Being the Wi-Fi provider at a conference for 500 people is not a job to be taken lightly. It can require days of preparation and constant troubleshooting during the event, as people expect to stay connected while moving in and out of rooms. So, imagine being in charge of the Wi-Fi for more than 2,450 conferences, where the total average consumption is 176TB a day, and you’ll get a sense of what the team at Network for Learning (N4L), New Zealand’s national network for schools, grapple with.
Gavin Costello, who recently added CSIO to his CIO responsibilities, leads the 30-strong IT team at N4L. On his team is Clayton Hubbard, head of enterprise architecture, who recently won the 2020 Reseller News Innovation Award for Entrepreneurship – Technical Excellence.
Hubbard’s latest job is to lead the design of more than 2,450 wireless networks in schools across New Zealand, as part of N4L’s Wi-Fi 6 deployment. It is arguably one of the largest network rollouts of its kind — not only in New Zealand, but globally. And it is taking place in an environment where each school is unique, both in its infrastructure requirements and its governance and oversight, Hubbard says.
Protecting students — in and out of school
“Schools are self-governing entities. They are little cities. You’re taking 10, 50, or 100 households and sticking them all into one location with no real governance and no strict standards across it. When you go into a corporate environment, you [the employee] come in and go through a code of conduct. If you do a bad thing, we fire you. Well, you can’t fire kids,” he says.
And the students do sometimes get out of line. Such as when they try to bring down the school’s network by downloading a DDoS program from the web. Hubbard calls this the modern version of ringing the fire alarm when there is no emergency. Both modern and old-fashioned methods can cause massive disruption to the school.
DDoS attacks also come from external sources, as do malware, ransomware, and phishing attacks. On average, N4L blocks 2.5 million security threats a day, with total blocks (social media sites and so on) averaging 26 million a day.
N4L upgraded the firewall and filtering across its entire network in 2018-19 when it switched its security vendor. It works with a range of broadband providers, chiefly Spark, and partners with organisations such as Netsafe, the Ministry of Education, and CERT to help students connect safely — both in and out of school.
When the COVID-19 lockdown began in March 2020, the N4L team were concerned that many children would be learning from home on unsafe devices, at a time when cybercriminals were taking advantage of the mass migration to working and learning from home.
“There was a heightened number of incidents of malware and essentially a heightened number of incidences of children being put at risk online because they were learning from home in an unsupervised environment and not sitting in a classroom,” Costello says.
Hubbard designed a DNS filtering service that restricted the worst of the web on a student’s learning device. He did this by repurposing an enterprise-grade Akamai solution that N4L uses in schools, working with the Akamai global team to get it released for the first day of School Term 2. “It was a logistical challenge; it moved very fast. Everyone just had to chime in as fast as possible,” Hubbard says.
The Switch on Safety filter has to date been used by 30,000 households, with 4.5 million unsafe websites and 777,000 cyberthreats blocked between mid-April and 7 August.
The next step in the roadmap is to build a Security Operations Centre for N4L. Costello says with about 2,500 routers, as many as 14,000 switches, and 38,000 access points, the network can generate plenty of data to help recognise potential threats, so N4L can be “the fence at the top of the cliff, as opposed to the ambulance at the bottom.”
“It’s about analysing the data and looking for the threats. That’s to stop things like ransomware, which you see from time to time across schools, and things that really have a detrimental impact on the ability for schools and teachers to continue teaching and learning,” Costello says.
While artificial intelligence and machine learning are likely to be useful when analysing the threat landscape, as with all technology, it is also about educating users. In the case of cybersecurity, it’s about not clicking on dodgy emails, changing passwords regularly, and deploying two-factor authentication where it makes sense.
Finding security and wireless skills is challenging
As N4L expands its remit in both its network and security deployment, Costello is charged with finding new team members with the right security and wireless skills. “Is it hard to find them? Yes, it really is. It’s always difficult to find good security people. Experienced wireless people are also very difficult to find, we are discovering. We have been building our teams, but is has certainly been a challenge,” he says.
With the ability to hire internationally effectively on pause now that New Zealand’s borders are closed due to COVID-19, Costello is hoping that returning expatriates might plug some of the gaps.
Still, once people arrive at N4L, its likely they will stay for some time, if Hubbard is any indication. He began at the organisation around eight years ago and has no intention of moving on. “There’s a difference about delivering social outcomes, keeping kids safe. We work in a very dynamic environment; things are changing, it’s not a boring environment. You are constantly challenged, you constantly have opportunity to make that social impact. I think that has kept me very passionate,” Hubbard says.
Continue reading for free
Create your free Insider account or sign in to continue reading. Learn more