Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Tech Install Guide Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 1 |P a g e Revised 1/2017 Edgenuity Tech Install Guide Contents Welcome to Edgenuity ................................................................................................................................. 3 Minimum System Requirements: User Workstations ...................................................................................... 4 Network Requirements and White List .......................................................................................................... 5 Edgenuity Media Appliance Overview ........................................................................................................... 6 Edgenuity Media Appliances ..................................................................................................................... 6 Edgenuity Physical Appliance Specifications .............................................................................................. 7 Virtual Server Media Appliance Specifications ............................................................................................ 8 Edgenuity Media Distribution System ......................................................................................................... 9 Appliance Installation and Configuration .......................................................................................................10 Appliance Installation and Configuration Requirements ............................................................................ 10 Configuring Appliance Network Interface Settings .................................................................................... 11 Configuring an Appliance Gateway .......................................................................................................... 12 Configuring an Appliance DNS ................................................................................................................ 12 Storing Changes for Appliance Settings ................................................................................................... 13 Monitoring Appliances Using the Management Portal ............................................................................... 13 Media Appliance Support ........................................................................................................................ 13 Single Physical Appliance Update Modes.....................................................................................................14 Multiple Physical Appliances Advanced Updates ..........................................................................................15 Local Master Media Update Mode Overview ............................................................................................ 15 Multiple Appliances within a DNS Overview ............................................................................................. 16 Multiple Appliances, Single DNS Solutions ............................................................................................... 17 DNS Round-Robin ............................................................................................................................... 17 Host File Configuration ......................................................................................................................... 17 Active Directory Sites & Services .......................................................................................................... 17 Edgenuity System Login and Security ..........................................................................................................19 Enhanced Passwords.............................................................................................................................. 19 Secure Station ........................................................................................................................................ 20 IP Registry for Secure Student Access..................................................................................................... 21 Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 2 |P a g e Revised 1/2017 Welcome to Edgenuity The Edgenuity and Compass programs have been designed for ease of use with deployment, maintenance, and functionality in a typical educational technology environment. The system predominantly runs on a hosted platform housed within secured data centers. Our customers can feel assured student data is safe and secure with absolutely no work required by school district personnel. We have taken great care in engineering and designing a robust system with redundancy built in at every level. Multiple levels of backup are incorporated into the onsite and offsite real-time systems. As students and teachers log into our program they access servers located within the secured data centers. Student computers will access the Student Portal via the Internet with information transfer requirements equivalent to standard website interactions. School lab environments will require little Internet bandwidth to function. The core of the Edgenuity system consists of short video lectures. To maximize program performance and minimize network impact, the Edgenuity system incorporates the use of media appliances. These appliances are self-contained, read-only