Download presentation
Presentation is loading. Please wait.
Published byTitus Newhall Modified over 10 years ago
1
K12 Secure Identity Management Identity Based Collaborative Learning Solution
2
Agenda Introduction to Condrey Consulting Corporation Introduction to No Child Left Behind (NCLB) Introduction to the Schools Interoperability Framework (SIF) Benefits and Solution Overview Components of SIF Provisioning Solution Phased Solution Approach Identity Based Collaborative Learning SIF Enabled Identity Management Live Demo Q&A
3
Condrey Consulting Corporation Company Overview David Condrey – Owner and CEO US Software Engineering Corporation based in Greenville, SC Customers in 33 countries representing Commercial, Fortune 1000, State & Federal Government, Military, Healthcare, Higher-Ed and K12 Well known and respected by customers, especially in the academic market Well known at Novell – Model Partner Invested in the future of Novell
4
Condrey Consulting Products Overview File System Factory™ – Novell Nsure - Novell Price List Identity Based Storage Management Ties Provisioning to the NetWare OS – Event Driven and Policy Based Lifecycle Content and Data Management (ePortfolio) IUAdmin™ Identity Based Personal and Collaborative Storage Access –Integrates with File System Factory™ –Integrates with exteNd Portal, Virtual Office and iChain Web Based Access to Personal and Group Content Web Based Help Desk Administration Web Based User Self-Service and Password Reset AuditLogin™ and TrustFun Who’s Accessing Storage and What Rights Do They Have? -Login/Logout - Date, Time,Workstation -Trend Reports and Graphs -File and Directory Rights Analysis
5
File System Factory Education Customers University of Kentucky – 43,000 users Northern Illinois University – 67,000 users Minnesota State Colleges and Universities – 93,000 users Charleston County Schools, SC – 42,000 users University of Georgia – 60,000 users Embry Riddle University – 12,000 users Hemet School District, Los Angeles Grand Rapids Community College Savannah Chatham County Schools, Georgia Douglas County Schools, Georgia Newton County Schools, Georgia
6
More File System Education Customers Northwestern Michigan University Old Dominion University Madison Area Technical College Waukesha County Technical College Blackhawk PA School District Marysville Village Schools Spearfish School District Maine Township High School District Waubonsee Community College Western Illinois Univeristy Escondido Union High School District Sutton Public Schools Escondido Union High School District Sutton Public Schools Ramaz School Augsburg College Southwestern Community District No. 9 Le Moyne College Macon County R-1 Grant MacEwan College Clemson University Community Consolidated School District – Illinois Ramaz School Augsburg College
7
Sample of Education Customers Leveraging File System Factory, IUAdmin and AuditLogin
8
Introduction to NCLB No Child Left Behind
9
No Child Left Behind Program Summary NCLB requires schools to: increase student access to technology help students to achieve higher academic standards improve teachers’ ability to use technology for instruction increases technology implementation for schools, especially those serving disadvantaged children To receive much of the NCLB federal funding, local school districts must provide government agencies with strategic plans for implementing educational technology. Financial Allocation: In fiscal year 2002, Congress allocated $22.2 billion for education and No Child Left Behind implementation nationwide.
