Presentation is loading. Please wait.

Presentation is loading. Please wait.

K12 Secure Identity Management Identity Based Collaborative Learning Solution.

Similar presentations


Presentation on theme: "K12 Secure Identity Management Identity Based Collaborative Learning Solution."— Presentation transcript:

1 K12 Secure Identity Management Identity Based Collaborative Learning Solution

2 Agenda Introduction to Condrey Consulting Corporation Introduction to No Child Left Behind (NCLB) Introduction to the Schools Interoperability Framework (SIF) Benefits and Solution Overview Components of SIF Provisioning Solution Phased Solution Approach Identity Based Collaborative Learning SIF Enabled Identity Management Live Demo Q&A

3 Condrey Consulting Corporation Company Overview David Condrey – Owner and CEO US Software Engineering Corporation based in Greenville, SC Customers in 33 countries representing Commercial, Fortune 1000, State & Federal Government, Military, Healthcare, Higher-Ed and K12 Well known and respected by customers, especially in the academic market Well known at Novell – Model Partner Invested in the future of Novell

4 Condrey Consulting Products Overview File System Factory™ – Novell Nsure - Novell Price List Identity Based Storage Management Ties Provisioning to the NetWare OS – Event Driven and Policy Based Lifecycle Content and Data Management (ePortfolio) IUAdmin™ Identity Based Personal and Collaborative Storage Access –Integrates with File System Factory™ –Integrates with exteNd Portal, Virtual Office and iChain Web Based Access to Personal and Group Content Web Based Help Desk Administration Web Based User Self-Service and Password Reset AuditLogin™ and TrustFun Who’s Accessing Storage and What Rights Do They Have? -Login/Logout - Date, Time,Workstation -Trend Reports and Graphs -File and Directory Rights Analysis

5 File System Factory Education Customers University of Kentucky – 43,000 users Northern Illinois University – 67,000 users Minnesota State Colleges and Universities – 93,000 users Charleston County Schools, SC – 42,000 users University of Georgia – 60,000 users Embry Riddle University – 12,000 users Hemet School District, Los Angeles Grand Rapids Community College Savannah Chatham County Schools, Georgia Douglas County Schools, Georgia Newton County Schools, Georgia

6 More File System Education Customers Northwestern Michigan University Old Dominion University Madison Area Technical College Waukesha County Technical College Blackhawk PA School District Marysville Village Schools Spearfish School District Maine Township High School District Waubonsee Community College Western Illinois Univeristy Escondido Union High School District Sutton Public Schools Escondido Union High School District Sutton Public Schools Ramaz School Augsburg College Southwestern Community District No. 9 Le Moyne College Macon County R-1 Grant MacEwan College Clemson University Community Consolidated School District – Illinois Ramaz School Augsburg College

7 Sample of Education Customers Leveraging File System Factory, IUAdmin and AuditLogin

8 Introduction to NCLB No Child Left Behind

9 No Child Left Behind Program Summary NCLB requires schools to: increase student access to technology help students to achieve higher academic standards improve teachers’ ability to use technology for instruction increases technology implementation for schools, especially those serving disadvantaged children To receive much of the NCLB federal funding, local school districts must provide government agencies with strategic plans for implementing educational technology. Financial Allocation: In fiscal year 2002, Congress allocated $22.2 billion for education and No Child Left Behind implementation nationwide.

10 The “Digital Portfolio" is a strategy that has gained wide- spread acceptance in the education field Digital portfolios make it easier to track a student's progress and work over the years. Allows students to store their material in digital format on a server to be reviewed by team members. The portfolio contains samples of significant student work over time and should be available to the student throughout their school career, making it easier for teachers to access student work and thus track performance. Digital portfolios are useful when applying to post-high school institutions or moving into careers in the private sector. Digital Identity is key NCLB and Digital Portfolio’s

11 http://www.kn.pacbell.com/news/CAschools/sas.html http://www.southalabama.edu/tomorrowsteachers/portfolios.html http://schools.nycenet.edu/d75/instructionalservices/assessment/ altassessment/datafolio.htmlhttp://schools.nycenet.edu/d75/instructionalservices/assessment/ altassessment/datafolio.html http://www.pupilpages.com/ http://www.mandia.com/kelly/portfolio.htm NCLB and ePortfolio Links

12 Schools Interoperability Framework SIF Not a product, but a technical blueprint Designed for and by K-12 technology providers and educators Manages data within the K-12 environment Enables diverse applications to interact and share data Works cross-platform, over a Web- based interface Allows automated reporting

