Table Of Contents
Cisco Service Ready Architecture for Community College and Vocational Education Solution Overview
The Cisco Service Ready Architecture (SRA) for Community College and Vocational Education is an architectural framework designed to assist such institutions in designing and implementing a network for the 21st century learning environment. The architecture is designed around solving complex business challenges that these institiutions are facing. At its foundation is the SRA service fabric, which is a collection of features and technologies that serve to provide a highly available network that understands and adapts to the different services that it facilitates. The SRA for Community College and Vocational Education solutions that utilize the service fabric were created to help these instituionss:
•Create a 21st century virtual learning environment to enable highly interactive and collaborative learning and teaching experiences while delivering any content, anytime, anywhere, to any device.
•Increase operational efficiencies by using the network as a platform and optimizing data center design to extend cost reduction, improve utilization of under-used network capacity, and add flexibility to organizations through business process improvements.
•Design and implement secure connected classrooms that serve the educational needs of students and faculty by leveraging network and application control.
•Provide safety and security on campus by utilizing a platform architecture that proactively protects students, faculty, and staff.
•Allow for facilities management to interact with building controls, measure power consumption, and control energy output to reduce energy cost and carbon footprint, creating greener and more energy efficient campuses.
The Community College and Vocational Education Environment
The terms community college and vocational education are used throughout this document to signify a collection of schools that represent technical, vocational, or pre-university institutions. This document primarily focuses on the United States, but is applicable throughout the world.
In the United States, community colleges, sometimes called junior colleges, technical colleges, or city colleges, are primarily two-year public institutions providing higher education and lower-level tertiary education, granting certificates, diplomas, and associate degrees. Traditionally after graduating from a community college, some students transfer to a four-year liberal arts college or university for two to three years to complete a bachelor's degree.
External Influences that are Impacting Community College and Vocational Education
Current economic conditions, a rise in continuing education enrollment, and the addition of courses for traditional secondary schools have all led to a substantial increase in enrollment at community colleges and vocational education instituions.
The worldwide recession has led to a dramatic reduction in funding for institutions of higher learning, which in turn have increased tuition rates. Increased tuition costs, as well as the reduction of available income due to the unprecedented high unemployment rate worldwide, have led students that would typically attend a traditional institution of higher learning to turn to community colleges and vocational education institutions as a lower cost educational option. This allows the student to begin a post-secondary education at a community college or vocational education instituition and attain a lower level degree, while having the option to continue on to an institution of higher learning to earn a traditional undergraduate degree at a later date.
Continuing education for adults has also been on the rise. Adults that have lost their job have been attending community colleges and vocational education institutions to augment their existing skill set or to take workforce development programs to re-train for another profession. The addition of distance learning as an option for working adults has also contributed to the rise in enrollment for continuing education students.
Secondary school students have also been a factor in the increased enrollment of community colleges and vocational education institutions. As the children of the baby boomers enter their college years, the competition to get into top-rated institutions has increased. One tool that secondary school students use to stand out from the crowd of applicants is to demonstrate their academic prowess at a college level by attending and passing community college courses while in secondary school.
Vision for 21st Century Learning in Community College and Vocational Education
The 21st century learning environment will be an environment where anyone, from anywhere, at anytime can access community college and vocational education resources. The traditional classroom will be extended by the use of online communities of learning. Students will be able to access their course work online, receive instruction by attending class either in person or remotely, and be able to retrieve the instruction at a later time through audio and video recordings augmented by online instructor and class notes.
This style of learning requires a collaborative environment in which instructors and students are not bound by geographic distances; students will be able to work together remotely to seamlessly complete projects and course work.
21st century learning will also be ecologically friendly by reducing the need to expand brick and mortar schools and commuting to campus to attend class. In addition, buildings and infrastructure optimized to reduce energy usage will all help reduce green house gasses and lead to greener and more energy efficient campuses.
Security, whether physical or logical, will become increasingly important in the 21st century learning environment. Security elements will be ubiquitous across traditional and virtual campuses and will work in concert to provide a safer environment for all students, faculty, and staff.
Figure 1 Characteristics of a 21st Century School
Community College and Vocational Education Challenges
In the United States from 2000 to 2006, there was a 10 percent growth in overall enrollment at two-year institutions, according to the most recent figures from the Department of Education. During the 2006-2007 academic years, 6.2 million students were enrolled in the country's 1,045 community colleges, 35 percent of all postsecondary pupils that year, according to a new National Center for Education Statistics study. Though full national figures for the 2007-2008 academic year are not yet available and most colleges only have estimates for their enrollments this fall, many colleges are projecting increases of around 10 percent over last fall.
This increased enrollment presents new challenges for delivering educational course work. The demand for instruction is increasing at a pace that does not allow the brick and mortar campus to expand quickly enough to handle growth. Community colleges and vocational education institutions have turned to online learning as the predominant method of handling this growth. While online learning has helped to handle the increase demand, it has been criticized for lacking the face-to-face experience that traditional learning provides, as well as lower than traditional passing rates for students. Community colleges and vocational education institutions are faced with the task of delivering a true virtual learning environment that delivers experiences that are comparable to the traditional environment. They must also allow for secure remote working environment for faculty and staff.
While community collegesand vocational education institutions are growing, their funding (like institutions of higher learning) is also being cut, so they have to do more with less. Operational efficiencies are being streamlined to allow community colleges and vocational education institutions to produce the same quality of education with fewer resources.
The rapid and expansive adoption of technology by students has led community colleges and vocational education institutions to offer connected classrooms and laboratories. Allowing the student to be connected to the network from the classroom or lab while receiving lecture has the benefits of mutual use of online resources. But it also requires community colleges and vocational education institutions to ensure that their networks are protected and that only authorized users are allowed access. Additionally, they must be able to control the use of applications and resources that reside on the network.