10
The “Digital Portfolio" is a strategy that has gained wide- spread acceptance in the education field Digital portfolios make it easier to track a student's progress and work over the years. Allows students to store their material in digital format on a server to be reviewed by team members. The portfolio contains samples of significant student work over time and should be available to the student throughout their school career, making it easier for teachers to access student work and thus track performance. Digital portfolios are useful when applying to post-high school institutions or moving into careers in the private sector. Digital Identity is key NCLB and Digital Portfolio’s
11
http://www.kn.pacbell.com/news/CAschools/sas.html http://www.southalabama.edu/tomorrowsteachers/portfolios.html http://schools.nycenet.edu/d75/instructionalservices/assessment/ altassessment/datafolio.htmlhttp://schools.nycenet.edu/d75/instructionalservices/assessment/ altassessment/datafolio.html http://www.pupilpages.com/ http://www.mandia.com/kelly/portfolio.htm NCLB and ePortfolio Links
12
Schools Interoperability Framework SIF Not a product, but a technical blueprint Designed for and by K-12 technology providers and educators Manages data within the K-12 environment Enables diverse applications to interact and share data Works cross-platform, over a Web- based interface Allows automated reporting
13
K-12 Identity Management Reality Data Silo’s Duplication of work Inconsistent application of business policy Time consuming – productivity delays Little security confidence, significant exposure Library Automation e-MailGrade Book Network Account Transportation Student Information Services Data Warehouse Food Services
14
SIF components Zone Integration Server (ZIS) SIF Agents Applications SIF Data Objects Novell Network Account School Badge Instructional Software (Plato) Transportation Library Automation Student Information Services Data Warehouse Food Services
15
SIF integration Food Service Grade Book HR / Finance Library SIS Transportation Instructional Services Voice Telephony Data Warehousing Accountibility, Reporting, Planning, etc. K-12 data model School District State Federal
16
SIF vendors (Cont.) Student Information Systems Pearson Education Technologies –SASIxp –Edustructures SIF Agent for SASIxp –www.edustructures.com Sungard Pentamation –Open Series Student Management System –www.pentamotion.com Central Susquehanna Intermediate Unit –CSIU Administrative Software Suite –www.csiu-technology.org
17
SIF vendors (Cont.) Library Automation Follett Software Co – www.fsc.follett.com SIRS Mandarin – www.mlasolutions.comwww.mlasolutions.com Sagebrush Spectrum Telephony Parlant Technology – www.parlant.com Classroom Software Renaissance Learning – www.renlearn.com Transportation VersaTrans Solutions – www.versatrans.com Food Service School-Link Technologies – www.school- linktechnologies.com
18
SIF vendors (Cont.) Novell Microsoft Apple IBM Sun Microsystems Edustructures -ZIS Data Warehouse TetraData eScholar
19
SIF Government Members US Department of Education Virginia Department of Education Delaware Department of Education Idaho Dept of Education/Rich Mincer Maryland State Dept of Education National Center for Education Statistics (NCES) Ohio Department of Education Ohio SchoolNet Commission
20
SIF benefits Teachers Real-time access to critical information Better data analysis Teachers time better spent Students Personalized Student Content Improved timeliness of service Accurate School Data Increased Efficiency IT Departments Reduced support costs Reduced time needed to manage multiple data sources Save money using existing systems and infrastructure Administrators Increased Efficiency Reduced redundancy and errors Reduced compatibility issues NCLB
21
Additional Information on SIF http://www.sifinfo.org http://www.opengroup.org/sif/cert/ http://www.sifinfo.org/vendors/sif_vendor_member.asp
22
Components of K12 SIF Provisioning Solution
23
Novell eDirectory Edustructures SIFWorks™ Zone Integration Server (ZIS) Nsure Identity Manager SIF User Agent Life Cycle Student Account Management Novell File System Factory Lifecycle Content and Data Management (ePortfolio) File Rights and Trustee Analysis IUAdmin Web based access to personal and collaborative content Self-Service Password Reset and Help Desk AuditLogin and TrustFun Who’s accessing storage and what rights do they have Novell iChain Secure Access to Web Applications Components of K12 SIF Identity Provisioning Solution
24
Digital Identities The key to student and faculty provisioning Digital Identities The key to student and faculty provisioning
25
Novell eDirectory Stores information about people, services, and resources Manages relationships between them Directs interactions and triggers events Stores information about people, services, and resources Manages relationships between them Directs interactions and triggers events
26
Founding Member of SIF Member of SIF Board of Directors Strategic Partner Alliances –NCS Learn, Follett –School-Link, Versatran –Novell and others SIFWorks Enterprise ZIS Server Cross Platform Support –Netware, Windows, Linux, Solaris, MacOS X SASIxp SIF Agent www.edustructures.com Edustructures Zone Integration Server
27
Nsure Identity Manager SIF User Agent (DirXML) SIF Agent for Provisioning Students Built on Award Winning DirXML Technology Supports the Following SIF Object Types: Student Personal Staff Personal Student School Enrollment
28
Novell File System Factory Automatic Disk Space for all Students or Staff!
29
Novell File System Factory Automatic Disk Space for each Class or Work Group!
30
Novell File System Factory Automated Home Directory Management: Create It, Manage It, and most importantly… Clean It Up!
31
Novell File System Factory Lifecycle Data and ePortfolio Management: Create It Move It Manage It
32
Novell File System Factory All you have to do is create the users and groups… …Any way you want… …We’ll handle the rest!
