860 likes | 1.26k Views
K12 Secure Identity Management. Identity Based Collaborative Learning Solution. Agenda . Introduction to Condrey Consulting Corporation Introduction to No Child Left Behind (NCLB) Introduction to the Schools Interoperability Framework (SIF) Benefits and Solution Overview
E N D
K12 Secure Identity Management Identity Based Collaborative Learning Solution
Agenda • Introduction to Condrey Consulting Corporation • Introduction to No Child Left Behind (NCLB) • Introduction to the Schools Interoperability Framework (SIF) • Benefits and Solution Overview • Components of SIF Provisioning Solution • Phased Solution Approach • Identity Based Collaborative Learning • SIF Enabled Identity Management • Live Demo • Q&A
Condrey Consulting CorporationCompany Overview • David Condrey – Owner and CEO • US Software Engineering Corporation based in Greenville, SC • Customers in 33 countries representing Commercial, Fortune 1000, State & Federal Government, Military, Healthcare, Higher-Ed and K12 • Well known and respected by customers, especially in the academic market • Well known at Novell – Model Partner • Invested in the future of Novell
Condrey Consulting Products Overview • File System Factory™ – Novell Nsure - Novell Price List • Identity Based Storage Management • Ties Provisioning to the NetWare OS – Event Driven and Policy Based • Lifecycle Content and Data Management (ePortfolio) • IUAdmin™ • Identity Based Personal and Collaborative Storage Access • Integrates with File System Factory™ • Integrates with exteNd Portal, Virtual Office and iChain • Web Based Access to Personal and Group Content • Web Based Help Desk Administration • Web Based User Self-Service and Password Reset • AuditLogin™ and TrustFun • Who’s Accessing Storage and What Rights Do They Have? • Login/Logout - Date, Time,Workstation • Trend Reports and Graphs • File and Directory Rights Analysis
File System Factory Education Customers • University of Kentucky – 43,000 users • Northern Illinois University – 67,000 users • Minnesota State Colleges and Universities – 93,000 users • Charleston County Schools, SC – 42,000 users • University of Georgia – 60,000 users • Embry Riddle University – 12,000 users • Hemet School District, Los Angeles • Grand Rapids Community College • Savannah Chatham County Schools, Georgia • Douglas County Schools, Georgia • Newton County Schools, Georgia
More File System Education Customers • Escondido Union High School District • Sutton Public Schools • Ramaz School • Augsburg College • Southwestern Community District No. 9 • Le Moyne College • Macon County R-1 • Grant MacEwan College • Clemson University • Community Consolidated School • District – Illinois • Ramaz School • Augsburg College • Northwestern Michigan University • Old Dominion University • Madison Area Technical College • Waukesha County Technical College • Blackhawk PA School District • Marysville Village Schools • Spearfish School District • Maine Township High School District • Waubonsee Community College • Western Illinois Univeristy • Escondido Union High School District • Sutton Public Schools
Sample of Education Customers Leveraging File System Factory, IUAdmin and AuditLogin
Introduction to NCLB • No Child Left Behind
No Child Left BehindProgram Summary • NCLB requires schools to: • increase student access to technology • help students to achieve higher academic standards • improve teachers’ ability to use technology for instruction • increases technology implementation for schools, especially those serving • disadvantaged children • To receive much of the NCLB federal funding, local school districts must provide government agencies with strategic plans for implementing educational technology. • Financial Allocation:In fiscal year 2002, Congress allocated $22.2 billion for education and No Child Left Behind implementation nationwide.