Since the incidents at Columbine and Virginia Tech, campus safety and security have become paramount to all educational institutions. Creating a safe campus is a major challenge for all community colleges and vocational education institutions. They must employ the right tools to ensure the safety of the students, faculty, and staff. The safety and security systems in place must allow campus safety personnel to respond immediately and effectively in the case of an incident. A safe campus environment is a key differentiator for student and faculty recruitment and is an integral part of the community that welcomes local citizens and contributes positively to the area in which it resides.
As the world changes and becomes "greener", educational institutions are put in the position of leading that cause. Students are overwhelmingly concerned about greenhouse gasses as well as energy usage. The facility managers of community colleges and vocational education institutions must be able to strike the right balance between conducting business and optimizing energy use.
Budget reductions, increased enrollment, as well as limited staff are all business constraints that impact the ability of community colleges and vocational education institutions to effectively address these challenges. A well thought out plan that optimizes resources, minimizes costs, and allows for flexibility in implementation is needed to allow community colleges and vocational education institutions to achieve the vision of 21st century learning.
Service Ready Architecture for Community College and Vocational Education
The service ready architecture for community college and vocational education is an architectural framework designed around the vision, challenges, and constraints that community colleges and vocational education institutions face. Cisco has employed a business down approach in designing the architecture. The first step in designing the SRA for community college and vocational education was to understand the vision that these institutions have for 21st century learning. Next we identified the challenges that these institutions are facing. After understanding the vision and challenges, we recognized the business constraints that shape these institutions' ability to adopt solutions to address the challenges. Finally we selected the best technologies, features, and equipment that allow these institutions to solve these challenges within the business constraints. Once the technologies, features, and equipment have been selected, they are assembled as solutions in our labs and thoroughly tested, documented, and validated.
The SRA for Community College and Vocational Education is composed of the following solutions:
Virtual Learning Environment
One of the key challenges that face community colleges and vocational education institutions is extending their learning environments beyond the campus to allow for online/distance learning, professor collaboration, and anytime/anywhere access for students to obtain course and educational materials. This virtual learning environment is key in allowing the community colleges and vocational education institution to continue to grow at current rates and enhance the learning experience.
Cisco has several offerings for the virtual learning environment:
•Secure remote access
•WebEx training center
Figure 2 21st Century Learning Environment
Secure Remote Access for Faculty and Students
Secure remote access is a way for community colleges and vocational education to extend the network using secure remote access to anyone, any time, anywhere, with virtually any device to increase productivity and reduce costs. Secure remote access allows you to deliver network access safely and easily to a wide range of users and devices.
Cisco Secure Remote Access is a comprehensive and versatile remote access solution that supports the widest range of connectivity options, endpoints, and platforms to meet the changing and diverse remote access needs of community colleges and vocational education institutions.
The Secure Remote Access solution gives IT administrators a single point of control to assign granular access based on both user and device. It provides both full and controlled client-based network access to Web-based applications and network resources for a highly secure, flexible, remote access deployment.
•Web-based access without preinstalled desktop software:
–Facilitates customized remote access based on user and security requirements
–Reduces desktop interaction and support costs
•Threat-protected Virtual Private Network (VPN) access:
–Protects against viruses, worms, spyware, and hackers by integrating network and endpoint security in the Cisco Secure Sockets Layer (SSL) VPN platform
–Eliminates the need for additional security equipment and management infrastructure
•Multiple VPN support from a single platform:
–Supports both IP Security (IPSec) and SSL connectivity
–Supports unified management of remote access and site-to-site VPN services to help reduce costs and management complexity
Communication, collaboration, and learning are the fundamental building blocks of higher education. Students expect to use the latest technologies and many prefer dynamic online content to static printed materials. Distance learning and e-learning enable community colleges and vocational education institutions to deliver more engaging content to both on-campus and remote students, creating a new and potentially significant revenue stream.
Enhancing education through video and rich media elements can:
•Provide anywhere, anytime learning experiences not traditionally available to all students
•Offer a better way to present abstract ideas, making them easier to understand
•Eliminate the barriers of time, distance, and resources
•Permit faculty, staff, and students worldwide to function as if they were in the same room
Cisco's Virtual Classroom solution is an integrated learning and administrative environment that enables academic excellence and administrative efficiencies. The virtual classroom strategy focuses on the implementation of a network platform that can enable highly interactive and collaborative learning and teaching learning experiences while delivering any content, anytime, anywhere, to any device. As a result, Cisco's goal is to provide a scalable a solution that provides educational institutions with the necessary technology to solve business problems and address important issues, such as increasing student participation and graduation rates, in a cost effective and successful manner.
The Virtual Classroom solution is composed of campus-hosted technologies:
•Video over IP technologies
•Wide area application services
The Virtual Classroom solution is designed to allow educational institutions to expand the reach of their offerings, both in a geographic and time-based manner. By utilizing Web, video, and audio collaboration and scalable content delivery technologies, educational institutions can now reach students that are unable to physically attend class. Additionally, instructors and professors can record and edit pre-existing content into the recorded sessions and then post those content objects for the students to download to various devices, such as a mobile device. As a result, the schools can now scale their assets beyond their physical presence, such as subject matter expert or sign language teacher, to other classrooms and locations. Lastly, the ability to record the classroom events allow the student to also refer back to earlier classes for review or playback a class they missed.
Online Collaborative Classroom Using WebEx Training Center
Figure 3 Online Collaborative Classroom Using WebEx Training Center
WebEx Training Center is a Cisco web-hosted solution designed to facilitate online instruction for anywhere, anytime learning experiences. Features include:
•The ability to capture each student's attention with live, interactive instruction:
–Share presentations, stream multimedia, and live video.
–Connect online learners with remote computers, applications, and simulations before, during, or after live training sessions.
–Pass control to attendees to demo applications.
•Encourage, improve, and track interaction:
–Enhance and test retention with features like polling, testing, and breakout sessions.
–Extend the reach of your educational facilities to students across the globe.
–Simplify session registration and track attendance.
–Record sessions and offer them on demand.
