County Technology Guidelines
version: 1.0
Version |
Primary Author(s) |
Description of Version |
Date Completed |
Draft |
GS |
Initial
draft created for distribution and review |
9/4/07 |
Preliminary |
Don McCarty Frederick Lumbert Mary Diegan |
Second draft incorporating initial review comments, distributed for final review |
|
Final |
First
complete draft, which is placed under change |
||
Revision 1 |
Revised
draft, revised according to the change |
||
Etc. |
TBD |
TBD |
Contents
New paragraphs formatted as Heading 1, Heading 2, and Heading 3 will be added to the table automatically. To update this table of contents in Microsoft Word, put the cursor anywhere in the table and press F9. If you want the table to be easy to maintain, do not change it manually.
Contents
1. Overview
1.1 Why Guidelines?
1.1.1 Obsolescence
1.1.2 Hardware Repair
1.1.3 Software Integration
2.2 County Computers
2.3 Other Computers
2.5 Peripherals
2.7 Warranty Support of Personal Computers and Peripherals
3. PC Software
3.1 Supported software (Operating System & Utilities)
3.2 County Image
3.3 Supported Installation of Software (Desktop Applications)
3.4.1 Web Browsers
3.6 Guildlines for County elements when purchasing Unsupported Software
4. Hand-held Devices (working draft)
4.1 Hardware
4.2 Software
5. Printing
5.2 Printer Support
6. Network
6.1 Responsibility
6.2 Wiring
6.3 Servers
6.4 Network Switches and Routers
6.6.1 Point-to-point or point to multi-point:
6.6.2 Mobile wireless: (Working for the future)
6.6.3 Fixed wireless:
6.6.4 Security requirements when installing wireless technologies
6.6.4.1 Point to point or point to multi point
6.6.4.2 Mobile wireless
6.6.4.3 Fixed Wireless
8. Security
8.1 Responsibility
8.2 Passwords
8.2.1 Network passwords
8.2.1.1 Password Standard
8.2.2 Application passwords
8.2.2.1 Resetting Passwords
To have a password reset please call the INS at 445-7555
8.3 DMZ (Demilitarized Zone) Security
8.3.1 DMZ Access
8.3.2 School Websites
9. Backups
9.1 Backups
9.1.1 Individual Personal Computers
9.1.2 School, department data
9.1.3 Data stored on a County maintained server
9.1.4 Development, Quality Assurance and Production servers
Router and Switch Host Names
11. IP Addressing
11.1 IP Addressing
11.1.1 Business Office Schema
11.1.2 IP Schema
11.1.3 School Schema
11.2 VLANS
11.2.1 VLAN Names
11.3 Patch Cables
Guidelines are created to allow the support organization (Technology) to maintain both the hardware and software infrastructure within the County.
All computer equipment has an expected lifespan when created by the manufacturer; further defining this lifespan is the ability to run the operating system and ancillary software that enables the device to perform its required functions. As an example, a four-year old PC may be within its lifespan as dictated by the manufacturer, but be incapable of running the present operating system.
As hardware ages, the basic components (circuit boards, fans, power supplies, etc.) begin to fail and finding replacement parts becomes more difficult. Repairs that may have taken two hours with "off the shelf" parts now take three weeks while INS staff attempts to find a reseller of old parts (which in turn may be close to failing if they are salvaged parts). Both County and District resources suffer through a machine's outage.
Both hardware and software age at approximately the same rate; however, non-standard software creates different problems. Obsolete software has problems integrating with newer software or hardware: As an example, the Windows 95 operating system is incapable of recognizing many DVD drives presently installed on computers. Frequently, software failures present misleading messages which imply other software or hardware components have failed; tracking down these false leads takes time.
An additional burden is born by the support organization when attempting to repair equipment from a non-standard vendor. Approved vendors supply the supporting department with repair manuals, Web sites and phone support faster and in more depth than experienced by the general consumer. When attempting to repair equipment from a non-standard vendor, the support organization receives the same response a home-user may receive.
Software systems create documents, spreadsheets, and other "items" in a format recognizable to themselves. In some cases "items" created in earlier versions of the same software types are also recognized but forward compatibility is not always possible. Additionally, many software components require certain operating systems to function: A document program from one vendor may not be sophisticated enough (or current enough) to read a document from a different vendor.