devices that provide access to the Edgenuity video content library locally. Edgenuity appliances utilize custom programming requiring no backups or user maintenance. Edgenuity Media Appliances are built on a custom service platform, adding faster performance and greater reliability to our product. Edgenuity appliances come with up to three-year warranty and service contract. Media appliances are configured for your district with an internal static IP address, subnet mask, DNS server IP address, and hostname. An internal static IP address can be used unless you will service students from outside your network (i.e., home). Edgenuity incorporates redundancy into the media delivery system. If a local media appliance is unavailable to the user, the program automatically rolls the request to another media appliance on your network. If no other appliances are available on your network the user request is sent to the media server cluster and the media is delivered via the Internet. This redundancy helps with the availability of the program to your students. The program requires a minimal set of software and plug-ins, all of which are readily available and free to download. Pre-installment of all required software on your workstations ensures students receive the best experience with this software. Connection to power and network switch is required for use with a local media appliance. Your Edgenuity Sales Account Executives and Partnership Advisors will work to ensure you have the proper media appliances for your specific needs. Please contact Edgenuity if changes occur within your network for the appliance(s) static IP or if additional assistance is needed. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 3 |P a g e Revised 1/2017 Edgenuity Minimum System Requirements: User Workstations Schools and districts utilizing the Edgenuity system will need to ensure workstations meet minimum requirements below. Edgenuity Minimum System Requirements Operating Systems Android™ 4.3 Apple iOS 7.x Mac® OS® X 10.7.5+ Chrome™ OS 35 1 Browsers Windows® 7, 8, 10 Windows Vista™ Windows RT Google™ Chrome™ 35+ Firefox® 45+ Safari® 6.0+ 2 Internet Explorer 11 Microsoft Edge Network / Speed Connection Processor 3 PC: 2.33 GHz AMD® -or- Intel® 1.83 GHz Mac: Intel 1.33 GHz LAN 100/1000 switched to desktop Internet access of 384 kbps per concurrent user Wi-Fi with 54 mbps access points or better Memory & Hard Disk Space Sound 4 2+ GB RAM 1 GB available disk space for browser cache OS supported sound card Microphone, speaker or headset (recommended) Display Plug-Ins 5 1280 x 1024 resolution 16-bit color 128 MB graphics memory Adobe® Flash® Player 18+ Java® 1.8+ Adobe Acrobat® Reader® 11+ Example Mobile Devices Android: Google Pixel C Samsung ™ Galaxy Tab® 3 Dell Venue 10 7000 6 Chromebook: Acer® Chromebook 15 C910 Dell™ Chromebook 11 Chromebook Pixel iPad: iPad 4 iPad mini ™ iPad Pro™ PLEASE NOTE: 1 The Android operating system is supported by Edgenuity, but the Android browser is not. Android users should download and only use the Chrome browser to access Edgenuity. Windows based tablets and the Windows RT operating system is fully supported by Edgenuity when using Edgenuity 3000+ series courses. 2 Chrome browser versions 42 or later may not allow functionality for some plug-ins. Safari 6.0 requires 10.7.5+. As of June, 2016 Internet Explorer 9 – 10 is no longer supported. 3 A slow Internet connection will affect the performance of multimedia elements found in the Edgenuity courses. 4 Students will need access to audio capabilities including microphones, speakers and/or headsets. 5 All instructional computer stations will need sufficient network-user permissions to ensure full functionality when using certain plug-in applications. Adobe Flash may be required when using courses containing Chem Labs and PowerSpeak. Java is required for Districts using the Secure Station feature. 6 Example devices listed above have been tested to be functional when using Edgenuity. Other Chromebook devices not listed maybe used providing they meet the minimum requirements. Smart phone and smart watch devices are not supported by Edgenuity. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 4 |P a g e Revised 1/2017 Network Requirements and White List Edgenuity has deployed an Internal Proxy System, ensuring students are on-task and remain safe when using outside content contained within course activities. This also allows Edgenuity to have a smaller, more static White List. To support the close and active reading of text for students at all reading levels, Edgenuity provides a CloseReader™ toolset for students. The toolset includes word look-up, text highlighters, annotation tools, read-aloud, and translation. Students can use these features on any HTML text within the system, including text within a third-party website accessed from within the Student Portal. The CloseReader and Internal Proxy System both rely upon the required ports and White List provided below. Some content filters, web proxies, and/or classroom management software may also require white listing the local media appliance (if purchased). Allowing Google sites listed within the White List through your content filter will not open all Google content, as it is referencing specific directories needed for the CloseReader. Edgenuity Network Requirements and White List Network Requirements 1 Required Ports The following outgoing