•Extend the reach of your institution while reducing costs:
–Connect with more learners more often, while you eliminate travel and venue costs.
–Charge for classes and online certification programs to turn your training center into a profit center.
–Manage costs and pay as you go for an affordable, predictable monthly fee.
WebEx solutions are software delivered as a service (SaaS). Therefore community colleges and vocational education institutions do not need to worry about providing servers, maintenance, or support. Those items are handled as part of the subscription service.
Some advantages of SaaS:
•Performance and reliability for your critical communications.
•Keep sessions as private and safe as you need with exceptional security.
•No need to handle maintenance and upgrades.
Review Streaming and Stored Video Using Video Portal
Students can browse, search, and view digital media content interactively at the desktop with the Cisco Video Portal. An integrated component of the Cisco Digital Media System for Cisco Desktop Video, the Cisco Video Portal is a sophisticated video playback portal that uses standard Web technologies to deliver compelling live Webcasts and on-demand video to your audiences. Platform independent, the Cisco Video Portal fits easily into the existing network and infrastructure of community colleges and vocational education institutions.
The Cisco Video Portal features include:
•Customizable interface, program guide, and keyword search
•Personalized and featured playlists
•Advanced player controls—Full-screen video playback, fast forward, rewind
•Slide synchronization with video
•Submission and management of questions during live Webcasts
•Secure log in and access to user-specific content based on Active Directory/LDAP
•Support for major video formats—Windows Media, Flash, MPEG-4/H.264, QuickTime
•Detailed content and user access reporting—Who, what, when, and how often
With the Cisco Digital Media Manager, the look and feel of the Cisco Video Portal can be customized to reflect the image of the educational institution.
Ccommunity colleges and vocational education institutions are faced with the daunting task of doing more with less, facing explosive growth as budgets are reduced due to funding cuts. The Cisco SRA for Community College and Vocational Education leverages the use of the network as a platform to deliver an expanded array of education services and data center optimization as a means for creating operational efficiencies to reduce costs and capitalize on under-used network capacity.
Network as a Platform
The concept of using the network as a platform is the next phase in the evolution of network convergence. In the past, there was an effort to consolidate voice, video, and data networks onto a single IP network to allow organizations to reduce the cost of communication and take advantage of under-used network capacity. The network as a platform extends that concept beyond voice, video, and data services to allow for any IP-based service to utilize the network, wired or wireless, to extend cost reduction, improve utilization of under-used network capacity, and add flexibility to organizations through business process improvements.
Figure 4 Network as a Platform
The network infrastructure or fabric must be able to understand the requirements of these non-traditional services and remain flexible and adaptable to their needs (discussed in detail later in this document). While the concept of adding non-traditional services like building controls and contextual awareness on top of an existing network seems like an easy task, the reality is that the underlying service fabric must be designed to accommodate and differentiate those services, especially as those services travel alongside others.
Data Center Optimization and Design
Cisco Data Center Networking Best Practices give customers guidance and assistance in developing the data center network architecture most appropriate to meet changing IT requirements. These best practices augment the Cisco Data Center Network Architecture technologies and solutions to help IT architects and data center professionals take a phased approach to building and operating a comprehensive network platform for their next-generation data centers. By taking advantage of Cisco Data Center Networking Best Practices, IT professionals can build a data center-class network, deploy solutions more quickly with lower risk, facilitate technology evolution and upgrades, and help ensure that IT staff are equipped with the right skills and expertise.
The benefits of data center optimization and design include:
•Build and maintain a data center-class network—Use validated and documented data center network solution designs to plan and implement networks that can achieve the stability and scalability required for mission critical data centers. By using proven best practices, community colleges and vocational education institutions minimize downtime and accelerate recovery from disruptions. These designs also provide a robust foundation that customers or Cisco Advanced Services can use to make customizations to meet specific requirements.
•Deploy solutions more quickly, with less risk and complexity—Use Cisco Data Center Best Practices and Designs to reduce the time, cost, and investment required for pre-production testing. Tried and tested designs help avoid the risks associated with technology disruptions, security exposure, non-scalable designs, and inappropriate software selection.
•Facilitate technology evolution and upgrades—The data center network is evolving to meet the challenges associated with cost, business alignment, resilience, and facilities concerns such as power and cooling. Cisco Data Center Network Best Practices are constantly updated to incorporate these changes, so that customers can adopt them in a timely manner, with minimal risk.
•Accelerate knowledge transfer—The expertise and skills required to design and maintain increasingly sophisticated integrated data center networks are provided through constant training and knowledge transfer programs and infrastructure services. These programs include specialized Cisco CCIE® training such as the storage specialization, data center training labs, Cisco Press® books, Cisco Networkers, and executive briefing sessions.
Secure Connected Classroom
Classroom Connectivity to the Network
Providing connectivity to students while attending class is the foundation of 21st century learning, however it also poses many problems for community colleges and vocational education institutions. They must ensure that the person accessing the network should be allowed on the network and that the computer connecting to the network is free of viruses and other aliments that might adversely impact the network or others users. Secondly, while connectivity is provided, all steps should be taken to ensure the person connected is using the network for educational purposes and not illegal activities, such as sharing copyrighted material. Some community colleges and vocational education institutions chose to restrict the student to only access certain network resources while in class.
The density of wireless users in one location can also be problematic. Wireless designs must take into consideration the number of users, radio interference, and network utilization. The service ready architecture for community college and vocational education addresses these challenges is a variety of ways.
Network Admission Control for Guests and Students
Network admission control allows community colleges and vocational education institutions to stop unauthorized or noncompliant devices and users from propagating threats into the network. Cisco Network Admission Control (NAC) enforces your institution's security policies and posture on all devices and users seeking network access.
Current business mechanisms such as Web 2.0, social networking, and cloud computing increase the likelihood of sensitive data residing outside of controlled devices. Traditional security products designed to protect closed environments with well-defined security boundaries are not effective in the new Web 2.0 environment.
