit001.318@lgflmail.net • As a Becta Accredited Internet Services Provider LGfL supports email address anonymity. As a requirement of accreditation, LGfL enables LAs and schools to reduce the risk to pupils by providing by default email addresses that protect pupils' anonymity • An LA may choose to supply their own domain (lbwf.org) and this may be applied to all users in the LA MailProtect MailProtect • Used in conjunction with LGfL StaffMail and LondonMail services • MailProtect uses email filtering technology provided by Email Systems • Dual Hosted (Telehouse and Park Royal) • Fault Tolerant & Resilient Service Documentation • The most current versions can be found on the LGfL Support website (http://support.lgfl.net) • LGfL Managed Microsoft Exchange Email Service for Staff (StaffMail) • LGfL Managed Microsoft Exchange Email Service for Pupils (LondonMail) • LGfL Email Content Control (MailProtect) • USO Service Description • USO Service Datasheet • USO Service Pricing Timelines • • • • • • • • 020 8255 5555 Support Number – Now! StaffMail pilot users – 17 March 2008 StaffMail first LA – 31 March 2008 LondonMail test users – 21 April 2008 LondonMail pilot schools – 2 June 2008 LondonMail first LA – 24 July 2008 MailProtect – 17 March 2008 Full Production All Services – 3 September 2008 Migration from @mail • LGfL @mail will cease service 31.10.08 • Contact lists will be migratable • If full migration is required, use Synetrix Email Hosting sync utility Future • StaffMail RIM (Blackberry) Access • LondonMail Shared Contact Lists Finally…. New low-cost LGfL support number 020 82 55 55 55 • • • • Local call on 020 82 55 55 55 Same as 08700 63 64 65 (but cheaper!) 08700 63 64 65 still operational Help desk for StaffMail and LondonMail Services are via Option 3 Microsoft Dublin Data Centre LondonMail & USO-lite • LGfL USOlite accounts may be provisioned for certain individual services, such as LGfL LondonMail. Where these have been provisioned, the account is restricted for use only with those designated services • In the event of non USO account holders subscribing to multiple services that are supplied complete with a USOlite account, then the user may be able to use the same credentials for each service. USOlite accounts cannot access LGfL Shibboleth services such as Premium Content • Should a user’s account be upgraded from USOlite to a full USO account as part of a school or LA USO purchase, the user will be able to retain their ‘-lite’ on line identity, with its functionality simply being upgraded automatically as part of the process • USOlite accounts cannot be upgraded individually Microsoft’s European Mega Data Centre at Grange Castle, Dublin • Previous slide -Rendering of the finished data centre • £250 million mostly automated plant • Total building footprint - 570,000 square feet • 18.9 acre site Similar Microsoft Data Centre under Construction Mobile Learning Devices Paul Whiteman Merton Which Mobile Device? Paul Whiteman LB Merton Is it really mobile? Who is going to carry it ? Can we afford them? Can we afford to replace them? Are they insured? Value for money? Buy or lease? How long do the batteries last? How long to recharge? Will it survive the odd knock? Is it compatible with other systems in the school? How easy are they going to be to support? How desirable is it? Will I find them on sale at the local? Who owns the equipment? Who pays for it? Is your solution future proof? The London MLE (Fronter 81) Antony Moore Fronter SRF and Technician’s Richard Allen Becta SRF for Technicians London Technicians Conference 17th March 2008 By Richard Allen Consultant – Learning Services How are you doing? • You’ve reduced the number of printer errors by upgrading printer drivers / replacing printers/ ensuring all same type of printers used / stopped people printing huge graphics • ……. And so on • At which point does your audience stop listening to you explaining all the great stuff you’ve done with drivers, software, networks, computers? • Why – because they don’t get excited about computer stuff (no really they don’t!!!) How to promote the good work you do • Tell your customers the impact it has on them • Inform your school leaders about the benefits in the classroom • Show how improved ICT availability is increasing user confidence • Demonstrate how enthusiastic the students are to learn when using ICT • The best way to tell them – get them to tell you! School staff understand assessments • Use an environment familiar to your customers • Ask them to assess the use of ICT using the self review framework to show how the school is doing • Use