NCLB and Digital Portfolio’s • The “Digital Portfolio" is a strategy that has gained wide-spread acceptance in the education field • Digital portfolios make it easier to track a student's progress and work over the years. • Allows students to store their material in digital format on a server to be reviewed by team members. • The portfolio contains samples of significant student work over time and should be available to the student throughout their school career, making it easier for teachers to access student work and thus track performance. • Digital portfolios are useful when applying to post-high school institutions or moving into careers in the private sector. • Digital Identity is key
NCLB and ePortfolio Links • http://www.kn.pacbell.com/news/CAschools/sas.html • http://www.southalabama.edu/tomorrowsteachers/portfolios.html • http://schools.nycenet.edu/d75/instructionalservices/assessment/altassessment/datafolio.html • http://www.pupilpages.com/ • http://www.mandia.com/kelly/portfolio.htm
Schools Interoperability FrameworkSIF • Not a product, but a technical blueprint • Designed for and by K-12 technology providers and educators • Manages data within the K-12 environment • Enables diverse applications to interact and share data • Works cross-platform, over a Web-based interface • Allows automated reporting
K-12 Identity Management Reality Food Services e-Mail Grade Book Library Automation Data Warehouse Student Information Services Transportation Network Account • Data Silo’s • Duplication of work • Inconsistent application of business policy • Time consuming – productivity delays • Little security confidence, significant exposure
SIF components Student Information Services Zone Integration Server (ZIS) SIF Agents Applications SIF Data Objects Novell Network Account Library Automation School Badge Food Services Instructional Software (Plato) Transportation Data Warehouse
SIF integration K-12 data model Federal Accountibility, Reporting, Planning, etc. State Food Service Grade Book HR / Finance Library SIS Transportation Voice Telephony Instructional Services District School Data Warehousing
SIF vendors (Cont.) Student Information Systems • Pearson Education Technologies • SASIxp • Edustructures SIF Agent for SASIxp • www.edustructures.com • Sungard Pentamation • Open Series Student Management System • www.pentamotion.com • Central Susquehanna Intermediate Unit • CSIU Administrative Software Suite • www.csiu-technology.org
SIF vendors (Cont.) • Library Automation • Follett Software Co – www.fsc.follett.com • SIRS Mandarin – www.mlasolutions.com • Sagebrush Spectrum • Telephony • Parlant Technology – www.parlant.com • Classroom Software • Renaissance Learning – www.renlearn.com • Transportation • VersaTrans Solutions – www.versatrans.com • Food Service • School-Link Technologies – www.school-linktechnologies.com
SIF vendors (Cont.) • Data Warehouse • TetraData • eScholar • Novell • Microsoft • Apple • IBM • Sun Microsystems • Edustructures -ZIS
SIF Government Members US Department of Education Virginia Department of Education Delaware Department of Education Idaho Dept of Education/Rich Mincer Maryland State Dept of Education National Center for Education Statistics (NCES) Ohio Department of Education Ohio SchoolNet Commission
Administrators Increased Efficiency Reduced redundancy and errors Reduced compatibility issues NCLB SIF benefits Students • Personalized Student Content • Improved timeliness of service • Accurate School Data • Increased Efficiency IT Departments • Reduced support costs • Reduced time needed to manage multiple data sources • Save money using existing systems and infrastructure Teachers • Real-time access to critical information • Better data analysis • Teachers time better spent
Additional Information on SIF • http://www.sifinfo.org • http://www.opengroup.org/sif/cert/ • http://www.sifinfo.org/vendors/sif_vendor_member.asp
Components of K12 SIF Identity Provisioning Solution • Novell eDirectory • Edustructures • SIFWorks™ Zone Integration Server (ZIS) • Nsure Identity Manager SIF User Agent • Life Cycle Student Account Management • Novell File System Factory • Lifecycle Content and Data Management (ePortfolio) • File Rights and Trustee Analysis • IUAdmin • Web based access to personal and collaborative content • Self-Service Password Reset and Help Desk • AuditLogin and TrustFun • Who’s accessing storage and what rights do they have • Novell iChain • Secure Access to Web Applications
Digital Identities The key to student and faculty provisioning
Novell eDirectory • Stores information about people, services, and resources • Manages relationships between them • Directs interactions and triggers events
Edustructures Zone Integration Server • Founding Member of SIF • Member of SIF Board of Directors • Strategic Partner Alliances • NCS Learn, Follett • School-Link, Versatran • Novell and others • SIFWorks Enterprise ZIS Server • Cross Platform Support • Netware, Windows, Linux, Solaris, MacOS X • SASIxp SIF Agent • www.edustructures.com
Nsure Identity Manager SIF User Agent (DirXML) • SIF Agent for Provisioning Students • Built on Award Winning DirXML Technology • Supports the Following SIF Object Types: • Student Personal • Staff Personal • Student School Enrollment
Novell File System Factory Automatic Disk Space for all Students or Staff!
Novell File System Factory Automatic Disk Space for each Class or Work Group!
Novell File System Factory Automated Home Directory Management: Create It, Manage It, and most importantly… Clean It Up!
