By Brett Winterford on Sep 23, 2009 twelve:36 PM
Filed underneath Security
The world's "most hostile computing environment".
The NSW Division of Training is employing asset-tracking application, RFID tags, and BIOS-embedded filtering smarts to roll out 240,
Office 2010 X64 Key,000 netbook computer systems into what CIO Stephen Wilson calls "the most hostile atmosphere you'll be able to roll computer systems into" - the local higher college.
The rollout of Lenovo netbooks, funded below the Federal Government's Digital Training Revolution initiative, can be a enormous logistical and IT protection problem, and the resolution Wilson and his staff has place with each other to fix these issues could well be applicable to any corporate IT section.
Over four decades, some 240,
Win 7 Ultimate Key,000 Lenovo netbooks will be provided to pupils in 12 months nine. The netbooks may be stored right up until yr 12,
Office 2007 Ultimate, or completely ought to the pupil end their research in the college. Netbooks are also becoming provided to teachers.
To take receipt in the netbooks, pupils and dad and mom are asked to signal kinds in which they acknowledge their obligation to acquire care with the devices and use them appropriately.
They are armed with an enterprise edition with the new Windows 7 operating technique,
Netbook Reviews, Microsoft Office, the Adobe CS4 imaginative suite, Apple iTunes, and content material geared to pupils. Despite the fact that the netbooks are loaded with numerous a huge selection of dollars of software program,
Windows 7 Starter Key, 2GB RAM and a six-hour battery, the cost to the NSW Section of Schooling is less than $500 a unit.
Underneath the covers with the netbooks - and within the network that controls them - lies a great deal more smarts to ensure that the total cost of ownership of each machine does not blow out.
Wilson said that while private schools and other states have taken a "carte blanche" approach to handing out laptops as part of the Digital Training Revolution, the DET rollout is "among the more systematic, automated and paperless" projects ever embarked upon.
Security smarts
At the physical layer, each netbook is password-protected and embedded with tracking software at the BIOS level of the machine.
That is administered through an enterprise services bus, which also connects the Remedy suite for asset management, Active Directory for authentication and Aruba's Airwave for wireless network management.
If a netbook were to be stolen or sold, the section can remotely disable it about the network. Even if the hard drive in the machine was swapped out or the working technique wiped, it would be useless to unauthorised users.
Already, it has noted the loss or damage of just six netbooks out of the 20,000 rolled out since August - and have tracked a teacher utilizing their device on a field trip in New Zealand.
While there is often a serial number and barcode on each computer, the section said that thieves or pupils might be able to remove them. To combat this, it is employing passive RFID chips on every machine that will enable them to be identified "even if they were dropped in a bathtub".
Being passive,
Windows 7 Pro Key, an RFID reader needs to be within close proximity in the device to read it. (Active RFID transmitted a signal back to base.)
The department used the AppLocker functionality within Windows 7 to dictate which applications are installed.
Web access on the netbooks is filtered according to a corporate protection policy (using McAfee's SmartFilter technology) plus an additional SOCKS-based proxy client, which provides web filtering in the network layer.
The devices also use Microsoft's Forefront Antivirus technology.
Upgrades
With such a huge fleet of personal computers in the hands of college students, Wilson said it would be "unrealistic" for the department to offer technical support for application applications.
The netbooks were built so that the division can remotely upgrade and patch the devices about a wireless network.
It used Microsoft's Method Centre Configuration Manager tool to distribute software down to devices.
The update service switches off once a pupil finishes year twelve.
Wilson said there was no way such a large fleet of devices could be managed at such low cost without the smarts embedded within Microsoft's new operating system.
"There was no way we could do any of this on XP," he said. "Windows 7 nailed it for us."