Cisco NAC prevents loss of sensitive information by giving institutions a powerful, role-based method of allowing only compliant and authorized access and improving network resiliency. With Cisco NAC, only compliant and trusted endpoints—from PCs to printers, IP phones, and PDAs—are allowed onto the network, thereby limiting the potential damage from emerging security threats and risks.
Figure 5 Cisco Network Admission Control
Application and Network Control
Cisco NAC helps reduce the potential loss of sensitive information by enabling organizations to verify a user's privilege level before granting network access. When that access is granted, the user is placed into a "role." Using role-based access control, community colleges and vocational education institutions can define security policies based on the role of the person using the network. For example, if a student connects to the network in a classroom, they can be put in a "student" role, which can then control where they can go and what they can use on the network, internally or externally.
As students, faculty, and staff carry their laptops to external locations, it is critical that the security protection on each endpoint device is up to date. The security policy is applied when an endpoint device attempts to connect to the internal network. Cisco NAC provides comprehensive policy enforcement and support. Cisco NAC integrates with a wide range of endpoint security applications. It supports built-in policies for more than 350 applications from leading antivirus and other security and management software solution providers. Many user-friendly capabilities, such as silent remediation and auto-remediation, help bring devices into compliance without causing user impact.
Cisco NAC helps community colleges and vocational education institutions provide secured guest access and assigns internal user access based on a user's role in the organization. Secure guest access allows visitors and guests to utilize the network without sacrificing the network security of the community college or vocational education institution.
Cisco NAC provides full integration with wireless, VPN, and 802.1X and can be implemented in a single-sign-on (SSO) manner to maximize security benefits and minimize user impact.
Controlling peer-to-peer and instant messaging applications present several challenges, especially in the community college and vocational education environment. Peer-to-peer applications, such as Gnutella and BitTorrent, are often used to share copyrighted material, such as music and movies, and instant messaging applications, like yahoo IM or AIM, can be used in the education environment as a way to pass notes in class. Both can be a challenge to control as often they will use common application ports such as port 80, which is also used to connect to Web pages, so just turning off the port is not an option. Educational institutions need to be able to look deeper inside the packet that is going across the network to ensure that these ports are not being used to circumvent security policies. Cisco has several ways of inspecting this traffic to ensure security compliance.
Campus Safety and Security
Cisco physical security solutions provide broad network-centric capabilities in video surveillance, IP cameras, electronic access control, and ground breaking technology that converges voice, data, and physical security in one modular appliance. Our connected physical security solution enables community colleges and vocational education institutions to use the IP network as an open platform to build more collaborative and integrated physical security systems while preserving their existing investments in analog-based technology. As customers converge their physical security infrastructures and operations and begin using the IP network as the platform, they can gain significant value through rapid access to relevant information and interoperability between other IP-centric systems. This creates a higher level of situational awareness and allows intelligent decisions to be made more quickly.
Cisco enables customers to build cost-effective, modular physical security solutions that are both best in class and interoperable. Cisco physical security products support the company's vision of a single unified security product suite that enables integration with all security operations within the IP network and with many non-security applications. Using the network as an open, scalable platform for integrating security provides community colleges and vocational education institutions with several benefits, such as operational flexibility, greater protection capabilities, lower cost of ownership, and reduced risk.
The Cisco Open Platform for Safety and Security is a platform architecture that proactively protects students, faculty, and staff through a scalable, tested network design. The architecture provides a more complete common operating picture, improves decision and response cycle times, and takes advantage of the network to expand the range and effectiveness of your emergency operations teams.
The platform takes advantage of a converged, IP network and:
•Increases student, faculty, and staff safety and security through emergency notification and early warning
•Improves risk mitigation by facilitating continuity of operations (COOP), crisis management, all-hazards incident response, as well as facilities and critical infrastructure protection
•Reduces cost of operations
•Overcomes interoperability issues
Figure 6 Unified Command and Control
IP-Based Video Surveillance
Every day, you strive to make your schools as safe as possible. You develop plans, deploy systems, and train your staff on how to prevent, deter, detect, and respond to safety incidents. And you are doing a great job. Statistics show that community colleges and vocational education institutions continue to reduce the number of safety incidents.
For many decades, video surveillance has been a key component of the safety and security groups of community colleges and vocational education institutions. As an application, video surveillance has demonstrated its value and benefits countless times by:
•Providing real-time monitoring of a facility's environment, people, and assets
•Recording events for subsequent investigation, proof of compliance, and audit purposes
As security risks increase, the need to visually monitor and record events in an instituion's environment has become even more important. Moreover, the value of video surveillance has grown significantly with the introduction of motion, heat, and sound detection sensors as well as sophisticated video analytics. As a result, many nontraditional groups have also found value in video monitoring and recording. In transportation, video surveillance systems monitor traffic congestion. In retail, video can be helpful in identifying customer movement throughout a store or serve to alert management when the number of checkout lines should be changed. Some video analytics packages even offer the ability to identify a liquid spill and generate an alert enabling faster response by custodial services, thus avoiding a slip and fall situation. Product and package shipment operations can use recorded video to help track and validate the movement of cargo and help to locate lost packages. Additionally, video surveillance can be integrated with and complement access control policies, providing video corroboration of access credential use.
These systems are realized through an open, standards-based, IP-network-centric functional and management architecture. As a network-centric company, Cisco has enabled the migration of many applications and systems onto a converged infrastructure. As a global enterprise organization, Cisco has developed and adopted a network-centric system architecture that meets the extensive requirements for a world-class video surveillance system.
The Cisco video surveillance architecture provides several benefits:
•Increased reliability and availability
•Greater utility (any camera to any monitoring or recording device for any application)
•Increased accessibility and mobility
•Multivendor video surveillance system "best of breed" interoperability
•The ability to enhance other building management system capabilities through improved interoperability
Communicate Campus Events and Emergencies with Digital Signage
Traditionally, campuses have advertised events on posters tacked to bulletin boards around campus. The drawbacks of paper-based communications include clutter, out-of-date information, the time needed to constantly put up and take down posters, and paper waste.
