An Introduction to IT Networks

While you might often think of large corporations or government agencies when considering network security, the truth is, some of the most critical and challenging networks to secure are right under our noses: school IT networks. These networks are essential infrastructure, connecting students and teachers to data, information, and interactions locally and across the Internet. Understanding their complexities is foundational, not just for school environments, but for appreciating the broader field of enterprise networking.

Educators, who once deferred to IT professionals, now recognize they can no longer avoid understanding how these systems, vital to teaching and learning, function. This understanding is equally crucial for you, as effective IT management, especially in security, depends on a grasp of the network’s nature and its challenges. So, let’s pull back the curtain on school IT networks.

The Evolution and Essence of Networks

At its core, a computer network is a system providing a pathway to move data from one node to another, giving each node a unique address, and tracking where to direct each packet of information. The journey of networks began when computers gained the capacity to send output to other computers. As the number of computer systems and digital data grew, so did the value of connecting them for sharing information and remote operation.

For decades, networked computers were primarily used by academic researchers and the military. However, their widespread adoption in consumer and education markets didn’t occur until the mid-1990s with the advent of the World Wide Web and the Hypertext Transfer Protocol (HTTP), making Internet access a standard part of almost every computer. Since the turn of the century, computing and networking have become nearly synonymous, with many devices relying on network connections, personal data stored on web servers, and applications accessed via web browsers. This deep dependence makes IT networks an essential part of school infrastructure.

Robustness and Reliability: The Twin Pillars of Network Performance

When IT managers articulate a logistic goal for school networks, it often includes creating and maintaining a robust and reliable network for students, faculty, and staff. These two terms are critical for network security and overall usability:

  • Robustness refers to the network’s capacity to deliver requested information in a timely manner. A robust network allows many users to connect with little delay and exhibits low latency, which describes slow connections that impair web service performance. An inadequate network might fail when many users connect.
  • Reliability indicates the amount of time the network is available, accepting new connections, and sending/receiving authorized data. An unreliable network will fail intermittently, regardless of the number of users.

For school users, an unreliable or non-robust network (i.e., “the network is down”) is unacceptable. IT professionals constantly work to improve network capacity and manage traffic to ensure these qualities.

Peering into the Wiring Closet: The Network’s Brain

The wiring closet, often intimidating with its fans, air conditioners, and blinking lights on racks of switches, is the nerve center of a school’s network. Here, critical devices like the unified threat management (UTM) appliance protect the network and data from malware and hackers, while the gateway connects all local devices to the Internet.

Securing this physical space is paramount. A prudent IT professional will secure the closet, but a savvy school administrator should understand how to gain access if necessary. Access control to the IT network is a contentious topic; IT professionals reasonably want to minimize unskilled access, while school administrators are ultimately responsible and may need to intervene. Network security isn’t just about digital firewalls; it starts with physical security.

Local Area Networks (LANs) vs. The Internet

A key distinction for anyone in network security is understanding the difference between a Local Area Network (LAN) and the Internet. LANs entered schools in the mid-1990s, initially connecting multiple computers to shared printers or servers for file sharing. Over time, school LANs became more sophisticated, even connecting different campuses within a district for shared resources and centralized management.

The easiest way to differentiate a LAN from the Internet is to ask: “Who has physical access to and control over the devices?”. Devices you can physically touch within a school building are part of its LAN. Internet resources, on the other hand, are maintained by technicians at remote sites. While user experience for LAN and Internet resources can often be similar due to web browsers, the underlying control and management differ significantly. For example, library card catalogs, once housed on LAN servers, are now predominantly web-based services stored on the Internet, thanks to robust and reliable network connections.

Consumer, Business, and Enterprise Networks: Scale Matters

The ease of setting up a consumer network for under $100 with a device that combines gateway and routing functions can be deceptive. For schools with hundreds of devices, consumer networks are insufficient. These “plug-and-play” systems work for about 10 devices but lack the configurability and capacity for large-scale operations.

Business-class networks use devices that provide robust and reliable connections for several tens of users. However, for all but the smallest schools, enterprise networks are essential. Enterprise networks are far more sophisticated and use much more expensive devices. For instance, a five-port consumer switch might cost less than $50, while a 48-port enterprise switch with advanced management software can cost around $5,000, representing a significant difference in cost per port and capability. Understanding this scale difference is crucial for appreciating the challenges of school IT management.

