Windows 7 32 Bit NSW seeks to build unhackable net

By Brett Winterford on Sep 23, 2009 12:36 PM
Filed underneath Safety

The world's "most hostile computing environment".
The NSW Department of Schooling is employing asset-tracking software, RFID tags, and BIOS-embedded filtering smarts to roll out 240,Windows 7 Enterprise Key,000 netbook computers into what CIO Stephen Wilson calls "the most hostile setting you'll be able to roll computer systems into" - the regional large school.

The rollout of Lenovo netbooks, funded below the Federal Government's Digital Training Revolution initiative, is often a enormous logistical and IT safety problem, and the solution Wilson and his crew has place collectively to fix these problems could properly be applicable to any company IT division.

Over four years, some 240,000 Lenovo netbooks will probably be provided to students in year nine. The netbooks may be held until yr 12, or completely should the student complete their research at the school. Netbooks can also be becoming presented to teachers.

To consider receipt from the netbooks,Office 2007 Key, pupils and dad and mom are asked to signal forms through which they acknowledge their obligation to acquire treatment of the machines and use them appropriately.

They are armed with the enterprise model in the new Windows seven working program, Microsoft Office, the Adobe CS4 imaginative suite, Apple iTunes, and content material geared to college students. Even though the netbooks are loaded with several numerous dollars of computer software, 2GB RAM and a six-hour battery, the cost to the NSW Division of Education is less than $500 a unit.

Underneath the covers in the netbooks - and within the network that controls them - lies a great deal more smarts to ensure that the total cost of ownership of each machine does not blow out.

Wilson said that while private schools and other states have taken a "carte blanche" approach to handing out laptops as part from the Digital Schooling Revolution, the DET rollout is "among the more systematic, automated and paperless" projects ever embarked upon.

Security smarts

At the physical layer, each netbook is password-protected and embedded with tracking computer software on the BIOS level of the machine.

That is administered through an enterprise services bus, which also connects the Remedy suite for asset management, Active Directory for authentication and Aruba's Airwave for wireless network management.

If a netbook were to be stolen or sold, the division can remotely disable it more than the network. Even if the hard drive of the machine was swapped out or the working method wiped, it would be useless to unauthorised users.

Already, it has noted the loss or damage of just six netbooks out of the 20,000 rolled out since August - and have tracked a teacher using their device on a field trip in New Zealand.

While there is really a serial number and barcode on each computer,Office Ultimate 2007, the section said that thieves or students might be able to remove them. To combat this,Windows 7 Home Premium Key, it is employing passive RFID chips on every machine that will enable them to be identified "even if they were dropped in a bathtub".

Being passive, an RFID reader needs to be within close proximity with the device to read it. (Active RFID transmitted a signal back to base.)

The division used the AppLocker functionality within Windows seven to dictate which applications are installed.

Web access on the netbooks is filtered according to a company safety policy (utilizing McAfee's SmartFilter technology) plus an additional SOCKS-based proxy client, which provides web filtering on the network layer.

The devices also use Microsoft's Forefront Antivirus technology.

Upgrades

With such a huge fleet of computer systems in the hands of college students,Windows 7 32 Bit, Wilson said it would be "unrealistic" for the section to offer technical support for software applications.

The netbooks were built so that the department can remotely upgrade and patch the devices about a wireless network.

It used Microsoft's Method Centre Configuration Manager tool to distribute software down to devices.

The update service switches off once a university student finishes yr twelve.

Wilson said there was no way such a large fleet of machines could be managed at such low cost without the smarts embedded within Microsoft's new working method.

"There was no way we could do any of this on XP," he said. "Windows seven nailed it for us."