School Environment

23rd August 2019

I have been working on a private school project, I haven’t finalized any solutions yet but i hope my notes will guide others in similar predicaments.

Server: A Synology NAS makes a good turn-key file server that is easy to use, supports add-in software, supports cloud sync. Alternates are OpenMediaVault running on Rock64, NextCloud running on Raspberry Pi. ChromeOs has supported SMB fileshares since 2018. Cloudron is interesting but the free version is limited to 2 apps.

PC: Chromebooks have been the go-to as they are easy to use and hard to destroy. For a slightly cheaper, less portable solution ChromeOS runs well on Raspberry Pi 3b (not Pi4 yet) details chromiumos-sbc.org Pine will soon release their Pinebook-Pro to the general public. It is notable as it has a sturdy metal body & replaceable components (kids aren’t careful) at a $199us price point. I have NOT confirmed that it will run ChromeOS.

Firewall with content filtering: My standard has been Fortinet. I have been running free OPNsense in my home for over a year with no regrets, but the content filtering is hard to setup. PfSense, also a good product, falls down in the ease-of-use category. OPNsense & PfSense run on Intel 64bit hardware, an old laptop will work fine for 2 dozen students. I have successfully used both ASIX (Apple) and Realtek USB adapters.

Networking: Ubiquiti makes inexpensive and easy to use gear. The software to setup VLANs and Wifi can be cloud based ($10/month / 100 devices) or can be installed on Linux. After the hardware has been setup it does NOT need to remain connected; the config is stored in flash and survives rebooting. A careful technician could maintain the system remotely. Highly recommend switches with SFP+ ports (10Gbe) to limit bottle-necking and provide future expansion. like the UniFi Switch 48 $415us

Wifi: Ubiquiti wireless gear works with the same software as the networking gear. I avoid the lite versions of AP’s. Note that all Wifi has a finite amount of bandwidth that is shared among all users. Don’t believe the marketing hype; Devices that advertise MIMO 320Mbps! only get that speed for a Single isolated user. As soon as there is a 2nd user that speed is cut in half. Make sure your AP’s and Chrome books support both 2.4Ghz AND 5Ghz; this may be marketed as Dual band. Have your technician perform a Spectrum analysis to optimize throughput. Minimize sources of noise like fluorescent lights and bluetooth speakers.

Phones; Check with your local fire department as there may be a legal requirement to have a legacy phone line. I have recently found Jive cloud to be super easy and inexpensive.

Security Cameras; personally i have used Wyze cameras because they are cheap and cloud enabled. Their reliability is subject to the whims of Wifi. Their website also lists motion and door sensors, but i have no experience with those. Legally you need to have parents sign a waiver if their children could be recorded on securtiy cameras.