Fundamental Concepts: The Building Blocks

Let’s delve into some core networking concepts that every network security student should master:

Data Rate or Bandwidth

Data rate, also known as bandwidth, refers to the amount of information transferred over a network in a given time. Broadband describes “large amounts of bandwidth” and is a relative term; in 2015, the FCC defined it as a minimum of 25 Mbps. While measuring data rate can be complex, the principle is simple: “the more bandwidth the better the performance of the network”. Schools contract with Internet Service Providers (ISPs) for a specified bandwidth, which impacts network performance.

Bandwidth is a zero-sum quantity; if students stream music, they consume bandwidth that becomes unavailable for other uses. The total data rate of a network connection is limited by the device with the least data rate. For example, a 1 Gbps network will only perform at 100 Mbps in a section served by an older 100 Mbps switch. Overloaded network devices, like switches or gateways, can also severely reduce effective data rates, even if rated higher. To handle high demand, IT professionals may purchase additional lines and divide traffic. They also limit access to “broadband hogs” like YouTube by configuring routing and switching to minimize bandwidth for such sites.

Measuring data rate is a first step in troubleshooting. For deeper analysis, IT administrators use packet analyzing software (or “network sniffing”) to observe traffic details, identify bandwidth usage, and detect malfunctioning or malware-infected computers. This software can also be used to configure networks to block specific protocols, like those used for Internet games.

Addressing

Every device on a network needs a unique address to ensure information packets reach the correct location. There are two main types:

  1. Media access control (MAC) address—This is a permanent, physical address programmed into hardware during manufacturing. It never changes and precisely identifies a device. Network sniffers can identify MAC addresses for all devices.
  2. Internet protocol (IP) address—This is a temporary address assigned by Dynamic Host Configuration Protocol (DHCP) software, usually on a server, router, or gateway. A device gets a new IP address each time it connects to a new network, and it may change upon reconnecting. When the DHCP pool of addresses is exhausted, no more devices can connect.

Historically, IPv4 (Internet Protocol version 4) used 32-bit quad-dot addresses (e.g., 192.168.1.100), supporting about 4.3 billion nodes. To prevent address exhaustion, IPv6 (Internet Protocol version 6) was developed, using 128 bits to vastly expand the number of possible nodes. Most networks now support both.

Because IP addresses are difficult for humans to remember, Domain Name Servers (DNS) convert human-friendly URLs (like www.google.com) into their corresponding IP addresses. When a computer can’t open websites by name but seems connected, it’s often a “DNS problem”.

Gateways connecting a school LAN to the Internet have at least two network adapters: an external one with an ISP-assigned IP address for Internet traffic, and an internal one with a static IP address for the LAN. Security professionals spend significant time ensuring unauthorized incoming data doesn’t pass into the LAN.

Within a subnet, a DHCP server manages a pool of addresses (e.g., 192.168.0.1 through 192.168.0.255). DHCP servers offer three options for assigning IP addresses:

  • Static IP addresses—Permanently assigned to devices always connected and powered on, like switches, wireless access points, or printers. These are removed from the dynamic pool and configured directly on the device.
  • Dynamic IP addresses—Assigned new addresses each time an intermittently connected device (laptops, mobile devices) connects.
  • Reserved IP addresses—Less common, but assigned by the DHCP server to a specific device, effectively creating a permanent address without configuring it on the device itself.

Routing

Routing is the network function that sends packets via a route to their destination. This occurs between the LAN and the Internet via a router (or routing software on a network appliance). Within the LAN, information packets are routed by switches. Enterprise switches are far more sophisticated than consumer ones, with configurable software to manage packets for many more nodes, which contributes to their higher cost.

Wireless Networks: Connectivity Without Cables

The term “wireless” in schools typically refers to two types of networks:

  1. Cellular phone networks—Used by smartphones and tablets, these connect devices directly to the Internet via cell towers and are outside the control of school IT managers.
  2. Wireless Ethernet (Wi-Fi)—This technology uses radio signals to connect mobile and desktop devices to the school’s Ethernet network. When using Wi-Fi, traffic passes through school-owned networks.