Novell File System Factory Lifecycle Data and ePortfolio Management: Create It Move It Manage It
Novell File System Factory All you have to do is create the users and groups… …Any way you want… …We’ll handle the rest!
Identity Mgr Active AD Directory ZENworks for Desktops LINUX BorderManager FSF ZIS NetWare NetWare eDirectory NetMail Provision Storage as well as Accounts with Novell File System Factory and Identity Management Identity Mgr SIF Driver Driver • Policy-based • Event-driven • Load balancing • Storage creation • Storage management • Storage cleanup • Personal user storage • Group storage High School 25MB Middle School 10MB
FSF Methodology New workflow component allows employee’s manager to review, reassign, or vault user data prior to deletion. Algorithm: Random Balance Rights: RWCEMFA Quota: 150 MB Template: SERV1/VOL1:Policies DelWait: 90 Days Target File Systems Policy • Create • Rename BJones • Delete BSmith RWCEMFA Copy BSmith BJones 150MB SERV1/VOL1:POLICIES
Policy Policy Policy Policy Assignment & Data Migration • Seamless • Fault-tolerant • Safe BSmith BSmith Scheduler – 9:00PM BSmith 50MB BSmith 25MB
RJones RJones Admin issues Backfill with “Enforce Policy Paths” option, which will move data. KJackson KJackson NCS BSmith BSmith Policy RCroom RCroom DWyatt DWyatt Northern Illinois UniversityData Migration - Backfill BSmith RJones KJackson RCroom DWyatt Pentium Pro 200’s – 0 Users Pentium Pro 200’s – 67,672 Users
Education Group Policy Example Algorithm: Random Balance Rights: none Quota: 500 MB Template: SERV1/VOL1:GroupSample DelWait: Never Assign Policy to Courses Container Target File Systems Policy Create Course Group Object SPAN340-001 Automatically Create Group Storage and Assign Policies SPAN340-001 Copy Course Files for Each Student from Template Copy 150MB SERV1/VOL1:GroupSample
Group Policy TemplatesConfiguration Steps Create Group Object SPAN340-001.MS.COURSES.STATEU Create FSF Group Policy Using the FSF Management Interface Create eDir Objects Assign Members & Owners to the Group Create Template Assign Rights to Directories
Group Policy Templates Assign Students as Members and Instructors as Owners Members Owners JSmith.Students.STATEU MRoberts.Students.STATEU NFrost.Students.STATEU PJones.Students.STATEU RBrooks.Students.STATEU SSmith.Students.STATEU STimms.Students.STATEU TJones.Students.STATEU TSmythe.Students.STATEU WClark.Students.STATEU ABelcher.Staff.STATEU KAlesanto.Staff.STATEU
Group Policy Templates File System Factory Automatically Provisions Storage for Students and Instructors
RJones RJones Admin issues Backfill with “Enforce Policy Paths” option, which will move data. Later, the same operation can be used to replace existing servers. KJackson KJackson BSmith BSmith Policy RCroom RCroom DWyatt DWyatt Backfill - Apply or Reapply Policy to Existing Objects On Demand BSmith RCroom DWyatt BSmith • Provision storage for pre-existing users according to policy. • Begin managing pre-existing storage according to policy. RJones KJackson RCroom DWyatt
Where’s my stuff? • Users need an easy way to find their storage …even if you need to move it. • Personal Storage and Group Storage. • Map a Drive? There’s only so many letters in the alphabet. • Login Script Management is a headache for group storage.
URAccess • End-User tool for dynamically building personalized access links to storage. • Leverages Home_Directory user attribute for personal storage. • Leverages cccFSFactoryHomedir group attribute for shared storage. • Creates a local set of UNC paths and description presented to the user in a Windows UI. • Like App-Launcher for ZENworks, except provides access to storage. • List can be refreshed at any time. • Supports multiple tree connections.
Executive Storage Dashboard Storage Trends on User and Group Policies
Administrative Storage Dashboard Event Statistics Storage Health Check https://your.server.name.or.ip.address:8009/FSF/HTTP_FSFExecutiveDashboard.
Quota Manager – Help Desk Interface https://your.server.name.or.ip.address:8009/FSF/HTTP_FSFQuotaMgr
Green = space available > 25% of quota Yellow = space available < 25% of quota Red = space available < 10% of quota Quota Manager – Help Desk Interface