13 K-12 Identity Management Reality Data Silo’s Duplication of work Inconsistent application of business policy Time consuming – productivity delays Little security confidence, significant exposure Library Automation e-MailGrade Book Network Account Transportation Student Information Services Data Warehouse Food Services

14 SIF components Zone Integration Server (ZIS) SIF Agents Applications SIF Data Objects Novell Network Account School Badge Instructional Software (Plato) Transportation Library Automation Student Information Services Data Warehouse Food Services

15 SIF integration Food Service Grade Book HR / Finance Library SIS Transportation Instructional Services Voice Telephony Data Warehousing Accountibility, Reporting, Planning, etc. K-12 data model School District State Federal

16 SIF vendors (Cont.) Student Information Systems Pearson Education Technologies –SASIxp –Edustructures SIF Agent for SASIxp –www.edustructures.com Sungard Pentamation –Open Series Student Management System –www.pentamotion.com Central Susquehanna Intermediate Unit –CSIU Administrative Software Suite –www.csiu-technology.org

17 SIF vendors (Cont.) Library Automation Follett Software Co – www.fsc.follett.com SIRS Mandarin – www.mlasolutions.comwww.mlasolutions.com Sagebrush Spectrum Telephony Parlant Technology – www.parlant.com Classroom Software Renaissance Learning – www.renlearn.com Transportation VersaTrans Solutions – www.versatrans.com Food Service School-Link Technologies – www.school- linktechnologies.com

18 SIF vendors (Cont.) Novell Microsoft Apple IBM Sun Microsystems Edustructures -ZIS Data Warehouse TetraData eScholar

19 SIF Government Members US Department of Education Virginia Department of Education Delaware Department of Education Idaho Dept of Education/Rich Mincer Maryland State Dept of Education National Center for Education Statistics (NCES) Ohio Department of Education Ohio SchoolNet Commission

20 SIF benefits Teachers Real-time access to critical information Better data analysis Teachers time better spent Students Personalized Student Content Improved timeliness of service Accurate School Data Increased Efficiency IT Departments Reduced support costs Reduced time needed to manage multiple data sources Save money using existing systems and infrastructure Administrators Increased Efficiency Reduced redundancy and errors Reduced compatibility issues NCLB

21 Additional Information on SIF http://www.sifinfo.org http://www.opengroup.org/sif/cert/ http://www.sifinfo.org/vendors/sif_vendor_member.asp

22 Components of K12 SIF Provisioning Solution

23 Novell eDirectory Edustructures SIFWorks™ Zone Integration Server (ZIS) Nsure Identity Manager SIF User Agent Life Cycle Student Account Management Novell File System Factory Lifecycle Content and Data Management (ePortfolio) File Rights and Trustee Analysis IUAdmin Web based access to personal and collaborative content Self-Service Password Reset and Help Desk AuditLogin and TrustFun Who’s accessing storage and what rights do they have Novell iChain Secure Access to Web Applications Components of K12 SIF Identity Provisioning Solution

24 Digital Identities The key to student and faculty provisioning Digital Identities The key to student and faculty provisioning

25 Novell eDirectory Stores information about people, services, and resources Manages relationships between them Directs interactions and triggers events Stores information about people, services, and resources Manages relationships between them Directs interactions and triggers events

26 Founding Member of SIF Member of SIF Board of Directors Strategic Partner Alliances –NCS Learn, Follett –School-Link, Versatran –Novell and others SIFWorks Enterprise ZIS Server Cross Platform Support –Netware, Windows, Linux, Solaris, MacOS X SASIxp SIF Agent www.edustructures.com Edustructures Zone Integration Server

27 Nsure Identity Manager SIF User Agent (DirXML) SIF Agent for Provisioning Students Built on Award Winning DirXML Technology Supports the Following SIF Object Types: Student Personal Staff Personal Student School Enrollment

28 Novell File System Factory Automatic Disk Space for all Students or Staff!

29 Novell File System Factory Automatic Disk Space for each Class or Work Group!

30 Novell File System Factory Automated Home Directory Management: Create It, Manage It, and most importantly… Clean It Up!

31 Novell File System Factory Lifecycle Data and ePortfolio Management: Create It Move It Manage It

32 Novell File System Factory All you have to do is create the users and groups… …Any way you want… …We’ll handle the rest!

