LAN Support

The Los Lunas Schools Wide Area Network is composed of a wide variety of components including 5 GHz microwave links, leased frame-relay lines, and single mode fiber-optics connecting multiple Local Area Networks (LANs). The Network Operating System is Microsoft Server 2003 supporting a TCP/IP protocol configuration. The backbone of the LAN systems is a switched gigabit ethernet (1,000Mbs) running over twisted pair copper cable and/or fiber-optic cable technology. While gigabit ethernet to the desktop is being implemented throughout he district, there are still a number of desktop connections running at 100 Mbps.

All classrooms within the district are wired with either category 5e (cat 5e) or category 6 (Cat 6) cable for network/internet access through wiring centers at each building. These wiring centers have the appropriate fiber optic and/or twisted pair switches installed and operational for optimal intranet connectivity. Cable runs to remote buildings primarily use multi-strand fiber-optic cable, operating at 1000 Mbps transmission rates. The classroom wiring supports additional switches to meet end user requirements. All individual school sites, as well as the Los Lunas Schools Central Administration Offices and the District Service Center, use a Windows Server 2003 network operations system. The network supports both local site programs and specialized district wide applications. These applications include the student information system (SASIxp), Intergrade Pro grade-book software, the Follett library catalog and automation system, and various classroom application software packages. In addition, some servers provide such utility functions as user validation, network addressees to workstations, and Domain Name Service which allow the workstations to use network resources. Network printers and other specialized components such as Voice Over IP (VOIP) telephones use network addressees provided by the technology department. All servers have been secured by required authenticated network logon, as well as an established system of specialized permission and privileges for individual users, groups, and virtual links among each other in the domain.

Network connectivity is established to a school in each area (north area, south area, east area, west area and central area) using "leased-line" frame-relay accounts with redundant routes also provided via microwave transmission.

The district is in the process of installing microwave links which will ensure that each area has at least two ways to reach the rest of the network.

Internet service is provided for the district through 4.5 Mbps connections at Los Lunas Middle School and Valencia High School. This configure provides redundancy for increased network stability, reliability and speed. Internal network security is provided by the use of three -Cisco "PIX" firewall's near the termination point of these Internet lines. These firewall's provided increased security from unauthorized access to the network by anyone outside of our district intranet. In compliance with the federal "Children's Internet Protection Act" (CIPA), the district has in place an Internet filtering application called "Web sense". This filter prohibits access to inappropriate, profane, or illegal information on the Internet from district machines. It also restricts access to applications like music and video download sites, which use disproportionate amounts of the available network bandwidth. The district also maintains web and e-mail servers located behind one of the firewall's.

Security

As dependence upon the Wide Area Network increases for critical applications, network security becomes a correspondingly more pressing concern. Currently the district has in place three hardware firewalls to help protect our network from unauthorized access from the outside. We also have in place a comprehensive system of user groups and server authenticated logons for critical applications and processes. The district also maintains a computer virus protection program that is updated from site and district servers, but the threat continues. At present we do not allow remote access to our network and have no wireless network access. We will be adding security measures as we begin to move to wireless connections and allowing remote access, bur these measures will need to be both unobtrusive and effective.

Another closely associated topic is the Internet access policy and protection from inappropriate material. The district currently has in place a board approved Internet Acceptable Use Policy that all students, parents, and staff are required to sign before Internet use is permitted. In addition, the district is prohibiting access to specific inappropriate web sites through the use of comprehensive filtering application called "Websense". This application is extremely configurable, comprehensive and reliable.