Cisco Digital Signage provides more timely and eye-catching communications that can be scheduled to appear in different parts of the campus. Install the networked digital signs in high-traffic areas such as the entrances to buildings, student union, and faculty lounge areas, then display information about campus events and up-to-date emergency alerts and instructions. Assign any staff person, not necessarily an IT staff member, to use the interface to schedule content. You can even deliver different content to different signs—for example, promoting plays in the Theater Department building and advertising specials in the book store.
Popular uses of digital signage in community colleges, vocational education institutions, and universities include:
•Emergency notifications and instructions
•Event announcements, such as sports, guest speakers, registration/drop deadlines, etc.
•Student and staff group training
•Advertising in bookstores and stadiums
•Information for major events, such as graduation or donor recognition receptions
IPICS for Emergency Collaboration
An emergency by definition is a chaotic event. Whether the emergency is a motor vehicle accident, a crime in progress, or a natural disaster that strikes a wide area, those who are responsible for responding require real-time, accurate information in order to effectively manage the event. Responding agencies—traditional first responders (police, fire, and emergency medical services), allied agencies (such as power utilities or other enterprises), or nongovernmental organizations such as the Red Cross and Red Crescent—need to work efficiently together to mitigate the effects of the incident.
Push-to-talk (PTT) Land Mobile Radio (LMR) systems have been the backbone of emergency response for decades. Unfortunately, one of the problems of LMR has been a legacy of incompatibility. Radios that do not use the same frequencies, LMR vendor-proprietary enhancements to established standards, and high infrastructure costs have led to a fractured LMR landscape that prevents effective coordination. Agencies that may have to work together may not be able to talk to each other. According to a report prepared by COMCARE, the United States alone has more than 100,000 emergency response agencies, most of which cannot easily communicate with each other or the public.
Another challenge is that responders now need to communicate with devices other than LMR systems, including Sprint/Nextel Push-To-Talk (PTT) phones, IP phones, and PCs. Technology is no longer an optional or a luxury item for emergency response. In an increasing number of cases, technology is vital to the situational awareness, span of control, scalability, and efficiency of incident response. However, incompatible communications technologies also build barriers that complicate interagency collaboration. Organizations must be able to break down these communications silos to realize the full benefit of their technology investments and to operate efficiently.
Figure 7 Campus Safety
Cisco IPICS provides simple, scalable, comprehensive communications interoperability that encompasses radio networks, IP and non-IP networks, telephones, cell phones, and PC clients. Benefits of the Cisco IPICS solution include:
•PTT everywhere—By extending PTT and voice services from the LMR networks to IP networks, Cisco IPICS provides communications interoperability between wired and wireless networks.
•Flexible and efficient operations and incident management—Cisco IPICS provides an easy-to-use, Web-based interface for managing users, user groups, and radio channels across multiple networks and operational domains. Resources can be quickly added and then removed when no longer necessary, allowing graceful escalation and de-escalation based on the incident scope.
•One-click activation of predefined policies—Cisco IPICS Policy Engine, new in Cisco IPICS, enables administrators to create policies that define standard operating procedures—including talk group establishment and user notification—and then activate those policies with a single click. Notification methods can include radio, cell phone, public switched telephone network (PSTN) phone, Cisco Unified IP phone, Cisco IPICS Push-to-Talk Management Center (PMC) Client, pager, e-mail, or Short Message Service (SMS) text message. (Some methods require a Simple Mail Transfer Protocol [SMTP] gateway.) The agency defines policies using an intuitive, Web-based interface.
•Customization—Cisco IPICS can be customized to meet organizations' individual requirements. As an organization's needs change over time, Cisco IPICS can adapt with them.
•Low cost and investment protection—Cisco IPICS enables comprehensive communications interoperability at a fraction of the cost of replacing existing radio systems. By capitalizing on existing communications networks and devices, Cisco IPICS avoids the expense of unnecessary upgrades to existing radio networks. Furthermore, by enabling a graceful migration to IP networks and services, Cisco IPICS protects what can be a significant investment in traditional radio networks and devices. Agencies can also eliminate the expense of purchasing radios for office personnel by using the Cisco IPICS PMC Client for PCs and laptops or the Cisco IPICS Phone Client for IP phones.
•Unified command and control—Dispatchers and incident commanders can manage operations from one or more locations using the Web-based Cisco IPICS Administration Console.
•Standards compliance—Cisco IPICS takes advantage of industry-standard hardware and a proven IP architecture to create a framework for interoperable voice, video, and data communications. Organizations that currently use multiple wireless devices, including PTT, cellular, and wireless LAN (WLAN), can smoothly migrate to Cisco IPICS, which provides the infrastructure and feature set needed to achieve wide-ranging business and service goals. A standards-based solution also gives organizations the flexibility to add communications devices from any vendor.
Controlling physical access into buildings, rooms, and labs traditionally meant the use of an independent security network. The Cisco Physical Access Control solution is scalable and flexible, able to manage from one to several thousand doors. With this solution, institutions can combine modules to customize solutions and to manage the entire system remotely. In addition, this physical access solution easily integrates with Cisco's Video Surveillance solution and can use IP network services.
The Cisco Physical Access Gateway is an intelligent, distributed processing networking edge device module that connects door hardware, such as locks and readers, to the network. Accessory modules are available to handle additional doors and input/outputs.
The Cisco Physical Access Manager is the management application is used to configure hardware, monitor activity, enroll users, and integrate with IT applications and data stores. The data it collects can easily be shared with other security devices using the Cisco Open Platform for Safety and Security to create a holistic security view of the campus.
In response to energy costs, environmental concerns, and government directives, there is an increased need for sustainable and "green" IT operations at community colleges and vocational education institutions. Methods to measure power consumption and control energy output are now the focus of businesses worldwide, with all customers looking for a method to reduce energy costs and implement increased efficient operation.