33
FSF NetWare Provision Storage as well as Accounts with Novell File System Factory and Identity Management eDirectory BorderManager ZENworks for Desktops NetMail Identity Mgr SIF Identity Mgr AD Active Directory LINUX Policy-based Event-driven Load balancing Storage creation Storage management Storage cleanup Personal user storage Group storage Driver ZIS High School 25MB Middle School 10MB
34
FSF Methodology Target File Systems SERV1/VOL1:POLICIES Algorithm: Random Balance Rights: RWCEMFA Quota: 150 MB Template: SERV1/VOL1:Policies DelWait: 90 Days 150MB Copy BSmith BSmith RWCEMFA Policy BJones BJones New workflow component allows employee’s manager to review, reassign, or vault user data prior to deletion. Create Rename Delete
35
Policy Assignment & Data Migration BSmith 25MB Policy BSmith 50MB Seamless Fault-tolerant Safe Scheduler – 9:00PM
36
Northern Illinois University Data Migration - Backfill Policy BSmith RJones KJackson RCroom DWyatt RJones KJackson BSmith RCroom DWyatt BSmith RCroom DWyatt RJones KJackson Admin issues Backfill with “Enforce Policy Paths” option, which will move data. Pentium Pro 200’s – 67,672 Users Pentium Pro 200’s – 0 Users NCS
37
Education Group Policy Example Target File Systems SERV1/VOL1:GroupSample Algorithm: Random Balance Rights: none Quota: 500 MB Template: SERV1/VOL1:GroupSample DelWait: Never 150MB Copy SPAN340-001 Policy Assign Policy to Courses Container Automatically Create Group Storage and Assign Policies Copy Course Files for Each Student from Template Create Course Group Object
38
Group Policy Templates Configuration Steps SPAN340-001.MS.COURSES.STATEU Create eDir Objects Assign Rights to Directories Create Template Create Group Object Assign Members & Owners to the Group Create FSF Group Policy Using the FSF Management Interface
39
Group Policy Templates JSmith.Students.STATEU MRoberts.Students.STATEU NFrost.Students.STATEU PJones.Students.STATEU RBrooks.Students.STATEU SSmith.Students.STATEU STimms.Students.STATEU TJones.Students.STATEU TSmythe.Students.STATEU WClark.Students.STATEU ABelcher.Staff.STATEU KAlesanto.Staff.STATEU MembersOwners Assign Students as Members and Instructors as Owners
40
Group Policy Templates File System Factory Automatically Provisions Storage for Students and Instructors
41
Backfill - Apply or Reapply Policy to Existing Objects On Demand Policy BSmith RJones KJackson RCroom DWyatt RJones KJackson BSmith RCroom DWyatt BSmith RCroom DWyatt BSmith RCroom DWyatt RJones KJackson Admin issues Backfill with “Enforce Policy Paths” option, which will move data. Later, the same operation can be used to replace existing servers. Provision storage for pre-existing users according to policy. Begin managing pre-existing storage according to policy.
42
Where’s my stuff? Users need an easy way to find their storage …even if you need to move it. Personal Storage and Group Storage. Map a Drive? There’s only so many letters in the alphabet. Login Script Management is a headache for group storage.
43
URAccess End-User tool for dynamically building personalized access links to storage. Leverages Home_Directory user attribute for personal storage. Leverages cccFSFactoryHomedir group attribute for shared storage. Creates a local set of UNC paths and description presented to the user in a Windows UI. Like App-Launcher for ZENworks, except provides access to storage. List can be refreshed at any time. Supports multiple tree connections.