33 FSF NetWare Provision Storage as well as Accounts with Novell File System Factory and Identity Management eDirectory BorderManager ZENworks for Desktops NetMail Identity Mgr SIF Identity Mgr AD Active Directory LINUX Policy-based Event-driven Load balancing Storage creation Storage management Storage cleanup Personal user storage Group storage Driver ZIS High School 25MB Middle School 10MB

34 FSF Methodology Target File Systems SERV1/VOL1:POLICIES Algorithm: Random Balance Rights: RWCEMFA Quota: 150 MB Template: SERV1/VOL1:Policies DelWait: 90 Days 150MB Copy BSmith BSmith RWCEMFA Policy BJones BJones New workflow component allows employee’s manager to review, reassign, or vault user data prior to deletion. Create Rename Delete

35 Policy Assignment & Data Migration BSmith 25MB Policy BSmith 50MB Seamless Fault-tolerant Safe Scheduler – 9:00PM

36 Northern Illinois University Data Migration - Backfill Policy BSmith RJones KJackson RCroom DWyatt RJones KJackson BSmith RCroom DWyatt BSmith RCroom DWyatt RJones KJackson Admin issues Backfill with “Enforce Policy Paths” option, which will move data. Pentium Pro 200’s – 67,672 Users Pentium Pro 200’s – 0 Users NCS

37 Education Group Policy Example Target File Systems SERV1/VOL1:GroupSample Algorithm: Random Balance Rights: none Quota: 500 MB Template: SERV1/VOL1:GroupSample DelWait: Never 150MB Copy SPAN340-001 Policy Assign Policy to Courses Container Automatically Create Group Storage and Assign Policies Copy Course Files for Each Student from Template Create Course Group Object

38 Group Policy Templates Configuration Steps SPAN340-001.MS.COURSES.STATEU Create eDir Objects Assign Rights to Directories Create Template Create Group Object Assign Members & Owners to the Group Create FSF Group Policy Using the FSF Management Interface

39 Group Policy Templates JSmith.Students.STATEU MRoberts.Students.STATEU NFrost.Students.STATEU PJones.Students.STATEU RBrooks.Students.STATEU SSmith.Students.STATEU STimms.Students.STATEU TJones.Students.STATEU TSmythe.Students.STATEU WClark.Students.STATEU ABelcher.Staff.STATEU KAlesanto.Staff.STATEU MembersOwners Assign Students as Members and Instructors as Owners

40 Group Policy Templates File System Factory Automatically Provisions Storage for Students and Instructors

41 Backfill - Apply or Reapply Policy to Existing Objects On Demand Policy BSmith RJones KJackson RCroom DWyatt RJones KJackson BSmith RCroom DWyatt BSmith RCroom DWyatt BSmith RCroom DWyatt RJones KJackson Admin issues Backfill with “Enforce Policy Paths” option, which will move data. Later, the same operation can be used to replace existing servers. Provision storage for pre-existing users according to policy. Begin managing pre-existing storage according to policy.

42 Where’s my stuff? Users need an easy way to find their storage …even if you need to move it. Personal Storage and Group Storage. Map a Drive? There’s only so many letters in the alphabet. Login Script Management is a headache for group storage.

43 URAccess End-User tool for dynamically building personalized access links to storage. Leverages Home_Directory user attribute for personal storage. Leverages cccFSFactoryHomedir group attribute for shared storage. Creates a local set of UNC paths and description presented to the user in a Windows UI. Like App-Launcher for ZENworks, except provides access to storage. List can be refreshed at any time. Supports multiple tree connections.

44 URAccess

45 Executive Storage Dashboard Storage Trends on User and Group Policies

46 Administrative Storage Dashboard Storage Health Check https://your.server.name.or.ip.address:8009/FSF/HTTP_FSFExecutiveDashboard. Event Statistics

47 Web Based Quota Manager Policy Configuration

48 Quota Manager – Help Desk Interface https://your.server.name.or.ip.address:8009/FSF/HTTP_FSFQuotaMgr

49 Quota Manager – Help Desk Interface Green = space available > 25% of quota Yellow = space available < 25% of quota Red = space available < 10% of quota

50 Quota Manager – Help Desk Interface

51 File System Rights Analysis

52 Rights Analysis OWNERS MEMBERS

53 Novell eGuide Manager

54 Workflow Configuration

55 Employee Data Manager Interface

56 What are the requirements? Any Novell supported version of NDS ® or eDirectory (6.xx, 7.xx, 8.xx, 85.xx, 8.6.x, 8.7.x) NetWare 5.1 SP6 or later NetWare 6.0 SP4 or later NetWare 6.5 or later NetWare 4.x SP9 or later NetWare 5.0 SP6a or later NetWare 5.1 SP6 or later NetWare 6.0 SP4 or later NetWare 6.5 or later NetWare 6.0 SP4 or later NetWare 6.5 or later NDS/eDir FSF_EventFSF_Engine