Cisco EnergyWise is a new energy management architecture that allows IT operations and facilities to measure and fine-tune power usage to realize significant cost savings. Cisco EnergyWise focuses on reducing power utilization on all devices connected to a Cisco network ranging from Power over Ethernet (PoE) devices such as IP phones and wireless access points to IP-enabled building and lighting controllers. It uses an intelligent network-based approach, allowing IT and building facilities operations to understand, optimize, and control power across an entire campus infrastructure, potentially affecting any powered device.
This section illustrates how community colleges and vocational education institutions can utilize Cisco EnergyWise with a network enabled by Cisco to better understand the power footprint of their organization and optimize to reduce energy costs (Figure 8).
Figure 8 Cisco EnergyWise Optimize and Cost Saving
Cisco EnergyWise is an energy management architecture designed to measure power consumption and optimize power usage, resulting in effective delivery of power across the campus. Community college and vocational education IT professionals can quickly optimize the power consumed in a building and the result is immediate cost saving with a clear return on investment.
Cisco EnergyWise measures current power consumption, can automate and take actions to optimize power levels, and can advise how much power is being consumed to demonstrate cost saving. After power consumption is understood, regulation using Cisco EnergyWise network protocols provides command and control of power usage. Energy consumed per location can easily be found with a realistic view of power consumed per wiring closet, building floor, or campus building (Figure 9).
Figure 9 Cisco EnergyWise Optimized Power Delivery and Verification
The Cisco EnergyWise network is used to intelligently and proactively manage power consumption and consistently enforce policies to provide lower energy consumption. Cisco EnergyWise has the ability to monitor, manage, and reduce energy use by creating visibility to how electricity is consumed and create the ability to turn devices from always on to always available based on business needs. Cisco EnergyWise offers orchestration and coordinated power management utilizing the Cisco network for scalability and communication. For example, when an employee enters a building, a series of events can take place enhancing efficient building operation. An employee's badge access might trigger the office phone to power up, wireless access point coverage to be assured, computers to boot up, and temperature of the office to be brought to a proper value. As a result, the user of Cisco EnergyWise is saving energy by powering off components when they are not needed.
In many cases individual management systems are dedicated to each type of device in a building, with management systems for building controls, another for phones, and another for access points. Today a large number of systems need to be integrated together to perform orchestration of events for power management. Disparate system integration is difficult to achieve and not always used. Cisco EnergyWise network wide policies can control device power management, eliminating the need for a myriad of systems to integrate and coordinate with each other. Orchestration is a primary benefit for the above scenarios and it is the Cisco network acting as a proxy of information that allows systems to communicate in a synchronized fashion that reduces complexity and costs, assuring power saving. Figure 10 depicts a typical Cisco network enabled by Cisco EnergyWise, including the management layer and endpoints.
Figure 10 Network Enabled by Cisco EnergyWise
The cost savings realized by using Cisco EnergyWise are significant. In many countries the government mandates saving energy for the business and proof of saving energy can provide financial incentives. As compared to today's typical campus building or branch, the savings realized by just controlling IT power devices is significant.
The Cisco Network Building Mediator ("Mediator") is the industry's first solution that extends the network as a platform to transform the way buildings are built, operated, and experienced. The Mediator:
•Enables energy reduction across global operations
•Takes advantage of Cisco's expertise in collaboration, convergence, and security to foster sustainable energy use
•Provides flexible integration of new technologies that deliver energy efficiency, clean energy, and environmental stewardship
The Mediator collects data from the building, IT, energy supply, and energy demand systems, which use different protocols. The Mediator then normalizes the data into a common data representation. This enables the Mediator to perform any-to-any protocol translation and to provide information to the end user in a uniform presentation.
This network-based framework creates a common, standards-based, open platform that allows campus applications, cloud services, and building/IT systems to communicate. The Mediator is protocol-agnostic and extends the network to serve as an effective foundation for sustainability management. The Mediator provides the following benefits:
•Reduced total cost of ownership (TCO)
•Simplified management of energy and facilities
•Flexible integration of building, IT, and clean technology systems
•Enhanced uptime and resiliency with networking technology
•Secure, high-quality delivery of concurrent building and IT services
•Future proofed investment with third-party applications and cloud services
The Mediator provides a network-based framework that interconnects four key systems: building, IT, energy supply, and energy demand. The integration of these disparate systems onto an IP network leads to a truly converged, energy-efficient building.
The Mediator's strategy is built on:
•Any-to-any connectivity—Building, IT, and "green" technologies
•End-to-end management—Efficiency, conservation, and decarburization
•Extensible platform—Third-party applications and cloud services
Service Ready Architecture Service Fabric
The service fabric is the foundational network on which all solutions and services build. It comprises local and wide area networking equipment, security appliances, and Unified Communications hardware that all work in concert to provide the fundamental network building block that all services utilize. The SRA for Community College and Vocational Education Cisco Validated Design guide will present more details about the precise components that make up the service fabric, however this document only focuses on a few key elements of the fabric that allow for service and solution delivery.
The following sections discuss several key elements that are critical to the service fabric being utilized as a delivery mechanism for community college and vocational education solutions.
The high availability technologies used in the Service Ready Architecture for Community College and Vocational Education allow network equipment to eliminate the effects of any unplanned link or network failures by understanding the typology of the infrastructure and using that information to immediately re-route network traffic without the need to re-learn (reconverge) the network. The use of this technology allows critical service communications to remain unaffected by network outages.
The service fabric is designed to provide nonstop communications with resiliency throughout all the layers of the network. Many elements of the network must be correctly designed and implemented to ensure a highly available network.
Network resiliency is achieved by the careful design and implementation of network paths, devices, and power:
•Path resiliency—End-to-end resilient paths are required (Figure 11) to achieve maximum resiliency. However at the access layer resilient paths to the client end systems is typically uncommon. In the data center or services edge where the application servers are located, resilient connections are critical.