Wi-Fi installation requires access points (APs), usually cabled to the Ethernet network, given a static IP address, and mounted on ceilings. APs broadcast a Service Set Identifier (SSID), which is the network name, often with a security code. Modern devices can detect and connect to available SSIDs. System administrators can also hide SSIDs for technician-only networks.

A common school configuration offers three SSIDs:

  • An “administration” SSID: Hidden, for system administrators and secure connections.
  • A “teaching and learning” SSID: Most bandwidth, for school-owned mobile devices, allowing authentication and access to LAN resources.
  • A “guest” SSID: Limited bandwidth, for personal devices, usually without access to LAN resources.

The shift to Wi-Fi was driven by the rise of mobile devices lacking Ethernet ports and advances in wireless technology providing sufficient bandwidth and lower installation costs compared to wired networks. However, a challenge for Wi-Fi is ensuring each space is served by a single access point; overlapping signals can cause devices to continuously drop and reconnect, leading to an unreliable network.

Network Management and Security: Your Future Role

This is where your network security course truly comes into play. Network management is a continuous, multi-faceted endeavor requiring specific expertise.

Planning and Installation

Designing and building networks requires specialized engineers. Schools often contract these services, leading to extended contractual relationships for ongoing service. Network projects are labor-intensive and are often scheduled during school breaks to minimize disruption. A key aspect of planning is mapping and documenting the network, identifying both the network address and physical location of devices. While often neglected due to IT professionals being overworked, good documentation is vital for troubleshooting, upgrades, and audits.

Managing Users, Resources, and Data

Once installed, IT professionals configure devices for security, robustness, and reliability. This includes:

  • Authenticating users and granting permissions based on their roles and authorized resources.
  • Using organizational units (OUs) to efficiently manage groups of users (e.g., “high school students”) or computers.
  • Following best practices for password management, such as changing a user’s password if an administrator needs access, then having the user reset it to preserve privacy.
  • Utilizing remote access features of operating systems to troubleshoot problems or install updates from a different location, which is particularly efficient in geographically spread-out school districts.
  • Actively maintaining systems through software updates (operating systems, applications, drivers) to prevent degradation over time.
  • Troubleshooting and repairing failed devices, with well-documented network maps facilitating quick restoration.
  • Developing a disaster recovery plan, including off-site data backups, to protect against unforeseen events. This also involves investigating proposed changes for compatibility with existing systems.

Network Security

Perhaps the most critical function of a school IT administrator is ensuring network security. This is a multidimensional challenge, aiming for:

  • Confidentiality—Only authorized individuals access systems and data.
  • Integrity—Systems and data are accurate and unaltered.
  • Availability—Those who need access can get it.

These aspects can be contradictory; increasing confidentiality often means limiting availability. For schools, confidentiality is paramount due to the Family Educational Rights and Privacy Act (FERPA), which protects sensitive student and family information. School leaders can be held liable for failing to protect this data.

Security measures include:

  • Limiting administrator account access to trained and authorized individuals.
  • Deploying Unified Threat Management (UTM) devices to scan for malware.
  • Blocking access to sites known to distribute malware.
  • Preventing unauthorized incoming network traffic.
  •  

Securing networks is especially challenging with Bring Your Own Device (BYOD) initiatives. Schools often address this by providing a “guest SSID” with limited service and no access to LAN resources for personal devices.

Finally, IT managers actively monitor and log network traffic and unusual events. If threats are detected, they remediate damage, which could involve removing infected computers, increasing threat detection settings, or restoring data from backups. They can even blacklist specific devices (e.g., a student’s laptop known to have viruses) on the DHCP server to prevent them from obtaining an IP address and connecting to the network.

Conclusion

For you, as community college students in a network security course, understanding these aspects of school IT networks is not just about schools. It’s a practical application of fundamental networking principles that apply across all enterprise environments. The challenges of managing diverse users, limited budgets, evolving technology, and crucial data protection within a school setting provide invaluable lessons for any aspiring network security professional. Mastering these concepts provides a solid foundation for tackling the complex security challenges of tomorrow’s digital world.