For
a support organization to be successful, they need to have familiarity with the
software they help maintain. The
support team is required to trouble-shoot, install and answer questions about
standard County software. There
are far too many possible software selections for the support team to be
familiar with all of them.
A personal computer (PC) is a hardware device, possibly connected to the County network, which consists of a keyboard, mouse, monitor and CPU. Personal computers include laptops and most desktop systems (both Intel and Macintosh). Hand-held devices (Pocket PC, Handspring, Palm, etc.) are not considered personal computers. Personal computers for the County fall into two categories:
( County – Purchased through the County using a vendor contract
( Other – Anything else, including donated or purchased "Used"*
o Used: Refurbished or rebuilt by any organization other than Humboldt County Office of Education
o *Donated: For large donations, INS will develop a Service Level Agreements (SLA) to provide some level of support.
For support purposes, computers within the county are segregated by their origin, rather than their use. As an example, a new computer may be deployed to a PC Lab in a school and is still supported by INS; a donated computer (regardless of age) is not supported by INS unless an SLA has been specifically written by INS. In short, computers purchased from the County contract, are "County" machines; those not purchased from the contract are in the "other" category unless an SLA has been written by INS.
The following are general guidelines for determining if a PC should be County or Other:
( PCs running County applications (Fin2000, Minisoft, Reflections, etc.) must be County machines.
( Students may use either County or Other PCs.
( A stand-alone (not connected to the network) machine
may be either a County or Other PC.
2.2 County Computers back
The present County contract for PCs (including laptops) is with Dell Computer Corporation; this contract will be evaluated every three (3) years. The present contract supports a three-year onsite warranty, preinstalled operating system and standard licensed software.
Model |
Supported |
Should be replaced in next school year |
(General) |
2.4Ghz processor and faster |
Less than 2.0Ghz processor |
Desktop |
Dell MAC |
Dell G Series or Below Power mac 5200 or Below |
Laptop |
Dell Power Book |
Dell Lattitude or lower |
Any County entity that acquires computers in the "other" category must provide support for them. These computers must meet minimum requirements to be connected to the entities network. These devices may be connected to the entities local area network (LAN) or not, depending on their use. If the PC is to be used to access county applications, then it cannot be an "other" PC.
Due to the licensing agreements from Microsoft, all used computers must have an operating system license purchased, or the license must be provided with the PC. This is also true for Microsoft Office if it is going to be used on the PC. If the machine came with MS Office or other software pre-installed on the machine, it must be erased, and a new copy purchased. Exceptions to operating systems software are:
( A Windows Operating System (OS) book accompanied the PC and it has a certificate.
( The PC has a 3D Microsoft Windows sticker attached.
( If the PC was donated, the machine is eligible for a free copy of Windows 98 or 2000 per Microsoft's Fresh Start program. Schools and departments are required to notify Microsoft once a year listing the number of PCs that are utilizing this program.
When replacing, or adding components to County or "other" PCs, that are connected to the network, the PC must have a minimum level of hardware and software.
Component |
Comment |
TCP/IP Network card, capable of 100mb transmission; Ethernet |
If the machine is to connect to the network, its network card (NIC) must be TCP/IP compliant. |
Operating System |
Either Mac OSX 10 or Windows XP pro operating systems. All software purchased for the machine must be licensed. |
PC CPU: Core2, 2.4Ghz MAC CPU: Power MAC 4400 |
2.4 Ghz or higher recommended, |
PC Memory: 2Gb MAC Memory: 1Gb |
1 Gb minimum supported however this may limit performance and some features. |
PC and MAC: CD ROM is required |
CD/DVD writer |
PC Anti-Virus Software |
The current release of McAfee, Norton or AVG Free Antivirus software for either the MAC or the PC must be installed on the machine. |
Peripherals are the miscellaneous equipment attached to a PC (excluding printers and PDA's which are covered in separate sections); this includes scanners, cameras, external hard drives, high compression/capacity drives (Example: ZIP drives), etc.