44
URAccess
45
Executive Storage Dashboard Storage Trends on User and Group Policies
46
Administrative Storage Dashboard Storage Health Check https://your.server.name.or.ip.address:8009/FSF/HTTP_FSFExecutiveDashboard. Event Statistics
47
Web Based Quota Manager Policy Configuration
48
Quota Manager – Help Desk Interface https://your.server.name.or.ip.address:8009/FSF/HTTP_FSFQuotaMgr
49
Quota Manager – Help Desk Interface Green = space available > 25% of quota Yellow = space available < 25% of quota Red = space available < 10% of quota
50
Quota Manager – Help Desk Interface
51
File System Rights Analysis
52
Rights Analysis OWNERS MEMBERS
53
Novell eGuide Manager
54
Workflow Configuration
55
Employee Data Manager Interface
56
What are the requirements? Any Novell supported version of NDS ® or eDirectory (6.xx, 7.xx, 8.xx, 85.xx, 8.6.x, 8.7.x) NetWare 5.1 SP6 or later NetWare 6.0 SP4 or later NetWare 6.5 or later NetWare 4.x SP9 or later NetWare 5.0 SP6a or later NetWare 5.1 SP6 or later NetWare 6.0 SP4 or later NetWare 6.5 or later NetWare 6.0 SP4 or later NetWare 6.5 or later NDS/eDir FSF_EventFSF_Engine
57
File System Factory for: Microsoft Active Directory Linux Coming up Next
58
FSF NetWare Provision and De-Provision Storage for Netware, Active Directory and Linux Based on Policy eDirectory BorderManager ZENworks for Desktops NetMail Identity Mgr PeopleSoft Identity Mgr AD Active Directory LINUX PeopleSoft Driver FSF
59
IUAdmin™ User Self Service Personal And Group Storage Access Help Desk Managed By File System Factory Events & Policies Personal Storage Group Storage ePortfolio
60
IUAdmin™ Web Based Access to Netware Personal Content and ePortfolio Managed by File System Factory Policies Web Based Access to Collaborative Group Content Based on File System Factory Policies Integrate with Novell Extend Portal, Netware 6.5 Virtual Office Portal and Novell iChain User Self Service Self-Service Password Reset Let Users Optionally fix their own problems Help Desk Administration Location and Departmental based Help Desk Help Desk Group Management User Help Indicators Identify Account Problems Intruder Lockout Grace Logins Login Disabled Account Expired
61
Help Desk Dashboard
62
IUAdmin™ Architecture IUAdmin Core Architecture User Self Service Help Desk File System Mgt Resource Mgt AuditLogin Trustfun File System Access Other products provide Management Paks that plug in to the architecture. File System Factory ePortfolio Built on top of Novell’s HTTPSTK..no webserver to install or configure.Built on top of Novell’s HTTPSTK..no webserver to install or configure. SSL connections for security.SSL connections for security. Contextless Login.Contextless Login. No schema extensions. HoweverNo schema extensions. However optional extensions are provided for increased functionality. Runs on Netware 5.1 or above withRuns on Netware 5.1 or above with any version of eDirectory.
63
Self Service and Password Reset
64
Self Service Password Reset
65
No More Floppy Drive Headaches Virus’s Limited Space Drive Failures Management Nightmare IUAdmin Solution File System Factory
66
AuditLogin Graph
67
AuditLogin - Log File Report
68
Securely Linking eEducation to Everything Novell iChain
69
What is iChain? iChain is Novell technology for web security Reduces the complexities of implementing and managing secure web applications Proxy based Architecture Supports more HTTP services than any of it’s competitors Provide single sign-on to web based resources Supports Enterprise and Project based solutions
70
Why iChain? Firewall Intranet Internet Student Internet Parent IUAdmin IIS SECURITY Web Servers and Applications SECURITY Linux/ Apache SECURITY Issues when creating a Secure Web infrastructure: Direct Access to Web Servers (increase possibility of hacking) Multiple User Identities (no single sign on) Need to install SSL services on each web server Need to change links in HTML content from HTTP to HTTPS Many different Web Server Technologies Teacher
71
Firewall SECURITY INFRASTRUCTURE Web Servers and Applications Teacher One Net Student Parent IUAdmin Linux/ Apache eDirectory ™ iChain ® Benefits of iChain: Single Authentication Point Provides Web Single Sign On (headers and Form Fill) Sends Personalized content to applications Rewrites HTML data (completely hide internal DNS infrastructure) Dynamically encrypts content as it passes through proxy Single SSL Certificate can be used for all internal web sites (proxy based) No change to HTML content No change to applications authentication process Secures all HTTP servers Remove Direct Access to Web Servers iChain Solution IIS
72