the technical support assessment to check on how you are doing with ICT support • Together you could achieve ICT Mark What is it all about? “The self-review framework isn’t just about ICT and, interestingly, that is a key factor of its success. It focuses the mind on the whole spectrum of school development.” Steve Gater – Headteacher, Walker Technology College, Newcastle Self-review framework A jointly developed framework of standards describing progression through a model of institutional maturity in the use of ICT. ICT Mark An agreed set of standards, within the selfreview framework, indicating that technology is being harnessed effectively and efficiently. A maturity model for developing good ICT…… Self-review framework Mature Some schools will be here Where are you? Systematic All good schools should be here The self-review framework is a maturity model. It describes stages of development across 8 elements. 15% - 20% Strategic Where are you? Implementing Developing ……using self-review to track progress The self-review elements working together The curriculum Impact on the Learner Learning and teaching Professional development (People resource) Assessment Resources Extending opportunities for learning ..rather than actions changing the learning environment. Schools tend to focus actions on staff and resources…. Leadership and management Actions supported by the leadership team determine improvement outcomes Self-review - people planning improvement • Review practice not technology • Focus on evaluating whole school improvement not auditing technology implementation • Review your actions and progress as well as practice • Use review to establish a consensus involving: –All staff –Pupils' views and insights –Other stakeholders Element 7; Resources – the strands • 7a. Provision – 7a-1 Physical environments – 7a-2 Sufficiency and suitability of resources – 7a-3 Digital learning resources • 7b. Access – 7b-1 ICT supporting efficient working practices – 7b-2 Technical support • 7c. Management – 7c-1 Procurement – 7c-2 Evaluation of ICT resources Commentary - improvement across all elements Example - 7a-2 Element 7 Strand a) Aspect 2 – Resources – Provision – Sufficiency of provision L3 There are enough ICT resources to make a contribution to the current practice in learning, teaching and school organisation. L3 Might link to learning and teaching (element 3) commentary L2 Commentary might also describe improvement and link to impact on pupil outcomes (element 8) The school is well equipped L2 with a good range of ICT resources and these are sufficient to make a significant impact on learning, teaching and school organisation. The self-review framework.. “…. has enabled all the staff, not just the ICT specialists, to understand where we are going strategically. It has brought us together and consolidated the whole vision for the school.” Roger Whittall – Headteacher, Westwood School Some Useful Becta Tools • Self Review Framework • Investment Planner (TCO) • Functional and Technical Specs • Framework Agreements • FITS • SIFA and UK Federation Self-review benefits and outcomes • Where are you in your whole school improvement and ICT development • How does your school compare with others • What are your schools aspirations • What does good look like in your school • How will your school progress further • What actions will prioritise • Where might your school need support Ofsted success for ICT Mark schools Schools accredited with the ICT Mark are considerably more likely to be rated ‘outstanding’ in all five measures. More specifically, ICT Mark accredited schools are: • Four times more likely to be rated as ‘outstanding’ in the Overall effectiveness of the school category (ICT Mark schools: 40%, national primary: 9%, national secondary: 10%) • Three times more likely to be rated as ‘outstanding’ in the Achievement and standards category (ICT Mark schools: 31%, national primary: 8%, national secondary: 9%) • Three times more likely to be rated as ‘outstanding’ in the Leadership and management category (ICT Mark schools: 42%, national primary: 11%, national secondary: 12%) • Four times more likely to be rated as ‘outstanding’ in the Teaching and learning category (ICT Mark schools: 29%, national primary: 7%, national secondary: 5%) Ofsted reports on ICT Mark schools The large majority of Ofsted reports on ICT Mark schools contain positive comments in relation to a number of ICT areas, including: • Use of interactive whiteboards; • Development of pupils ICT skills; • The use of ICT to raise attainment; • Investment and level of ICT resources; • Planning, assessment