57 File System Factory for: Microsoft Active Directory Linux Coming up Next

58 FSF NetWare Provision and De-Provision Storage for Netware, Active Directory and Linux Based on Policy eDirectory BorderManager ZENworks for Desktops NetMail Identity Mgr PeopleSoft Identity Mgr AD Active Directory LINUX PeopleSoft Driver FSF

59 IUAdmin™ User Self Service Personal And Group Storage Access Help Desk Managed By File System Factory Events & Policies Personal Storage Group Storage ePortfolio

60 IUAdmin™ Web Based Access to Netware Personal Content and ePortfolio Managed by File System Factory Policies Web Based Access to Collaborative Group Content Based on File System Factory Policies Integrate with Novell Extend Portal, Netware 6.5 Virtual Office Portal and Novell iChain User Self Service Self-Service Password Reset Let Users Optionally fix their own problems Help Desk Administration Location and Departmental based Help Desk Help Desk Group Management User Help Indicators Identify Account Problems Intruder Lockout Grace Logins Login Disabled Account Expired

61 Help Desk Dashboard

62 IUAdmin™ Architecture IUAdmin Core Architecture User Self Service Help Desk File System Mgt Resource Mgt AuditLogin Trustfun File System Access Other products provide Management Paks that plug in to the architecture. File System Factory ePortfolio Built on top of Novell’s HTTPSTK..no webserver to install or configure.Built on top of Novell’s HTTPSTK..no webserver to install or configure. SSL connections for security.SSL connections for security. Contextless Login.Contextless Login. No schema extensions. HoweverNo schema extensions. However optional extensions are provided for increased functionality. Runs on Netware 5.1 or above withRuns on Netware 5.1 or above with any version of eDirectory.

63 Self Service and Password Reset

64 Self Service Password Reset

65 No More Floppy Drive Headaches Virus’s Limited Space Drive Failures Management Nightmare IUAdmin Solution File System Factory

66 AuditLogin Graph

67 AuditLogin - Log File Report

68 Securely Linking eEducation to Everything Novell iChain

69 What is iChain? iChain is Novell technology for web security Reduces the complexities of implementing and managing secure web applications Proxy based Architecture Supports more HTTP services than any of it’s competitors Provide single sign-on to web based resources Supports Enterprise and Project based solutions

70 Why iChain? Firewall Intranet Internet Student Internet Parent IUAdmin IIS SECURITY Web Servers and Applications SECURITY Linux/ Apache SECURITY Issues when creating a Secure Web infrastructure: Direct Access to Web Servers (increase possibility of hacking) Multiple User Identities (no single sign on) Need to install SSL services on each web server Need to change links in HTML content from HTTP to HTTPS Many different Web Server Technologies Teacher

71 Firewall SECURITY INFRASTRUCTURE Web Servers and Applications Teacher One Net Student Parent IUAdmin Linux/ Apache eDirectory ™ iChain ® Benefits of iChain: Single Authentication Point Provides Web Single Sign On (headers and Form Fill) Sends Personalized content to applications Rewrites HTML data (completely hide internal DNS infrastructure) Dynamically encrypts content as it passes through proxy Single SSL Certificate can be used for all internal web sites (proxy based) No change to HTML content No change to applications authentication process Secures all HTTP servers Remove Direct Access to Web Servers iChain Solution IIS

72 Phase 1 Identity Based Collaborative Learning –Personal Content and Class Storage –Web Based Access for Teachers and Students –Student ePortfolio - Cradle to Job –User Self Service and Web Based Help Desk –Faculty and IT Staff Training SIF Readiness Assessment –Technology Infrastructure Assessment –High-Level SIF Design and Plan (Naming Standards) –Executive Level Presentation of Findings Minimum Phase 1 Software Requirements –Novell File System Factory –IUAdmin and AuditLogin Phased Approach – Phase 1

73 Phase 1 Policy Based Collaborative Learning ZENWorks™ GroupWise ® NetMail Novell BorderManager IUAdmin™ AuditLogin™ eDirectory ™ File System Factory™ Policy Based Storage Home Directory Class Storage Student ePortfolio AuditLogin Report & Graph Product Licenses Novell SLA File System Factory™ Condrey Consulting IUAdmin™ AuditLogin™, TrustFun UIMPORTLDAP IDM Console One Faculty Students

