Fast-growing school district assures secure, reliable and scalable network services for teaching and learning with Aruba ESP
お客様プロフィール
Formally organized in 1936, Pflugerville Independent School District has grown from a handful of one-room schools to 34 campuses providing its 26,000 students an inspiring, engaging, and relevant education that empowers students to reach their full potential as productive members of a diverse global community.- Vertical: Primary Education
- Location: Pflugerville, Texas, United States
- Customer size: Approximately 26,000 students and 2,000 staff across 34 campuses encompassing 96 square miles
Use Case
Improve network reliability, security, flexibility, and scalability for fast-growing public school system, leveraging intelligence-based wireless and wired edge services.
Requirements
- Provide strong security for wireless and wired networks
- Improve flexibility for moving wired devices from one location to another
- Gain greater visibility into devices on the network
Solution
Outcomes
- Saved networking team four weeks each school year with dynamic segmentation
- Enabled zero-trust strategy on wired network, strengthening security of school data
- Scaled easily to support rapid growth, more than doubling number of devices on the network with no degradation
- Improved visibility of devices on the network, enabling more efficient management of device inventory
- Reduced work orders and support calls, allowing network team to focus on more important projects
Proud of its hometown atmosphere, Pflugerville Independent School District (ISD) is one of the fastest-growing school systems in the country. With digital and cloud services playing such a central part in education today, the district needed a networking solution that can easily scale while ensuring strong security across both the wireless and wired networks.
Pflugerville's chief technology officer, Victor Valdez, says, "Our network is the backbone of the district and vital to enabling the education process. The design of our previous network was such that if one campus went down, others went down also, and that was simply not going to be acceptable as we continue to grow."
A Network Teachers and Students Count On Every Day
Over the last several years, Pflugerville ISD has grown to comprise 34 sites, including 23 elementary schools, seven middle schools, and four high schools, plus several specialty learning centers. The network supports tens of thousands of devices used by teachers, students, and administrators every day to provide instruction, access learning tools and content, and run the business of an education system.
Angele Fitzhenry, director of technical services for Pflugerville ISD, explains, "When our staff and students walk into a classroom or office, they depend on our network just like they depend on flipping on a light switch. It's always there and ready to use. With Aruba, we've experienced that kind of reliability."
Michael Bohler, senior network engineer with Pflugerville ISD, has worked with Aruba wireless solutions for 21 years over the course of his career and knows the reliability and scale they provide. "We are growing leaps and bounds and Aruba has been right there with us. Within four months we went from about 10,000 laptops and tablets to nearly 27,000 devices on our network and we were able to leverage our existing Aruba infrastructure without seeing any degradation in performance or uptime."
Strong Security Is Essential For Public Schools
Approximately five years ago, Pflugerville ISD revamped its wireless network with Aruba access points and has since built a Wi-Fi 6 network based on Aruba AP-535 and AP-555 access points—core elements of Aruba ESP (Edge Services Platform).
Being a public school system, network security is also a major concern. Using Aruba, the Pflugerville team configured specific segmented paths on the wireless network for students, faculty, staff, and guests, as well as district-level and personal devices. All wireless traffic uses the 802.1X protocol and is secured with certificates and multifactor authentication. Then Valdez raised a question: "Can we do the same thing on the wired side?"
Bohler took the question to Aruba and quickly came back with an answer: "Yes."
Implementing zero-trust strategy for wired devices
The objective on the wired network was to implement a zero-trust policy where nothing is permitted on the network except district-owned devices such as printers and IoT systems like clocks, bells, security cameras, and HVAC.
To address this demand, Bohler and his team deployed Aruba CX 6300 Switch Series and Aruba ClearPass to build on the district's Aruba ESP foundation. He notes, "All wireless and wired traffic across the school district is now using 802.1X authentication and dynamic segmentation for all devices. As a result, our level of network security has greatly increased."
Fitzhenry adds, "By building our security policies in Aruba we can now enforce what is in our documentation and do that across our entire district with a very small team."