Phase 1 Identity Based Collaborative Learning –Personal Content and Class Storage –Web Based Access for Teachers and Students –Student ePortfolio - Cradle to Job –User Self Service and Web Based Help Desk –Faculty and IT Staff Training SIF Readiness Assessment –Technology Infrastructure Assessment –High-Level SIF Design and Plan (Naming Standards) –Executive Level Presentation of Findings Minimum Phase 1 Software Requirements –Novell File System Factory –IUAdmin and AuditLogin Phased Approach – Phase 1
73
Phase 1 Policy Based Collaborative Learning ZENWorks™ GroupWise ® NetMail Novell BorderManager IUAdmin™ AuditLogin™ eDirectory ™ File System Factory™ Policy Based Storage Home Directory Class Storage Student ePortfolio AuditLogin Report & Graph Product Licenses Novell SLA File System Factory™ Condrey Consulting IUAdmin™ AuditLogin™, TrustFun UIMPORTLDAP IDM Console One Faculty Students
74
Production Tree Novell BorderManager K12 Student Provisioning Grade Promotion Student Locker Home Directory ePortfolio Class Storage HS1 IUAdmin MS1 HDEP Grade Promotion eDirectory UIMPORTLDAP Custom or 3 rd Party Console One IDM FSF
75
Production Tree K12 Student Provisioning Graduation HS1 IUAdmin™ EPHD ePortfolio EP IUAdmin™ SCSD DIST SMS STUDENTS Graduated Novell BorderManager Student Locker Graduation eDirectory UIMPORTLDAP Custom or 3 rd Party Console One IDM FSF
76
Phase 1 Benefits Teachers Web based access to resources and data Team Collaboration with students and teachers Teacher ePortfolio Students Personalized Student Content Improved timeliness of service Web Based Access to resources and lesson assignments IT Departments Reduced help desk support costs Reduced time needed to manage personal and group storage Leverage existing systems and infrastructure – No upgrades Administrators Meet NCLB requirement for personalize content Minimal cost with large return Web based access to resources and data
77
DescriptionCostMaint Totals File System Factory – 5000 Students (SLA)$2,500.00$0.00$2,500.00 IUAdmin – 900 Faculty and 12 th Grade Students$700.00$140.00$840.00 AuditLogin – Site District License$1,000.00$350.00$1,350.00 TrustFun – Site District License$400.00$125.00$525.00 Software Cost $5,215.00 * Hardware Cost $0.00 Total Software and Hardware Cost $5,215.00 # Students in District = 5000 * FTE for File System Factory # Faculty in District = 500 # Students in 12 th Grade = 400 FTE for IUAdmin = 900 * Hardware costs depends on the clients current environment Recommend one server for IUAdmin Resource Portal Phase One Pilot Example
78
Current IUAdmin Educational Pricing Flexible Pricing Based on District Needs IUADMIN Government/Educational Pricing* New License Maintenance User CountSKU#PriceSKU#Price 1000IAV101KEDU$700IAMT01KEDU$140 2000IAV102KEDU$1,000IAMT02KEDU$200 4000IAV104KEDU$1,600IAMT04KEDU$320 8000IAV108KEDU$2,400IAMT08KEDU$480 16000IAV116KEDU$3,200IAMT16KEDU$640 32000IAV132KEDU$4,800IAMT32KEDU$960 UnlimitedIAV1UNLEDU$6,400IAMTUNLEDU$1,280
79
Current AuditLogin Educational Pricing Government and Education Pricing* AuditLogin Description SKU#Price Gov/Education New Licenses V3 Single ServerALV3NSSEDU$100 V3 Three Server Pack (save 25%)ALV3N3PEDU$225 V3 Site LicenseALV3NSTEDU$1,000 Gov/Education Maintenance V3 Yearly Upgrade Protection and Maintenance Option***ALMAINTEDU$350 Gov/Education Upgrade from Version 2 V3 Three Server Pack Upgrade**ALV3USSEDU$50 V3 Site License Upgrade **ALV3USTEDU$500
80
Phase 2 – SIF-Enabled Identity Management Detailed SIF Identity Management Design and Plan SIF Production Pilot –Two Schools and District Office –Knowledge Transfer and Training Full SIF Deployment Phase - Remaining Schools Minimum Software Requirements –Edustructures SIFWorks - SLA –SIS SIF Agent – Specific to vendor –NSure Identity Manager SIF Driver (DirXML) - SLA –Novell iChain – SLA –Hardware Requirements – Depends on Size of District Phased Approach – Phase 2
81
User Provisioning / De-Provisioning User Access Management Content Management & Personalization AuditLogin TrustFun IUAdmin File System Factory Phase 1 Phase 2 Nsure Identity Mgr SIFWorks Novell iChain NW 6.5 Virtual Office eXtend Portal SIF-Enabled Identity Management Phases Collaborative Learning SIF Provisioning
82
ZENWorks NetMail ® Novell iChain Extend Portal / Virtual Office IUAdmin AuditLogin Instructional Services eDirectory ™ File System Factory AuditLogin Report & Graph DirXML H.R. & Finance Voice Telephony Library Automation Student Information Services Transportation Food Services Policy Based Storage Home Directory Class Storage Student ePortfolio Faculty Students Student Provisioning Phase 2
83
Q & A
84
TrustFun Rights Analysis
85
TrustFun Report
86
Trustee Assignment Detail
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.