The INS department supports the standard peripherals that are "bundled" with a County computer (keyboard, monitor, mouse and potentially speakers). If a County computer is purchased with other options, then INS will also support these devices (microphones, scanners, etc.).
INS will support additional hardware purchased to connect to County PCs. The user needs to have the latest software drivers readily available for the support person to install the device.
INS will install the drivers required to make the supported equipment operational; however, they will not support any other software that is bundled with the hardware.
( For example, if INS installs the device drivers to get a scanner working, they will not install or configure any software used to scan or edit images on the device.
INS will support county business offices in resolving issues with County personal computers and peripherals. If systems are under warranty, INS will work with the vendors to replace defective parts at no cost to the department.
The County supports the installation of standard suite of applications that go on all County PCs. This does not include supporting the application itself. Software installed on "other" PCs is not supported (see "unsupported software").
Software |
Versions |
Notes |
Microsoft Network Client |
Any |
|
Microsoft Outlook Client |
10.6823 SP3 |
|
Macintosh Operating System |
10. and above |
|
Windows Operating System |
Windows 2000, Windows XP Professional* |
|
Ghost (used to create a software image of a computer system) |
10.x and above |
|
Anti-Virus (McAffee, Norton, AVG Free |
McAffe 8.x and above |
*Schools/Departments need to maintain a copy of installation CDs.
The County builds standard images [1] for all County PCs with the latest supported operating systems (OS). Entities that choose to build their own image are required to use the County image as the base. This allows flexibility to install additional applications while maintaining the County core OS. This will ensure that INS can still support all County PCs and image them if necessary.
County Core Image
The County Core Image contains the following but not limited to:
a. Operating System
b. Office Suite XP
c. Antivirus Suite, currently McAfee
d. Microsoft Outlook mail client
e. Symantac Ghost 10
Software |
Versions |
Microsoft Office Professional* Includes: Word, Excel, PowerPoint, Access |
Office 97, Office 2000, Office 2002 (XP), Office 2003 |
Visio* |
Visio 2000 and Visio 2002 (XP), Visio 2003 |
Microsoft Project* |
Project 2000, 2002, 2003 |
*Entities
need to maintain a copy of all installation CDs for software installed.
3.4 Application Software back
Software developed by the County (such as Directory Management System) or purchased by the District (such as Financial 2000) fall into a separate categories. These applications are available only on County machines; installation of this software on "other" PCs is not permitted.
Software* |
Financial 2000 |
Mainframe connectivity (Reflections/Minisoft) – access to HP |
Special departmental software may not appear on this list, contact INS if you are unsure about installation.
Applications created by INS for use on the Internet (external to the County) or intranet (internal to the County) will support the current level of Microsoft Internet Explorer Web browser and Safari
Browser |
Versions |
Microsoft Internet Explorer |
Version 6.0 and above |
County personnel installing "unsupported" software do so at their own risk. INS will not assist staff members with operation, integration and use of software not on approved list. Machines that fail and have to be restored from an image will have standard software restored; INS will not reload any unsupported software.
Some software is dangerous to the Counties network and will not be allowed. Most of these software packages (listed below) have known faults that will compromise the security of district data and applications.
Software |
Reason |
Email Clients (Eudora, Outlook, Outlook Express, Incredimail) |
Can be a security risk. |
Windows ME |
Home version of windows OS that has too many security holes. |
AOL Client Software |
Creates security holes through the district firewall. |
Instant Messengers (AIM, MSN, Yahoo, ICQ..) |
IMs become a portal for virus to be passed. |
( Determine if software runs on a PC or is client -server based.
( Identify on which operating systems the software is certified.
( Review the minimum hardware specifications for the software.
( Test one copy of software to see how it runs on County PCs.
( Contact INS for recommendations.
The County requires that Antivirus software be installed on all PCs (County and "other"), and automatically update the virus definition files. Please contact INS if you are unsure how to do this. The current county vendor for anti-virus software is McAfee.
( There are two types of Personal Digital Assistants (PDAs) supported by INS: Those running the Palm OS and those running Microsoft Windows CE.
INS will troubleshoot connectivity for all hand-held devices purchased by the county. The company that sold the device to the user should provide support for personal devices. Hardware support includes assisting a user with installing the cradle used to connect the hand-held device with their PC.