communication ports for required IP ranges must be applied within your network when using Edgenuity. Port 7595 Port 443 Port 1935 Port 222 Port 80 Failover Ports The following failover ports can be used should the required ports listed above are inaccessible. Failover Port 22 Failover Port 6505 White List Required White List *.edgenuity.com 1 *.edgenuity.us *.education2020.com 1 *.education2020.us *.explorelearning.com *.k12hsn.org *.middil.com *.pglms.com *.sophia.org *.speechstream.net *.ucopenaccess.org google.com/uds google.com/jsapi office.microsoft.com onetonline.org/ desmos.com/calculator wherelearningclicks.com Instructional Services The additional required sites must be applied when using Instructional Services and LivePerson for tutoring chat purposes. sas.elluminate.com server.iad.liveperson.net e2020.geniussis.com Lpsnmedia.net liveper.sn 1 2 Liveengage.com Liveperson.com Liveengage.net Liveperson.net Port 7595 (TCP) to MDX.edgenuity.com can be applied for an appliance VPN connection. If your network prevents this port please apply the other ports listed. Ports 80, 222 and 443 must be opened for sites and Present Outbound Internet Addresses noted above. Port 22 is used as failover should Port 443 be inaccessible. Port 6505 is used as failover should Port 80 be in accessible. Proxy and content filters may disrupt communication on all ports. Ports 80, 222, and 443 must be open for site noted. 2 Edgenuity utilizes mp4 video formatting for course content videos. You will need to ensure mp4s are included for white listed sites within your network and your local Edgenuity media appliance. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 5 |P a g e Revised 1/2017 Edgenuity Media Appliance Overview Districts can ensure minimal bandwidth requirements of less than or equal to 384 kbps on average per concurrent user on the school infrastructure by placing an Edgenuity Media Appliance at the individual school or district. When a media appliance is housed within the district or individual school firewall, student computers will access the Student Portal via the Internet with information transfer requirements equivalent to standard website interactions. Instructional Videos, when required as part of a user experience, are pulled directly from the local media appliance. This ensures reduced load times with no additional bandwidth requirements, providing a positive end-user experience with minimal delay for page downloads. Edgenuity Media Appliances Edgenuity offers four (4) media appliances to our customers based on concurrent user needs. Each appliance is a selfcontained, read-only device rated for concurrent user connections. Edgenuity appliances utilize custom programming. Backups and user maintenance is not required when routing and white list rules have been applied. Mini Media Appliance Up to 250 concurrent users VESA, 1U rack, and desktop mount compatible Single power supply Slim Server Appliance Up to 750 concurrent users VESA, 1U rack, and desktop mount compatible Single power supply Rackmount Media Appliance Up to 5,000 concurrent users 1U rack Dual power supply Virtual Media Appliance Up to 5,000 concurrent users VMware® Microsoft® Hyper-V® Server 2012 R2 or newer Concurrent user count dependent upon dedicated resourses Please Note: Middlebury Powerspeak World Language courses and Sophia® Dual Credit courses do not require use of a media appliance. Please contact Edgenuity for questions regarding virtual operating systems not listed. Mini and slim server appliances include Kensington slot locks to stabilize and provide additional security to mounted appliances. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 6 |P a g e Revised 1/2017 Edgenuity Physical Appliance Specifications Edgenuity’s physical media appliances have been designed as mini, slim, and rackmount appliances. Each appliance is designed to be placed at or near the network backbone, optimized for read access, and rated for concurrent connections. Mini Appliance E250N Slim Appliance E750N Rack Appliance E5000R Up to 250 Concurrent Users Up to 750 Concurrent Users Up to 5,000 Concurrent Users Designed for small or lower usage implementations Designed for mid to larger usage implementations Designed for larger multi-school district implementations Mini Appliance Specs Slim Appliance Specs Intel Celeron® 3855U 1.6 GHz 2 core processor / 2 threads 8 GB DDR3 1600 MHz RAM 500 GB SATA drive Dual 1 GB NIC Intel Core i3 5005U 2.0 GHz 2 core processor / 4 threads 8 GB DDR3 1600 MHz RAM 500 GB solid state drive Dual 1 GB NIC Mount / Power Options Mount / Power Options Mount / Power Options VESA, 1U rack, and desktop mount compatible VESA, 1U rack, and desktop mount compatible 1U rack Single power supply Single power supply Dual power supply Weight Weight Weight Approximately 2 pounds each Approximately 2 pounds each Approximately 45 pounds each . Rack Appliance Specs XEON E5-2630L V3 1.8 GHz 8 core processor / 16 threads 32 GB DDR4 2133 MHz ECC RAM 500 GB SATA solid state drive Quad 1 GB NIC . . Additional Specifications for Physical Appliances Network load balancing is installed utilizing 2 – 4 NICS, depending upon the appliance. Edgenuity requires each on team NIC is connected to a 1 GB switch at or near the customer network backbone. All NICs should be connected to the same switch. Edgenuity recommends media appliances are placed within an environment suitable for computer equipment. Multiple media appliances may be used for larger installations. Appliances do not require outside firewall access. Bond requires no switch programming and should be compliant with all network devices. Edgenuity recommends media appliances are placed within an environment suitable for computer equipment, mounted using available options of VESA, rack, or desktop utilizing Kensington slot locks to stabilize and provide additional security to mounted appliances. Edgenuity media appliances are self-updating, require no user maintenance, and come with up to three year Edgenuity Rapid Replacement service. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 7 |P a g e Revised 1/2017 Virtual Server Media Appliance Specifications Edgenuity offers a virtual media appliance solution to assist customers in an ever-changing educational technology arena. Two (2) platform formats of Edgenuity Virtual Media Appliances (VMA) are available and supported based on the customer’s implemented virtual infrastructure. Platform formats include VMware 5.0+ and Microsoft Hyper-V Server 2012 R2 (or newer). Edgenuity VMAs include programming and multimedia content. Virtual Media Appliance Specifications Up to 5,000 Concurrent Users The Edgenuity VMA is pre-configured with mini media appliance specifications and resource requirements. VMAs are designed to provide media for up to 5,000 concurrent users. Edgenuity VMA Server Image Size Virtual Platforms 500 GB As a customer’s network grows, VMA resources can be adjusted. Additional memory, processor, and virtual disk storage resources can be committed to scale the VMA for larger concurrent user counts as needed. VMWare 5.0+ Microsoft Hyper-V Server 2012 R2 or newer Minimum Virtual Platform Requirements VMA images can also be copied and replicated as needed for use within the same district. This allows longer usage of the VMA without need to supply additional hardware. 4 Processors 8GB RAM 500 GB available disk space Software Specifications – Virtual Media Appliances Edgenuity will supply a download link for the virtual image within the customer’s virtualization network platform. Edgenuity requires an IP for the Edgenuity VMA. Edgenuity VMAs are self-updating, requiring no user maintenance. Assess of port 7595* (TCP) to MDX.edgenuity.com is required to enable the appliance VPN connection and apply updates to Edgenuity VMAs. Locations using web filtering MUST apply the Edgenuity white list for necessary updates. There is no limit to customer replication (within the same district) of a VMA image. Additional resources, if needed, can be committed to increase power of an Edgenuity VMA for larger installations. Upon request a virtual image can be supplied on a returnable, 2.5” USB3-capable portable hard drive after verification of a customer’s virtualization network platform. Please contact Media Appliance Support at [email protected] for questions regarding VMAs. Please Note: Middlebury Powerspeak World Language courses and Sophia Dual Credit courses do not require use of a media appliance. * If a single connection on port 7595 (TCP) to MDX.edgenuity.com is unavailable, ports 22**, 80, 222, 443, 1935, and 6505** can be opened for outbound traffic. ** Port 22 is a failover should port 443 be inaccessible. Port 6505 is a failover should port 80 be inaccessible. Proxy and content filters may disrupt communication on all ports. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 8 |P a g e Revised 1/2017 Edgenuity Media Distribution System The Edgenuity Media Distribution System (MDS) ensures proper updates and maintenance for media appliances uses while providing a seamless end user experience. MDS is designed to be behind-the-scenes and should not impact overall network performance. The system has 3 essential pieces of Content Updates, Monitoring Solution, and System Updates. The MDS utilizes port 7595 (TCP) for an appliance VPN (Virtual Private Network) connection to MDX.edgenuity.com for all hosts. If your network prevents this port, alternative ports and host IPs have been provided below for your reference. System Updates Monitorin g Solution Content Updates Content Updates The primary purpose of MDS is to ensure appliances have the latest content via port 7595 to MDX.edgenuity.com. Content updates run on a nightly schedule for the client’s local time starting at 7PM and automatically shutting off at 6AM. We continually strive to maximize content updates using as little bandwidth as possible. To ensure this, three (3) update mode options of CacheAhead, OnDemand, and Monolithic are offered on all single media appliance sites. Customers with multiple appliances and sites may be able to take advantage of the Local Master media update mode. If networking prevents access to port 7595, content updates will utilize port 222 to host MDC.edgenuity.com and MDS.edgenuity.com. MDS Monitoring Solution The monitoring solution is a hardware and software level monitor that allows for smarter updating as well as failure alerts. Monitoring relays encrypted TCP packets containing the monitoring data via port 7595 to MDX.edgenuity.com. This allows the ability to do smart updates while targeting and replacing high risk appliances before issues may begin. The monitor also allows us to perform similar identification with software by monitoring the web server that distributes files to students and pinpoints any potential performance or configuration