Securing network access for outside vendors
To implement a zero-trust strategy on the wired network, the Pflugerville team created an inventory in ClearPass of all devices across each department. Any device not profiled in ClearPass is denied access to the network.
The team also identified every vendor that required network access to service systems like HVAC or electrical. But rather than allow them direct access on the network, Bohler came up with a clever alternative.
"We didn't want to give each vendor a user name and password to our network," Bohler points out. "Instead, we provide them with a simple USB stick that has an Ethernet connector, which is managed in ClearPass. When a vendor plugs in the stick, they can only access the VLAN specific to the system they're here to work on, like HVAC. They're blocked from everything else on our network. Adding or deleting a device takes less than two minutes."
Valdez remarks, "Bringing in Aruba with all their security components has been a very important part of supporting our growth."
Greater Visibility Into Devices On the Network
Bohler and his fellow network managers also gained more visibility into devices on the wireless and wired networks. In fact, after deploying the Aruba CX 6300 switches and ClearPass, they found unaccounted-for computers and printers that had been moved from one school to another.
Fitzhenry observes, "A byproduct of putting in these additional Aruba network controls and security features has been the ability to clean up our device inventory."
For Bohler, increased network visibility has had broad impact. "The Aruba solution gave us a big microscope into our network," he says. "We're able to see every piece of equipment, every IoT device, that is on our network. Now we have a very large inventory of exactly what we have and where it is located making it much easier to track down computers, printers or devices of any sort on our network."
More network intelligence simplifies management
Greater network visibility and insight has simplified administration and saved time for Bohler and his team—especially important with just four people dedicated to managing the network. "Being able to see everything that's plugged into our network has made our life a lot easier," he notes.
To illustrate the point, Bohler explains that he and his team no longer have to spend four weeks every school year helping teachers reconnect their printers after their rooms were cleared for cleaning in the summer. "Now, when teachers start coming back, we don't get any calls. We no longer have to manually set up ports for each printer. They can move printers anywhere and plug them into any available hot port without us doing a single thing."
He continues, "The dynamic segmentation enabled by Aruba has helped us cut down work orders and reduce the number of calls we get so we can concentrate on more important projects to help the schools."
On the Horizon: Cloud and AI
With the success of its current Aruba solution, Pflugerville ISD is now looking at taking the Aruba ESP to the next level by adopting Aruba Central for AI-powered cloud network management. Bohler has already been evaluating Aruba Central and is optimistic about the new capabilities it will bring.
"Being in the cloud will help give us even more visibility," Bohler suggests. "Instead of just seeing we have a device on the network, we'll know exactly what type of device it is, the brand, its configuration, and other valuable information."
He adds, "We're moving to more and more cloud solutions like Canvas learning management, Google Classroom and Gmail, and Microsoft Office 365. I'm thinking we will use Aruba Central to classify those cloud services as a higher priority than other traffic, and then leverage AI to proactively monitor them for optimal performance and efficiency."
Enterprise-class network for public education
Pflugerville ISD has taken a bold approach to its wireless and wired network strategy, implementing advanced security practices typically reserved for large enterprises. Bohler says in talking with peers at other schools, he's often asked why the school district has gone to such lengths.
His answer is simple: "A school district is one of the most vulnerable environments anywhere. We're a public entity, so if a parent or grandparent walks into any of our schools and wants to use our network, we have to provide them access. But in doing that, we have to make sure they can't access and expose private personal information or destroy valuable data. That's why we made the investment in Aruba technology."
Fitzhenry advises other school systems to be just as bold as Pflugerville. "I say, find a vendor that can come in with an enterprise-level solution but make it work for a public entity that's funded by taxpayers like a school district. That's exactly what Aruba did for us."
Valdez concludes, "My advice is don't be afraid of the financial aspect. We have to work within a bond program, yet everybody recognizes that security is a top priority and we had to have viable solution to protect our public assets. Finding a vendor, like Aruba, that was willing to work with us and get it done within our financial parameters has been a great experience."