Support for the following software is provided:
Software |
Version |
Palm OS |
4.1 or higher |
Microsoft Windows CE |
3.0 or higher |
Microsoft Activesync |
3.0 or higher |
Unlike personal computers, the decision on type of printer is left to the department/school; however it is recommended that department/schools consult INS before selecting any printer. INS recommends the following brands:
Printer |
Vendors |
Laser Printer |
Hewlett-Packard |
Ink-Jet |
Hewlett-Packard |
It is the department/school's responsibility to verify that the printer selected will operate efficiently. Address the following items before selecting the printer:
( If the printer is attached to the network, does it include a Network Interface Card (NIC)?
( Does your PC's operating system support this printer?
( Is this printer to be used by more than one person (see section on networked printers below)?
( What is the rated capacity of the printer (pages per month) as opposed to the amount it is required to print?
( Limited help is available on non-HP printers.
( Cost per page consideration, please contact INS for more information.
( Hardware warranty.
If a printer is used by more than one person, it must be attached to the network. Network printers require the following:
( The printer must have a network card contained within the device, or a INS approved Jet Direct box must be attached to the printer. The Jet Direct box is the only external device supported by INS for connecting printers to the network.
( A print queue will be setup by INS on your local file/print server; a service request must be created for this to occur.
( The printer is not recommended to be "shared"; Microsoft Windows allows a person to "share" a printer physically attached to his/her PC with others. Printer sharing increases network traffic, as the "shared" device is continually broadcasting messages to other PCs, clogging the network with unnecessary messages.
( The printer needs to be compliant with TCP/IP printing and support HP emulation.
INS will work to troubleshoot printer problems on all supported printers with the following guidelines:
( Printer maintenance (ie, toner replacement, cleaning) is the responsibility of the individual entity.
( Repair of hardware problems are the responsibility of the entity. INS maintains a list of local repair vendors that is available upon request.
( Limited help is available on non-HP printers.
The County consists of several Local Area Networks (LANs) connected to the district Wide Area Network (WAN).
The County WAN is connected to the Internet through our connection with the K-12 High Speed Network (HSN). All Internet traffic for the county entities travels down this link regardless of the originating location (department or school).
County personal computers – INS is responsible for ensuring connectivity from the PC to the wall-jack (RJ45), from the wall-jack to the Server room, and then out to the district WAN.
"Other" personal computers – INS is responsible for ensuring connectivity from the wall-jack, to the Server room, and then to the WAN; they are not responsible for the connection from the PC to the wall-jack.
County policy – The County sets various policies for network, intranet and internet access. Please reference the Application for Educational Internet E-mail Account and Individual Use of Computer Networks and Internet.
( All new and existing County wiring will comply with the IEEE Category-5e (Cat-5e) standard for voice and data connectivity. No new wiring using Category-3 is permitted.
( Within a Server room, all wiring will terminate at a universal transport.
( Connectivity to the network switch from the transport will be through approved Category-5e patch panels. Authorized location personnel may attach devices to the switch; however attaching labs or building supported servers to the LAN will not be allowed without first consulting INS.
( INS staff will connect switches to routers (or CSU/DSU's); location staff will not perform this function.
( All wiring will be terminated using the TIA/EIA 568B (AT&T 258A) standard.
The present district contract for Servers is with Dell Computers Inc.; this contract is evaluated every four (4) years. The present contract supports a three-year onsite warranty, preinstalled operating system and standard licensed software.
Model |
Operating System Supported |
Hardware Supported |
Should be replaced/upgrade in next school year |
Supported by |
File Sharing or Print Services |
Windows 2000 Server Windows 2003 Server |
N/A |
INS or building support staff |
|
Electronic Mail |
Microsoft Exchange 2003 |
N/A |
INS |
|
N/A |
INS |
|||
WEB Servers |
IIS Version 5 and 6 |
N/A |
INS or designated support staff |
|
Network Appliances* |
Linux |
N/A |
N/A |
INS |
*
Network appliances are small, task-specific hardware devices purchased by INS
that provide various networking functions (i.e., Security Appliances, Backup
Appliances).