Figure 11 Second Network Shows End-to-End Resilient Paths
•Device resiliency—Resilient devices are usually preferred over resilient components within a single device. While resilient components within a single device are valuable, the best availability is usually achieved with completely separate devices (and paths).
•Power resiliency—Power diversity is another area that must be addressed because resilient devices attached to a single power source are vulnerable to simultaneous failure. For example, resilient core switches should have at least two unique power sources. Otherwise, a single power failure will bring down both core switches. Alternatively, backup-power could be implemented. These types of mundane issues are very important when creating a highly available service fabric.
Certain network services demand more from the network than others. For example, voice communications do not work if parts of the conversation drop out. Video conferencing is not useful if the picture keeps freezing. Additionally, a professor's use of the network to conduct class should take precedence over a student surfing the Web. Finally, if there are more traffic demands than the network can handle, the network should be able to make decisions as to which traffic is most important. The ability to understand, mark, shape, and limit traffic is embedded into the Service Ready Architecture for Community College and Vocational Education utilizing Cisco's extensive array of Quality of Service (QoS) technologies.
There is some debate in the networking industry about the need to deploy QoS in campus architectures due to ample amounts of bandwidth and the rarity of congestion. However, during network attacks or a partial outage, this situation can change dramatically. It has been shown that QoS can serve as a vital tool to maintain the performance of priority applications and traffic during a degraded network condition. Here are some reasons why QoS is important in the campus portion of the network:
•The introduction of 10Gbps (and higher) link speeds is creating greater mismatches between high-speed and low-speed links in the campus. This increases the need to buffer and prioritize traffic.
•Well-known applications ports, like http, are being used by a large number of applications. There is a need to distinguish between high-priority and low-priority traffic using the same port numbers to make sure priority traffic is transmitted.
•Prioritized traffic, like voice and video, must continue to flow even during a network attack or during a partial failure in the network. Attack traffic often masquerades as legitimate traffic using well-known port numbers. There is a need to distinguish between legitimate and bogus traffic by inspecting data packets more deeply.
The following principles should guide QoS deployments:
•Classify and mark traffic as close to the network edge as possible. This is called creating a "trust boundary." Traffic crossing the trust boundary is considered "trusted" and the QoS markings are adhered to in the rest of the network.
•Police/rate-limit traffic as close to the source as possible. It is most efficient to drop unwanted traffic as close to the source as possible, rather than transmitting it further into the network before dropping it.
•Perform QoS functions in hardware rather than software. Software-based QoS functions can easily overwhelm the CPU of networking devices. High-speed networks require hardware-based QoS functions.
Figure 12 summarizes key QoS functions and where they should be performed.
Figure 12 QoS Functions
Access Layer Flexibility
In a hierarchical network design, the core and distribution layers can re-converge in less than 1 second after most types of failures. The access layer typically has longer convergence times due to the inherent deficiencies of a flat Layer 2 architecture. Bridging loops, broadcast storms, and slow re-convergence are examples of access layer problems that reduce end-to-end availability. Spanning Tree typically takes up to 1 minute to recover from a link or system outage, which is far too long to support real-time mission critical applications or provide 99.999 percent availability. There are several design changes and software features that can be implemented to improve availability in the access layer.
Currently, there are three different ways to design the access-layer control plane. Although all three of them use the same physical layout, however they differ in performance and availability.
The traditional multi-tier network is designed where all access switches run in Layer 2 mode between the access and the distribution, while they run in Layer 3 mode between distribution and the core. Cross-connects between distribution switches are usually Layer 2 links. When not optimized, this model is dependent on spanning tree, with all its inherent limitation, to detect and recover from network failures. As mentioned, load balancing of resilient uplinks is not possible because spanning tree usually blocks one uplink. HSRP, VRRP, or GLBP must be used to provide First Hop Routing Protocol resiliency. While deficiencies are evident in the traditional multi-tier approach, design changes and feature enhancements are available to greatly enhance availability and performance.
The current multi-tier best practice is to create unique VLANs on each access switch as shown in Figure 13. The best practice design offers several benefits. First, a loop-free topology is created. This means spanning tree does not impact re-convergence times. Traffic is load balanced across two active uplinks, achieving maximum throughput and minimum failover times. This loop-free topology also reduces the risk of broadcast storms and unicast flooding.
Figure 13 Best Practice Multi-Tier Has Unique VLANs on each Access Switch
One disadvantage of the best-practice multi-tier design is the requirement to redesign the VLAN and IP addressing scheme: unique IP subnet(s)/VLAN(s) per switch. This can be a significant challenge in large mature networks. The routed access model discussed below has this same drawback.
The routed access layer design is an improvement over the traditional multi-tier, as the name implies this design pushes routing into the access layer switches and creates an end-to-end routed infrastructure. Several important benefits are gained:
•Spanning tree issues are virtually eliminated.
•Re-convergence times for the end-to-end network can be reduced to 1 second or less.
•Re-convergence times become more predictable with the elimination of spanning tree.
•Resilient uplinks can be fully utilized.
•HSRP/VRRP is no longer needed to provide host resiliency. This simplifies configuration, management, and troubleshooting.
•Troubleshooting is accomplished using well-known Layer 3 tools, such as Traceroute, Ping, etc.
•Network layout, naming, and VLAN numbering can become standardized across buildings and campuses.
A drawback to the routed access model is the requirement to have separate IP subnets and VLANs on every access switch. This is in contrast to the traditional multi-tier model where a user VLAN can span several switches. However the convergence times of the routed access layer are much less than that of flat Layer 2 networks.
Employing a hybrid access layer design allows the network administrator to leverage their existing Layer 2 network while giving them the flexibility to implement a routed access layer. Moving the Layer 2/Layer 3 demarcation point to the access switch allows the network administrator to prevent loops without the need of multiple complex Layer 2 technologies such as spanning tree protocol. Additionally it provides high availability and eases network troubleshooting and management by leveraging well-known Layer 3 troubleshooting tools and technologies.