お客様プロフィール
Formally organized in 1936, Pflugerville Independent School District has grown from a handful of one-room schools to 34 campuses providing its 26,000 students an inspiring, engaging, and relevant education that empowers students to reach their full potential as productive members of a diverse global community.- Vertical: Primary Education
- Location: Pflugerville, Texas, United States
- Customer size: Approximately 26,000 students and 2,000 staff across 34 campuses encompassing 96 square miles
Use Case
Improve network reliability, security, flexibility, and scalability for fast-growing public school system, leveraging intelligence-based wireless and wired edge services.
Requirements
- Provide strong security for wireless and wired networks
- Improve flexibility for moving wired devices from one location to another
- Gain greater visibility into devices on the network
Solution
Outcomes
- Saved networking team four weeks each school year with dynamic segmentation
- Enabled zero-trust strategy on wired network, strengthening security of school data
- Scaled easily to support rapid growth, more than doubling number of devices on the network with no degradation
- Improved visibility of devices on the network, enabling more efficient management of device inventory
- Reduced work orders and support calls, allowing network team to focus on more important projects
Proud of its hometown atmosphere, Pflugerville Independent School District (ISD) is one of the fastest-growing school systems in the country. With digital and cloud services playing such a central part in education today, the district needed a networking solution that can easily scale while ensuring strong security across both the wireless and wired networks.
Pflugerville's chief technology officer, Victor Valdez, says, "Our network is the backbone of the district and vital to enabling the education process. The design of our previous network was such that if one campus went down, others went down also, and that was simply not going to be acceptable as we continue to grow."
A Network Teachers and Students Count On Every Day
Over the last several years, Pflugerville ISD has grown to comprise 34 sites, including 23 elementary schools, seven middle schools, and four high schools, plus several specialty learning centers. The network supports tens of thousands of devices used by teachers, students, and administrators every day to provide instruction, access learning tools and content, and run the business of an education system.
Angele Fitzhenry, director of technical services for Pflugerville ISD, explains, "When our staff and students walk into a classroom or office, they depend on our network just like they depend on flipping on a light switch. It's always there and ready to use. With Aruba, we've experienced that kind of reliability."
Michael Bohler, senior network engineer with Pflugerville ISD, has worked with Aruba wireless solutions for 21 years over the course of his career and knows the reliability and scale they provide. "We are growing leaps and bounds and Aruba has been right there with us. Within four months we went from about 10,000 laptops and tablets to nearly 27,000 devices on our network and we were able to leverage our existing Aruba infrastructure without seeing any degradation in performance or uptime."
Strong Security Is Essential For Public Schools
Approximately five years ago, Pflugerville ISD revamped its wireless network with Aruba access points and has since built a Wi-Fi 6 network based on Aruba AP-535 and AP-555 access points—core elements of Aruba ESP (Edge Services Platform).
Being a public school system, network security is also a major concern. Using Aruba, the Pflugerville team configured specific segmented paths on the wireless network for students, faculty, staff, and guests, as well as district-level and personal devices. All wireless traffic uses the 802.1X protocol and is secured with certificates and multifactor authentication. Then Valdez raised a question: "Can we do the same thing on the wired side?"
Bohler took the question to Aruba and quickly came back with an answer: "Yes."
Implementing zero-trust strategy for wired devices
The objective on the wired network was to implement a zero-trust policy where nothing is permitted on the network except district-owned devices such as printers and IoT systems like clocks, bells, security cameras, and HVAC.
To address this demand, Bohler and his team deployed Aruba CX 6300 Switch Series and Aruba ClearPass to build on the district's Aruba ESP foundation. He notes, "All wireless and wired traffic across the school district is now using 802.1X authentication and dynamic segmentation for all devices. As a result, our level of network security has greatly increased."
Fitzhenry adds, "By building our security policies in Aruba we can now enforce what is in our documentation and do that across our entire district with a very small team."