and pupil profiling using ICT; • Teachers ICT skills; • ICT raising pupil confidence; and • ICT leading to involvement in community events. Vision and aspirations What are your aspirations for how technology might be used to support wider school aims and learning environment. • Classroom and teaching strategies • Curriculum development • Assessment for learning • Extending opportunities for learning • Parental engagement Celebrate success Enables schools to recognise and celebrate their successes. When a school feels secure in its judgement that it has reached the nationally agreed standards in all the aspects of the framework, it may choose to apply for the ICT Mark. To gain the ICT Mark the school requests a visit from an accredited assessor, who will validate the school’s selfevaluation. The ICT Excellence Awards offer further recognition for schools that demonstrate evidence of excellent practice above and beyond the levels of the ICT Mark. Informs other schools and organisations that you are a potential partner for extending opportunities for learning through technology Assessments, SRF and FITS links • http://matrix.becta.org.uk • http://schools.becta.org.uk/index.php?section= srf • http://www.becta.org.uk/fits Register your results and be recognised Thank you richard.allen@becta.org.uk BSF Anne Casey BSF ICT Anne Casey anne.casey@partnershipsforschools.org.uk What we will cover in this session • Fundamental facts of ICT in BSF • What elements to consider as part of a managed service • How the ICT funding is allocated • How much input the schools have What we wont cover in this session • The specific ICT elements for your school • The procurement process • The scope of your school/LA managed service The Golden Thread SfC 1 ICT Vision & Strategy SfC ICT Output ICT Vision 2 ICT Vision OBC & Strategy Spec & Strategy And the ICT? What is a Managed Service? At its simplest a Managed Service consists of a single contract designed to deliver all ICT systems and services. This comprises provision of and support for: Learning Platform including MIS, VLE and learning content Wide area network – probably linking to the LA’s broadband service Institutional infrastructure (School LAN) All users’ equipment: access devices; peripherals, etc. Network services: user account management; e-mail; back-up; virus protection; Internet filtering and/or monitoring; curriculum software servers; video-conferencing; etc And….. Anywhere, anytime access for all users Integration of legacy hardware and software Change management: operational training; pedagogical training ICT for school administration Helpdesk Technical support Refresh and sustainability Local choice ICT Output Specification & OBC •e.g. the facility for visually impaired students to be able to access their personal, adapted profile from whatever user device they may choose to use at any location Output specification. • Design and Installation Requirements (Learning platform, infrastructure and equipment) • Transition and Implementation Requirements • Operational Requirements • Finance and Management Requirements The ICT Supply Chain – how it works ICT Output Specification inc. Local Choice Fund LEP Bidding Consortium inc. Construction, FM, F&E, ICT ICT Partner / key supplier Active network kit Services – AV, email VLE MIS central provision Computer hardware Peripheral devices Specialist hardware Curriculum software Tech Support Training some school choice full school choice How is a Managed Service financed? BSF capital: £225 per pupil place for passive network infrastructure BSF capital: £1450 per pupil place for equipment, software and services This is a way of describing the overall ICT funding envelope. It is NOT an allocation formula for schools. School revenue: annual contribution for the 5-year life of the ICT contract to fund on-going maintenance of the ICT managed service: ‘extra’ elements of local choice funds; the refresh pot; training. What we advise LAs to do. • Ensure schools understand scope of managed services • Ensure schools understand current TCO • Engage all technical staff in discussions • Engage all relevant staff in development of the output specification • Ensure current staffing position and levels of service are understood e-Safety Helen Warner Kensington and Chelsea LGfL supporting e-safety Helen Warner Royal Borough of Kensington and Chelsea ICT Support Service • A class of 9 year olds are in the ICT suite. The teacher gives them a research topic ‘Thailand’. Salil calls the teacher over to tell her that the search results include a link ‘adult sex’, he is told “Don’t