With the sole exception of switches placed in schools, all network devices (including network appliances) are maintained by INS. These mission-critical devices ensure connectivity to the WAN, and in some cases within separate sections of a building.
Location staff will not perform maintenance on these devices without consultation from INS.
Device |
Brand |
Model Supported |
Switches Routers |
Cisco, HP, Extreme |
Summit X250e 24t & 48p X450e 24p-48p BlackDiamond 8810 & 8806 Switch 8212z, 8100fl, 6400cl, 6200yl, 5400zl, 3500yl, 5300xl, 3400cl, 4200vl, 2900, 2800, 2810, 1800 & All ME Series |
CSU/DSU |
ADTRAN |
|
Patch Panel |
Various |
*
Hubs are being decommissioned throughout the world; schools considering
purchase of new network equipment for a Lab should only purchase switches.
6.5 School Lab Switches back
Below is a list of approved switches for classroom and school labs. The purchasing school or department supports these switches.
Company |
Model Supported |
|
Extreme |
Summit X250e 24t & 48p X450e 24p-48p BlackDiamond 8810 & 8806 |
|
HP |
Switch 8212z, 8100fl, 6400cl, 6200yl, 5400zl, 3500yl, 5300xl, 3400cl, 4200vl, 2900, 2800, 2810, 1800 |
|
Cisco |
All ME Series |
Wireless networks can come in many forms. At the end of this section lists the security concerns of INS and minimum guidelines that need to be enforced to ensure the edge of our network is being protected. The edge of the County network is defined as areas where staff other than INS staff can add networking devices to the County network without the knowledge or approval of INS.
Company |
Model Supported |
|
Cisco |
Air AP-1230b & Air LAP-125Ag-A-k9 |
Point-to-point or point to multi-point is used to link physically different buildings on the same campus that are within range of the wireless access point. For example, this would be used to connect a portable classroom to the main school building on the same campus. These connections are installed by a vendor and supported by INS. These connections are not designed to support more than one or two PCs in a given location. Computer labs should never be setup in the remote building that utilizes point-to-point or point to multi-point wireless connection for network access.
Item |
Scale |
Support |
Reviewed by IT Director |
Security |
Minimum of 40bit Encryption |
Complexity/Setup |
Difficult |
Complexity/Manage |
Average |
Expense |
Expensive |
Use |
Specific |
Mobile wireless most often refers to a movable computer storage cart with laptops and a wireless access point that can be moved from classroom to classroom as needed. This type of system is used in schools where there are not enough classrooms to setup permanent computer labs. When the mobile wireless lab is rolled into a classroom, the wireless access point is plugged into a wall jack connected to the network. This access point then provides network access to the laptops on the cart within range of the wireless access point. Although this type of connection does not provide the speed of computers plugged directly into a switch, this connection works well for basic web surfing and classroom education, for about 15 laptops using the 802.11b protocol. The faster protocol, 802.11g provides better speeds and more simultaneous connections.
Several schools in the future will receive grants that provide wireless labs. In these cases, INS will help to provide limited support but ultimately, the equipment needs to be supported by the individual location. Support issues should be addressed at the time of applying for grants
Item |
Scale |
Notes |
Support |
INS (limited) |
Standard equipment |
Security |
Minimal |
|
Complexity – Setup |
Simple |
|
Complexity – Manage |
Average |
|
Expense |
expensive |
|
Use |
Wide range |
Used when permanent computer labs are not an option or when it is more convenient to support educating |
Fixed wireless refers to wireless access points physically located throughout an entire school building or in a selected area of a school (example: wing, pod, floor, hall or designated zone). With this design, wireless devices, such as a laptop, can be moved throughout an entire wireless area or building (within range of the wireless access points) without loosing connectivity to the network. These wireless access points can be managed individually or centrally*.
* Requires a Radius server, time & FTE to manage the server.
Item |
Scale |
Notes |
Support |
INS |
|
Security |
Average |
|
Complexity – Setup |
Above Average |
|
Complexity – Manage |
Above Average |
|
Expense |
Minimal (Site Evaluation can cost in excess of $1,500) |
|
Use |
Wide range |
Used to provide connectivity to wireless devices without the need to move or setup wireless access points. |
Several schools have purchased fixed wireless access points or have been awarded grants that supply fixed wireless equipment. INS will help to setup and configure these systems however maintenance is the responsibility of the location. In the future, a standard will be developed and supported by INS.