Securing network access for outside vendors
To implement a zero-trust strategy on the wired network, the Pflugerville team created an inventory in ClearPass of all devices across each department. Any device not profiled in ClearPass is denied access to the network.
The team also identified every vendor that required network access to service systems like HVAC or electrical. But rather than allow them direct access on the network, Bohler came up with a clever alternative.
"We didn't want to give each vendor a user name and password to our network," Bohler points out. "Instead, we provide them with a simple USB stick that has an Ethernet connector, which is managed in ClearPass. When a vendor plugs in the stick, they can only access the VLAN specific to the system they're here to work on, like HVAC. They're blocked from everything else on our network. Adding or deleting a device takes less than two minutes."
Valdez remarks, "Bringing in Aruba with all their security components has been a very important part of supporting our growth."
Greater Visibility Into Devices On the Network
Bohler and his fellow network managers also gained more visibility into devices on the wireless and wired networks. In fact, after deploying the Aruba CX 6300 switches and ClearPass, they found unaccounted-for computers and printers that had been moved from one school to another.
Fitzhenry observes, "A byproduct of putting in these additional Aruba network controls and security features has been the ability to clean up our device inventory."
For Bohler, increased network visibility has had broad impact. "The Aruba solution gave us a big microscope into our network," he says. "We're able to see every piece of equipment, every IoT device, that is on our network. Now we have a very large inventory of exactly what we have and where it is located making it much easier to track down computers, printers or devices of any sort on our network."
More network intelligence simplifies management
Greater network visibility and insight has simplified administration and saved time for Bohler and his team—especially important with just four people dedicated to managing the network. "Being able to see everything that's plugged into our network has made our life a lot easier," he notes.
To illustrate the point, Bohler explains that he and his team no longer have to spend four weeks every school year helping teachers reconnect their printers after their rooms were cleared for cleaning in the summer. "Now, when teachers start coming back, we don't get any calls. We no longer have to manually set up ports for each printer. They can move printers anywhere and plug them into any available hot port without us doing a single thing."
He continues, "The dynamic segmentation enabled by Aruba has helped us cut down work orders and reduce the number of calls we get so we can concentrate on more important projects to help the schools."
On the Horizon: Cloud and AI
With the success of its current Aruba solution, Pflugerville ISD is now looking at taking the Aruba ESP to the next level by adopting Aruba Central for AI-powered cloud network management. Bohler has already been evaluating Aruba Central and is optimistic about the new capabilities it will bring.
"Being in the cloud will help give us even more visibility," Bohler suggests. "Instead of just seeing we have a device on the network, we'll know exactly what type of device it is, the brand, its configuration, and other valuable information."
He adds, "We're moving to more and more cloud solutions like Canvas learning management, Google Classroom and Gmail, and Microsoft Office 365. I'm thinking we will use Aruba Central to classify those cloud services as a higher priority than other traffic, and then leverage AI to proactively monitor them for optimal performance and efficiency."
Enterprise-class network for public education
Pflugerville ISD has taken a bold approach to its wireless and wired network strategy, implementing advanced security practices typically reserved for large enterprises. Bohler says in talking with peers at other schools, he's often asked why the school district has gone to such lengths.
His answer is simple: "A school district is one of the most vulnerable environments anywhere. We're a public entity, so if a parent or grandparent walks into any of our schools and wants to use our network, we have to provide them access. But in doing that, we have to make sure they can't access and expose private personal information or destroy valuable data. That's why we made the investment in Aruba technology."
Fitzhenry advises other school systems to be just as bold as Pflugerville. "I say, find a vendor that can come in with an enterprise-level solution but make it work for a public entity that's funded by taxpayers like a school district. That's exactly what Aruba did for us."
Valdez concludes, "My advice is don't be afraid of the financial aspect. We have to work within a bond program, yet everybody recognizes that security is a top priority and we had to have viable solution to protect our public assets. Finding a vendor, like Aruba, that was willing to work with us and get it done within our financial parameters has been a great experience."