click the link” and the teacher then moves away to talk to another group of children elsewhere in the classroom. • Darren, a young Australian teacher, has his own MySpace area and has posted pictures of himself, his friends and lots of details of his life. There’s a video clip of him in Lanzarotte, very drunk, having fun. Some of his pupils have found it. • A very high number of pupils have their own MSN Messenger accounts and brag about how many ‘friends’ they have. You overhear one of the particularly brash Y9 girls bragging about her ‘older boyfriend’, who she plans to meet. http://www.esafety.lgfl.net/ Education Programme • Penelope, Head of Maths, has emailed some pupil reports to her hotmail account so she can finish at home. Alan, a science teacher, has been using his open Blog to share his views about education, his school and the school’s leadership. A teacher tells her technician she is upset because a pupil has posted a rude message on a Forum in the London MLE and asks him which child it was because she doesn’t know. Policy Resources •Policy separated into sections and includes specific references for child protection and anti-bullying policies Acceptable Use Policies • Mr Jones reports that a student has a pornographic image on his screen. The student says the “image just appeared and it’s the first time it’s happened”. • A 14 year old boy has taken his own life. There is an allegation of bullying and that the pupil had used websites that openly support suicide. LGfL URL filtering • Based around the NetSweeper filtering system • Provides 4 levels of filtering – – – – Blocks all illegal content on the Internet Watch Foundation blacklist Global Deny list - contains other URLs deemed to be entirely unsuitable for access within LGfL network Category database - categorises URLs and blocks by category Local Deny list - allows blocking of individual URLs Local Allow list - allows access to an otherwise blocked URL LGfL monitoring reports URL logging • Every request made through the URL filtering service is logged, including: – – – – – Date and time IP address of the user URL details Category of the URL Whether it was blocked or allowed • All logs are kept for a minimum of 3 months and are fully searchable • Logs are stored unprocessed, for forensic purposes • Forensic software also available – contact Synetrix NetSweeper Reporter Wizard • John, the technician finds evidence of a member of support staff gaining access to some pornographic videos. He tells the Deputy, Keith, who says, which computer? “Lets have a look”. Keith takes a look and agrees. They suspect its Danny, who’s part-time and wait until he’s in to challenge him. He denies all knowledge and then accuses the Deputy of harassing him. Danny has never signed an Acceptable Use Policy form. Possible incident procedure in case of illegal content 1. Inform Head / senior leader and start an incident log. All staff must report back to the member of SMT who updates the incident log at each stage. 2. Don’t use the equipment. Photograph, bag and secure it – witness by 2 people from SMT. Suspend user’s network / computer access. 3. SMT decide if sufficient initial evidence / doubt to suspend member of staff pending investigation. Possible incident procedure in case of illegal content cont: 4. Link computer name to IP address on LAN. If auditing enabled on server, link username to computer. Request Internet logs from Synetrix. SMT inform LA – eSafety officer (Personnel) etc. Gather evidence e.g. screen prints if have Forensic software, AUP form, CCTV footage, timetable, etc. 5. SMT decide whether to involve a Third Party Forensic firm. Start disciplinary action if necessary. In case of Child Pornography – immediately inform Police. 0808 100 00 40 at: http://www.met.police.uk/childpornography/index.htm Useful Online Resources Penny Patterson and Gary Jelks Useful Online Resources Penny Patterson and Gary Jelks How would you use? • School network • Standalone in school • At home only http://www.tech.lgfl.net http://audacity.sourceforge.net/ http://filehippo.com/download_hij ackthis/ http://free.grisoft.com http://housecall.trendmicro.com http://www.edugeek.net/ http://www.intravnews.com/ http://www.lavasoft.com http://www.microsoft.com/technet /sysinternals/FileAndDisk/PsTool s.mspx http://www.netstumbler.com http://www.roboform.com http://www.safer-networking.org Social networking • • • • Facebook MySpace Bebo Piczo http://www.skype.com http://www.thinkfree.com http://www.youtube.com http://www.lgfl.net/lgfl/accounts/te chsupport/techconf/menu/ ICT Technician’s Update Conference 17 March 2008