74 Production Tree Novell BorderManager K12 Student Provisioning Grade Promotion Student Locker Home Directory ePortfolio Class Storage HS1 IUAdmin MS1 HDEP Grade Promotion eDirectory UIMPORTLDAP Custom or 3 rd Party Console One IDM FSF

75 Production Tree K12 Student Provisioning Graduation HS1 IUAdmin™ EPHD ePortfolio EP IUAdmin™ SCSD DIST SMS STUDENTS Graduated Novell BorderManager Student Locker Graduation eDirectory UIMPORTLDAP Custom or 3 rd Party Console One IDM FSF

76 Phase 1 Benefits Teachers Web based access to resources and data Team Collaboration with students and teachers Teacher ePortfolio Students Personalized Student Content Improved timeliness of service Web Based Access to resources and lesson assignments IT Departments Reduced help desk support costs Reduced time needed to manage personal and group storage Leverage existing systems and infrastructure – No upgrades Administrators Meet NCLB requirement for personalize content Minimal cost with large return Web based access to resources and data

77 DescriptionCostMaint Totals File System Factory – 5000 Students (SLA)$2,500.00$0.00$2,500.00 IUAdmin – 900 Faculty and 12 th Grade Students$700.00$140.00$840.00 AuditLogin – Site District License$1,000.00$350.00$1,350.00 TrustFun – Site District License$400.00$125.00$525.00 Software Cost $5,215.00 * Hardware Cost $0.00 Total Software and Hardware Cost $5,215.00 # Students in District = 5000 * FTE for File System Factory # Faculty in District = 500 # Students in 12 th Grade = 400 FTE for IUAdmin = 900 * Hardware costs depends on the clients current environment Recommend one server for IUAdmin Resource Portal Phase One Pilot Example

78 Current IUAdmin Educational Pricing Flexible Pricing Based on District Needs IUADMIN Government/Educational Pricing* New License Maintenance User CountSKU#PriceSKU#Price 1000IAV101KEDU$700IAMT01KEDU$140 2000IAV102KEDU$1,000IAMT02KEDU$200 4000IAV104KEDU$1,600IAMT04KEDU$320 8000IAV108KEDU$2,400IAMT08KEDU$480 16000IAV116KEDU$3,200IAMT16KEDU$640 32000IAV132KEDU$4,800IAMT32KEDU$960 UnlimitedIAV1UNLEDU$6,400IAMTUNLEDU$1,280

79 Current AuditLogin Educational Pricing Government and Education Pricing* AuditLogin Description SKU#Price Gov/Education New Licenses V3 Single ServerALV3NSSEDU$100 V3 Three Server Pack (save 25%)ALV3N3PEDU$225 V3 Site LicenseALV3NSTEDU$1,000 Gov/Education Maintenance V3 Yearly Upgrade Protection and Maintenance Option***ALMAINTEDU$350 Gov/Education Upgrade from Version 2 V3 Three Server Pack Upgrade**ALV3USSEDU$50 V3 Site License Upgrade **ALV3USTEDU$500

80 Phase 2 – SIF-Enabled Identity Management Detailed SIF Identity Management Design and Plan SIF Production Pilot –Two Schools and District Office –Knowledge Transfer and Training Full SIF Deployment Phase - Remaining Schools Minimum Software Requirements –Edustructures SIFWorks - SLA –SIS SIF Agent – Specific to vendor –NSure Identity Manager SIF Driver (DirXML) - SLA –Novell iChain – SLA –Hardware Requirements – Depends on Size of District Phased Approach – Phase 2

81 User Provisioning / De-Provisioning User Access Management Content Management & Personalization AuditLogin TrustFun IUAdmin File System Factory Phase 1 Phase 2 Nsure Identity Mgr SIFWorks Novell iChain NW 6.5 Virtual Office eXtend Portal SIF-Enabled Identity Management Phases Collaborative Learning SIF Provisioning

82 ZENWorks NetMail ® Novell iChain Extend Portal / Virtual Office IUAdmin AuditLogin Instructional Services eDirectory ™ File System Factory AuditLogin Report & Graph DirXML H.R. & Finance Voice Telephony Library Automation Student Information Services Transportation Food Services Policy Based Storage Home Directory Class Storage Student ePortfolio Faculty Students Student Provisioning Phase 2

83 Q & A

84 TrustFun Rights Analysis

85 TrustFun Report

86 Trustee Assignment Detail


Download ppt "K12 Secure Identity Management Identity Based Collaborative Learning Solution."

Similar presentations


Ads by Google