I’m deeply thankful to all the schools who have allowed me to visit and learn from them over the past 12 or 13 years, and so it was an absolute delight to have Neal McArthur both friend and CT Operations Manager at Genesis Christian College dropped by to have a look at some of the things we are doing at Glasshouse Christian College.
I’ve visited Genesis a number of times since 2004, when I first set up technology at our College About 13 or 14 years ago, I would drive down and ask them all I could think of about school technology, however since those days we have made significant progress in all area’s of technology including Networks.
We showed talked about extreme networking issued and exchanged notes out our experiences and showed him all we could in Extreme Management Centre, and particular the depth of analytical data we are able to visualise the health of and activities on our School Network.
The Extreme Management Centre is a single pane of glass management system that provides wired/wireless visibility and control from the From the Core to the Edge, or in other words from the data centre to the mobile edge.
Footnote: If you are interested in Extreme Networking please feel free to give me a call to discuss, If you’re part of an education organisation I would be more than happy to show you what we are doing with our Extreme Networking Gear.
It’s a rainy Saturday, 24 February 2018 and Scott and I are installing two Lenovo ThinkSystem Servers (SR630). My other 2 Lenovo Servers gave me 5 years of Service and are still in excellent working order.
Scott is an absolute expert and once these ThinkSystem Servers are installed I will most likely never need to do a single thing to them for another next 5 years.
Note: I always purchase onsite warranty and as much server memory as I can afford at the time, these servers will be connect to about 40TB of EMC Storage.
My old Lenovo (IBM) Servers were spend the last 5 years running VMWare vSphere with over 30 instances between them, and seldom went over 9% System (CPU) Usage.
I investigated a number of other solutions including Hewlett Packard Servers and I considered a Hyperconverged solution on either Simplivity and Nutanix running on Dell, Lenovo or HP Gear, but I have chosen to keep things as simple as possible.
I’ve had Sophos installed at our college for the past 5 years and we are in or sixth or seventh year of using Sophos Firewall and Anti-Virus across our campus.
I purchased two consecutive on-site days from Sophos, who flew one of there top Security Engineers from Sydney to stay with us for two days and complete a thorough investigation and health-check of our Sophos installation.
– I was delighted with the results.
- Firmware Upgrade – We upgraded to the newest firmware version of Sophos UTM.
- We simplified our firewall rules and disabled and deleted 18 unwanted access rules,
- Reporting Improvements, – we significantly improved and tweaked our reporting.
- We investigated upgrading to a hardware appliance.
- Removed unnecessary STAS software from servers
- Removed unnecessary RADIUS servers (we use Extreme Radius)
- Cleaned up Admin accounts and assigned personal accounts of all the admins to administrator profile.
- Rule Creation and Policies: Improved the way we create rules by teaching us how to create multiple user activities and assign to different user groups in the same policy rather than creating different web policy for each and every user group.
- Cleaned up application control policies and changed it as per requirements.
- Removed irrelevant OS from the IPS policy
- Sync App Control – we enabled sync app control and we were able to see new apps getting detected by the firewall. – to be categorised.
- Device Access – Disabled SSH access on WAN and created Access List to allow specific IP’s
- We investigated the future use of Sandstorm (cloud sandboxing).
Our security installation at the current time comprises of the following,
- XG Firewall – Next Generation Firewall.
- Intercept X – a signatureless anti-exploit, anti-ransomware, and root cause analysis protect your endpoints from advanced threats.
- Sophos Endpoint – Client Protection which doesn’t rely on signatures to catch malware, which means it catches zero-day threats.
- Sophos Phish Threat – User education by effectively simulating realistic and challenging phishing attacks in a just few clicks.
Relationship Benefits: The two days of Sophos consulting provided an opportunity for us to strengthen our relationship with Sophos.
Third Party Consideration: The two day has forced me to re-consider the benefits of 3rd Party to deploy and configure Sophos.
My own thoughts are that using a Sophos Product Engineers far outweighs the advantages of using a 3rd Party Engineer, so even if you have had a third party work on you installation, – you will receive significant advantage for using Sophos directly.
Recommendation: If you are a Sophos user and run a large installation I would highly recommend spending the money and getting one of the Sophos Engineers spend a few days on site checking out and tweaking your system
TP-LINK home products both inexpensive and easy to use. They offer a rich set of technical features making them good value when you consider all their features versus cost ratio. Generally speaking there are plenty of regular firmware updates as well as community support and help available when you need it. (I’m a fan of TP-Link for home use, but not for commercial use).