The equipment is installed and maintained by the vendor. It is proprietary and secure. INS supports this equipment.
Schools and departments need to follow the wireless standards outlined here to help ensure the security of the Counties network.
( Access points must be purchased from a list of approved equipment (listed below)
( All wireless access points need to be physically turned off after hours and on weekends, this may performed manually or with an automatic timer.
( The following security measures must be applied when configuring a wireless access point
o Specific MAC address list must be setup
o Encryption must be turned on (needs to be defined)
o Authentication enabled
Device |
Company |
Models Supported |
Access Points |
Cisco |
Wall mounted, external power |
Switch |
Netgear |
Router/switch/firewall that supports printing |
More specifics will be coming
Fixed wireless must be evaluated on a site by site basis. Recommendations of security will be established with the proper entity prior to purchase. INS will in the future provide a standard minimum standard configuration that will be supported. INS will be can be responsible for the management of these devices provided funding will allow. The scope of this project is still not defined.
The Internet, while a very informative and exciting venue, is also very dangerous. To protect the counties resources, INS has a firewall network device, which will protect the county from most kinds of attacks. However, it is the responsibility of all entities to ensure that they:
( Know exactly what they are downloading from a Web site; many hacker attacks and most viruses come from downloaded files.
( Understand that email attachments may not always be "clean" and exercise discretion when opening attachments.
o Currently INS maintains Postini, a spam blocker for Microsoft Exchange mail. This does not block Web based email such as Hotmail, AOL and Yahoo mail.
( Realize that any Internet traffic (streaming video, streaming audio such as radio stations, downloading large files, etc.) uses network bandwidth and slows down traffic for schools and County Intranet applications.
( Internet use is for County functions only; personal use of these services takes network bandwidth away from schools.
( County policy for Education Internet E-mail and Individual Use
Various levels of security are required within the County to prevent unauthorized access to County devices and data.
The following chart outlines the levels of responsibility and accountability for individual school and departments:
Item |
Responsibility |
Comments |
Hardware (PCs, network devices, etc.) |
School/Department and INS |
Locations securing hardware by a locking mechanism need to make available the keys or combinations to INS for support purposes. These can reside in the school but need to be available to support staff at all times Locations implementing password protection on devices need to make this password available to INS. |
School/Department Servers |
School/Department |
The server must be set up with a local administrator account for the INS team to administer the server, (or set up an account allowing the INS team to administer the server remotely.) |
Software Licenses |
School/Department and INS |
Each department or school is responsible for ensuring all software installed is legally licensed. |
Passwords |
School/Department |
Individuals at the location are responsible for ensuring their passwords have not been compromised (see following section). |
Network (Microsoft and Outlook) logins are setup by per a user request to INS to grant access to system resources. These IDs and passwords must be kept secure to protect the Counties information. At the present time, network passwords are not set to expire; however this policy will be changing in the future forcing all users to change their passwords on a routine basis.
Network login and passwords are not to be shared between staff and especially between staff and students.
Passwords are case sensitive and must be at least 5 characters long. Password must consist of letters and numbers. Passwords are generated by the user via Individual Use form and keyed in by INS.
With the conversion of all Web-based applications to the single security model, INS will no longer be privy to user passwords. The new system allows both users and the INS to reset passwords; INS will no longer be able to give a user their password.
Application login and passwords are not to be shared between staff and especially between staff and students.
The Counties Internet servers reside in a separate network area, referred to as the DMZ. Access to the DMZ is restricted because this is the area frequently attacked by external hackers.
Users are granted access to devices in the DMZ on a case-by-case basis. Before granting a staff member access to a DMZ device, the following must take place
1. The location requesting this access will request via email to the Director of INS
2. INS network staff will meet with the individual requesting access. In this meeting, the restrictions and responsibilities of DMZ access are reviewed, as is the specific access required.
3. INS will work with the individual to test out file-transfer protocol (FTP) access to their section of a machine in the DMZ.
4. Applications (program executables, DLLs, etc.) will only be installed on a DMZ device after testing on a secure development machine.