Cisco Unified Communications Solutions provide many solutions for community college and vocational education that wish to take advantage of media-rich unified communications functionality. Each aspect of the total unified communications architecture provides opportunities for enhancing links within the higher education community. Functionality includes IP telephony, unified client software, presence, instant messaging, unified messaging, rich-media conferencing, mobility solutions, and application development.
•IP telephony—At the foundation of the Cisco Unified Communications Solution is its proven, industry-leading call processing system, Cisco Unified Communications Manager. This highly available, enterprise-class system delivers call processing, video, mobility, and presence services to IP phones, media processing devices, VoIP gateways, mobile devices, and multimedia applications. The system can scale to one million users across 1000 sites or more or 60,000 users within a single clustered system. Built-in resiliency keeps service reliable. Cisco also offers several unified communications platforms for small districts. All of these standards-based systems work with an array of third-party phones and dual-mode devices. The systems also provide integration with existing desktop applications such as calendar solutions, e-mail, enterprise resource planning (ERP) systems, and customer relationship management (CRM) software. Cisco unified communications capabilities can also be extended to a variety of mobile phones, including those that run Symbian, Blackberry, and Windows Mobile operating systems.
•Unified client software—Cisco offers several rich-media client applications that improve productivity and simplify processes. Available on Microsoft Windows and Mac OS environments as well as mobile operating systems, these clients support a range of applications, including voice, presence/messaging, unified messaging, video, and conferencing. Communications functionality has also been unified with applications from industry partners. For example, call control and presence can be launched and managed from within Microsoft Outlook through a Cisco Unified Personal Communicator widget or toolbar.
•Presence and instant messaging—Cisco presence solutions based on Session Initiation Protocol (SIP) or (SIMPLE) provide SIP presence and proxy services to deliver IM and click-to-call features. Through the presentation of dynamic presence information, presence solutions allow users to check the availability of colleagues in real time, reducing "phone tag" and improving productivity. Cisco presence and instant messaging solutions work in conjunction with Cisco Unified Communications Manager and support Cisco Unified Personal Communicator, Cisco IP phones, Cisco IP Phone Messenger, IBM Sametime clients, and Microsoft clients.
•Unified messaging—Cisco unified messaging solutions easily integrate with existing environments and provide flexible deployment options to meet each organization's individual needs. The broad range of easy-to-manage solutions includes products tailored for small, medium-sized, and very large organizations, with feature-rich functionality aligned intelligently with business requirements.
•Rich-media conferencing—Cisco conferencing solutions help remote workers and teams communicate more effectively to save time and reduce costs. Integrated voice, video, and Web conferences can be set up and attended in a single step from IP phones, instant messaging clients, Web browsers, and Microsoft Outlook and IBM Lotus Notes calendars.
•Mobility solutions—Cisco Unified Communications extends rich call control and collaboration services to facilitate easy collaboration among mobile workers on campus or on the move. By anchoring communications in the network, Cisco Mobile Unified Communications solutions connect different mobile worker types and workspaces, provide a consistent collaboration experience regardless of location, maintain business continuity and compliance, and take advantage of least-cost routing of mobile communications over the education network. Cisco Mobile Unified Communications solutions support a wide range of popular handheld platforms, enabling workers to communicate quickly and easily using their familiar mobile equipment.
•Application development—Community colleges and vocational education institutions may operate in unique educational environments that require specialized applications. To meet these needs, Cisco provides a versatile service creation platform, enabling institutions and partners to rapidly and easily develop and deliver innovative media-rich and Web-rich applications. The platform also allows organizations to easily blend unified communications capabilities with existing business process systems.
As community colleges and vocational education institutions implement more services and their networks become more instrumental as the platform for 21st century learning, the need to understand how the network is operating, what issues it is experiencing, and how those issues are impacting students, faculty, and staff become critical. Network management tools have been developed to help the IT staff understand the status and operation of service fabric and the services that are in operation in the network. This section discusses some of the specific network management options available to community colleges and vocational education institutions.
Figure 14 Cisco Network Management Tools
Unified Communications Management
Networks that deliver data, voice, video, and rich media applications require unified, system-level management. The broad range of products in the Cisco Unified Communications portfolio provide enormous flexibility for applications, rich media collaboration, call control and messaging, and IP communications.
TelePresence Network Management
Cisco TelePresence integrates advanced audio, high-definition video, and interactive elements with the power of the underlying network to deliver an immersive, face-to-face experience for collaboration. Cisco TelePresence network management is essential to the Cisco TelePresence experience.
Cisco network management products can help network administrators effectively manage network resources, plan for changes in resource usage, and resolve problems before they affect users. Quick access to configuration menus and easy-to-read performance reports on data, voice, and video traffic helps network operators to monitor trends, plan capacity, and optimize performance.
Routing and Switching Management
Cisco network management products support more than 400 types of Cisco devices with detailed reporting, monitoring, and configuration. They can save network administrators time and effort with improved inventory and configuration management, rapid software deployment, and simplified troubleshooting.
The ever-increasing number of methods for accessing networks makes security breaches and uncontrolled user access a primary concern. Network operators can use Cisco network management products with identity management features to protect systems and information through internal trust and identity policies, access control, and compliance features. The result is security assurance and protection of company profits and assets.
Video, Cable, and Content Delivery Management
Designed to be ready for advanced applications, Cisco network management products help ensure high performance and high availability, leading to higher subscriber satisfaction. With Cisco network management products, subscribers can access next-generation services such as IP telephony, video on demand, and interactive gaming.
The Cisco Service Ready Architecture for Community College and Vocational Education is built upon a highly resilient and flexible service fabric to provide community colleges and vocational education institutions with design solutions to solve business problems. It provides solutions that enable a 21st century learning environment, allowing for highly interactive and collaborative learning and teaching experiences while delivering any content, anytime, anywhere to any device.
To learn more about the Cisco Service Ready Architecture for Community College and Vocational Education, see: http://www.cisco.com/go/education
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0907R)