Currently I’m use two TP-LINK AV200’s with two TP-LINK AV500’s and yes they work well together. In fact you can even mix different speeds with different vendors, so for example you can mix a TP-LINK AV500 with an EDIMAX AV200 (of course it’s never a problem till it’s a problem, my view is that technology should just work, and I have no hesitation or regrets about mixing them).
Another great feature of the TP-Link gear is that the AV200, AV500 and AV1000 offer Energy Savings of up to 85%.
- TP-Link TL-WPA4220 KIT (AV500)
- TL-PA211KIT (AV200)
I’m more than happy with TP-link, easy to set up, easy to find support, easy to locate products, easy to upgrade or dispose of if they do not quite work as expected.
We enjoyed an informative event in Sydney today, Friday, 17 November 2017, with a very early 5:15 am start and due to traffic we boarded the 7am Qantas flight to Sydney with a narrow margin.
Why go to Jamf Roadshows?
Jamf Software is pivotal to our school environment and we use it to manage 1500+ Apple Devices. Without jamf software we would be very hard pressed to achieve some of the results we currently archive.
We are the kind of school which installs new software upgrades as soon as they are released, so while my team have normally already experienced all the new feature being discussed it give us an opportunity to network with other schools and organisations and see if we have over looked or left anything out.
Visiting the jamf roadshows is our way of remaining up to date on all things jamf and catchup on any news and gossip, and to ensure that we have all Zero Days updates applied to our infrastructure and services.
What did we learn?
Dean Hager always presents well, so for me the biggest take away was the first session by Dean Hager and the last session by a jamf user / it manager / mac administrator who also presented earlier this year at JNUC – the Jamf Nation User Conference.
- empower people with technology which puts people first
- create a product which people love and buy repeatedly
- BYOD is not an it invention it was brought about by users who demand there favourite tools products.
If you ever want to visit a school which uses products simply and effectively without creating an overburdening dependence on any single product, skill or staff member please feel free to come and visit our school on the Sunshine Coast.
The showcase was hosted by Mueller College and was sponsored by CompNow
Mueller College is a distinctly Christian school located a Rothwell on the Northside of Brisbane and promotes a seamless education from Prep school to Year 12.
We started the event with an intro to iOS11 expertly delivered by Dave Wells.
Anthony the IT Manager at Mueller explained about how iPads have enhanced and facilities Education at Mueller College. After the talk Anthony kindly responded to a number of questions raised by the audience.
- iPad have transformed Learning and Teaching.
- Apple is the device or choice.
Technology Showcase at Mueller College
Dave Well continued the session by explaining advances in the new Apple Caching serve and followed with ad demonstration of the TVOS
- With every new release of TVOS you can much more with MDM.
- Can easily cast a student iPad screen to the Apple TV.
- Zero Touch configuration.
- Can easily run Applications.
- Advised us to run Location Services
Fred answered a number of questions about JAMF Pro
Julian Critchlow was pressed for time but still managed to offer a provisional overview of ExtremeWorks.
- “The Network is Strategic Asset”
- “Advance Analytics is a key “Extreme” differentiator”
- Simplified SDN Software defined networking
Harrold explained what CompNow can help implement and support key projects.
- Large footprint south for Brisbane
- Work very closely with JAMF
- Development Branch
- Have made Apps for Samsung
Dave wrapped up the event.
Not only was the iBook about Teaching and Learning in our College recently published on iTunes, but we also attracted some attention from Kate Arnott, a podcaster who spoke at the Apple Distinguished School Conference 2017 about change.
I would like to commend two recent GCC associated publications to you.You will recall that, as part of our application to be admitted as an Apple Distinguished School we were required to prepare an iBook. The iBook is a collation of some of the exciting ways we are marrying technology and education here at the College. You would have seen the iBook in its last iteration but the final version is something really fantastic. I would commend it to all of you.
You can link to it directly here. https://itun.es/au/oEEblb.l
DeLorean Project Podcast
While we were at the Apple Distinguished School conference recently we attracted the attention of a podcaster who runs an education and technology podcast called Leading Change. She was a former journalist with the ABC for many years.The podcast really captures some of the excitement the aims and the successes around the DL project in an extensive interview with Rob, lecturers from USC and some of the DL kids. It is good stuff.The Leading Change Podcast on the DeLorean Project is now live on all the podcast sites. We’ve embedded it on our website with links to iTunes and Podbean for iPhone and Android users respectively, but it can be played directly from our webpage:
It’s exciting to be part of both these projects and to see how the Lord as blessed us and far we have travelled over the past 17 years.