5. Maintained by school. Pages are uploaded through an FTP process.
( Access is granted on a case-by-case basis as outlined above
( These sites are strictly static pages, no additional software is installed to support unique application or processes.
Data backup needs to occur at all levels. Data backup should be completed on all levels daily however the district does not have the resources to currently accomplish this task.
Individuals should consult their support person; data maybe saved in the staffs User folder.
For mission critical systems, departments/schools may consider the use saving data to their User folder which is automatically backed up.
INS support is available to provide staff with information and basic training on backing up a PC to a server.
Schools and departments are responsible for backing up their own data. When a school or department builds and supports their own server, they are responsible for backing up the data if they so choose.
Any data stored on a server should be backed up with an attached media drive. The software user account will need to have full rights to the server.
These servers reside at INS and are backed up by the INS staff. All tapes are stored off-site. Tapes are rotated on a two-week cycle with one set each month stored off-site for a year.
The Router and switch host name standard is as follows:
First 8 characters of the building or department plus, "MDF" or "IDF & IDF#" plus, "_" plus, switch number in rack from top to bottom
Examples:
OrickMDF_3 = Orick Elementary School, MDF, Switch #3
Glenn_PaulIDF1_2 = Glenn Paul, IDF #1, Switch #2
Username: Will be the last two numbers of the calendar year plus the animal of the year from the Chinese calendar. The two parts of the username change with each calendar.
Example: 99rat
99 = 1999 rat = Year of the rat.
Passwords: The first two letters in the name of the school plus a phrase to be determined every year.
Example: orgr82bme
or = Orick gr8 = great 2 = to b = be me
Example: glgr82bme
gl = Glenn Paul gr8 = great 2 = to b = be me
The communication protocol used to communicate between two different entities will use the following schema
Business Office Primary:
###.###.###.001-002 Routers
###.###.###.003-009 Servers
###.###.###.010-199 DHCP
###.###.###.200-229 Static
###.###.###.230-239 Printers
###.###.###.240-and up Risk Management, Camera's, Misc DHCP
###.###.###.253and down Switches
###.###.###.254 Always Open
School/Lab:
###.###.###.001-002 Routers
###.###.###.003-009 Servers/Static
###.###.###.020-029 Printers
###.###.###.030 and up DHCP
###.###.###.253and down Switches
###.###.###.254 Always Open
School Secondary or Lab (Sub-netted by 128(low)):
###.###.###.001-003 Routers
###.###.###.004-009 Printers
###.###.###.010-029 Servers/Static
###.###.###.030 and up DHCP
###.###.###.126 and down Switches
###.###.###.127 Always Open
School Secondary or Lab (Sub-netted by 128(High)):
###.###.###.128-129 Unused
###.###.###.130-133 Routers
###.###.###.134-139 Printers
###.###.###.140-159 Servers/Static
###.###.###.160 and up DHCP
###.###.###.253 and down Switches
###.###.###.254 Always Open
VLAN Names are As Follows: Name = VL plus, VL #
VLAN Numbers are as follows:
Back Bone VLAN 100 = VL100
Inbound Provider VLAN 101 = Reserved
Data & Staff VLAN 201 = VL201
Video VLAN 301 = VL301
Students/Labs VLAN 401 = VL401
Phones VLAN 501 = VL501
Extra VLAN 601 = VL601
Extra VLAN 701 = VL701
Security VLAN 13 =VL13
Patch cable standards are as follows:
Color Utilization Example
Yellow Outside to Inside Provider to Switch
Green Servers Switch to Server
Orange Internal Switches Switch to Switch
X-over
Orange with Red tape Switch to Switch
Red Hood or Label
Blue, Grey Workstations/Printers Switch to port, or wall port to computer
RACK STANDARDS
( Top Fiber / FDU Tray
( Under Fiber Cross connects / Punch down block
( Under Punch block Switch
( Under Switches Switch
( Under switches Monitor
( Under Monitor Servers
( Under Servers Monitors
( Bottom UPS
[1] An image is a compressed version of a working operating system preconfigured to a specific model of PC. Installation of an image takes about 15 minutes where as, an installation from scratch can take several hours.