modifications that may be needed. If networking prevents access to port 7595, monitoring will utilize ports 22*, 80, 443, and 6505* to host MDM.edgenuity.com. System Updates System and software updates are checked nightly via port 7595 to our primary update cluster. This solution is designed to utilize low bandwidth and maintain persistent operating system versioning across all media appliance variants. Even when larger updates are needed they rarely take longer than a few minutes to download and install. Updates are applied with a keep-alive download and patching system allowing for downloads to resume if a connection is dropped and is then re-established. Updates will only be applied after the complete patch has been downloaded and scanned for corruption. If networking prevents access to port 7595 to MDX.edgenuity.com, system and software updates will occur via ports 80 and 443 to host MDM.edgenuity.com. * Port 22 is used as a failover should port 443 be inaccessible. Port 6505 is used as a failover should port 80 be inaccessib le. Proxy and content filters may disrupt communication on all ports. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 9 |P a g e Revised 1/2017 Appliance Installation and Configuration Prior to shipment, Edgenuity requires one (1) static Internal IP number, primary and secondary DNS, gateway, and net mask information. All required routing and white list rules must be implemented. Appliance(s) ship ready to configure, allowing customers to connect to their network and power source. Mini and slim appliances are VESA, 1U rack, and desk mount compatible. Mounting is recommended utilizing the included Kensington slot locks to stabilize and provide additional security to mounted appliances. Rackmount appliances require 1U rack space and ship standard with a universal sliding rail kit which fit most standard racks. Rack appliances ship with front locking bezel; Edgenuity highly recommends customers install and lock any installed media appliance. Additional rail and power options are available (i.e. for PDU) and should be discussed with Media Appliance Support prior to shipment. An online option is available to download a virtual image for Edgenuity VMAs. Upon request a virtual image can be supplied on a returnable, 2.5” USB3-capable portable hard drive after verification of a customer’s virtualization network platform. Appliances utilize port 7595 (TCP) for an appliance VPN connection to MDX.edgenuity.com for all hosts. If your network prevents this port, alternative ports and host IPs have been provided for your reference. Please Note: Locations using web filtering MUST apply the Edgenuity white list for the appliance to perform necessary updates. Middlebury Powerspeak World Language courses and Sophia Dual Credit courses do not require use of a media appliance. Appliance Installation and Configuration Requirements The following is required for configuration of an appliance and can be supplied to Technical Customer Support. Static/Default IP address Verify required port 7595* (TCP) is open for MDX.edgenuity.com to enable the appliance VPN connection. Verify required white list has been applied within your network. Subnet address, Gateway address, and DNS address District or school contact name, contact email address, and School name Upon receiving this information, a confirmation email will be sent to the established contact containing login information. If an email was not received please contact Media Appliance Support at [email protected] . A separate notification will be sent upon shipment of a physical appliance or virtual image (if requested). * If a single connection on port 7595 (TCP) to MDX.edgenuity.com is unavailable, ports 22**, 80, 222, 443, 1935, and 6505** can be opened for outbound traffic. ** Port 22 is a failover should port 443 be inaccessible. Port 6505 is a failover should port 80 be inaccessible. Proxy and content filters may disrupt communication on all ports. Logging into an Appliance In addition to installation of your physical appliance or download of a virtual image (VMAs only), configuration includes logging into the appliance and accessing a management tool. Once logged into the Management Portal the network interface, gateway, and DNS appliance settings can be established. A network cable connected to the device is required to verify configuration of a physical appliance. 1. Enter the username and password into the fields provided to log into the appliance. Click Enter to log into the system. 2. Once authenticated, a management tool interface will display. Enter the username and password into the fields provided to log into the management portal. Outside of initial configuration, an appliance does not require a keyboard, mouse, monitor, or an outside public IP. Appliances are self-updating, requiring no customer maintenance or support when required routing and white list rules are applied. After initial installation and configuration of an appliance the Management Portal can be used to configure and monitor appliances within a network via the Internet. Please refer to Monitoring Appliances Using the Management Portal for more information. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 10 | P a g e Revised 1/2017 Configuring Appliance Network Interface Settings 1. Select Network from the left menu. 2. Click Interfaces to access configuration settings for each network card detected by the system and define the configuration method needed for the appliance. a. Select bond0 for Mini, Slim, and Rackmount appliances. When selecting bond0 an additional dropdown option will appear for Bonding Mode. Verify Balance (alb) displays. b. Select eth0 for Virtual appliances. c. Each interface can be defined as External if connected to an external network, such as the Internet, to apply stricter firewall policies. If not defined as External the interfaces will be considered internal and connected to a local network. d. Please consult Media Appliance Support for questions or changes to this field. 3. Enter Name within the field provided. 4. Select a Method of DHCP or Static as needed for the configuration based on the descriptions below. a. DHCP can be applied for a dynamic configuration. Selecting this method within the interface allows configuration of the IP address, DNS servers, and gateway. DHCP is the default setting for appliances shipped from Edgenuity and will need to be updated if manually configuring an appliance. DHCP is usual for hosts within a local network or external interface connected to infrastructure routers. Click Change to store information and continue to Storing Changes for Appliance Settings. b. Static can be applied if configuring a device manually. Static configurations within the interface will require the IP address and network mask be specified. One or more virtual interfaces can also be associated to this real interface for additional IP addresses. Additional addresses are useful to provide service to more than one IP address or sub-network, facilitate migration from a previous scenario, or utilize a web server with different domains using SSL certificates. Click Change to store information and continue to Configuring an Appliance Gateway. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 11 | P a g e Revised 1/2017 Configuring an Appliance Gateway Please note: Configuring the appliance gateway settings is only necessary if the network interface was applied as Static. If this setting was applied as DHCP please continue to Storing Changes for Appliance Settings. 1. Select Network from the left menu options, click Gateways. 2. Click Add New button within the Gateways Configuration page. a. Enter the Gateway information for the appliance. b. Ensure Enabled and Default checkboxes are selected. Click Add to store the information. c. Proxy values can be added if required for network traffic. 3. Continue to Configuring an Appliance DNS. Configuring an Appliance DNS Please note: Configuring DNS settings is only necessary if the network interface was applied as Static. If this setting was applied as DHCP please continue to Storing Changes for Appliance Settings. 1. Select DNS from the left menu to display additional DNS settings. 2. Click Add New button within the Forwarders section. a. Enter an IP address into the Forwarder field provided. b. Click Add. 3. Continue to Storing Changes for Appliance Settings. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 12 | P a g e Revised 12/2016 Storing Changes for Appliance Settings Changes made within the Management Portal will need to be saved prior to exiting the system for implementation. 1. Click Save Changes (located on the upper right of the screen) to store the settings configured. 2. Click Save if a warning pop-up displays during the Save Changes process. 3. Continue to Verify Appliance Configuration. Verify Appliance Configuration A network cable connected to the device is required to verify configuration of a physical appliance or configuration of a host server for a virtual appliance. 1. On a separate PC or Mac computer test the IP by accessing http://ipaddress/ from a web browser, where “ipaddress” is replaced with the static IP of the appliance, to access the Edgenuity test page. 2. If the appliance is properly configured, a video lecture will play from within the Edgenuity test page. 3. Once the lecture displays from within the test page, configuration is complete. Students will automatically be redirected to the appliance for the media content within coursework. 4. Please contact Edgenuity to apply an update mode for the appliance after verifying the appliance configuration. Overviews for update modes are located within the Single Physical Appliance Update Modes and Multiple Physical Appliances Advanced Updates sections of this guide. Appliance Content Updates Periodic verification of nightly appliance content updates can be performed by accessing http://ipaddress/, where “ipaddress” is replaced with the static IP of the appliance, from a web browser to access the Edgenuity test page. Monitoring Appliances Using the Management Portal The Edgenuity Media Appliance Management Portal can be accessed via the Internet to configure and monitor appliances within a network. Using the Zentyal operating system, the Portal includes a dashboard to display information, as well as firewall and module options to apply to the appliance. Please note: Google Chrome was used to create examples below for logging into the Management Portal. Other browsers may display different terminology. 1. Within a web browser enter https://ipaddress:8443/ where “ipaddress” is replaced with a static IP of the appliance. 2. Click Advanced on the screen that displays. If prompted, click Proceed. 3. Enter the Username and Password into fields provided. Click Enter to proceed into the Management Portal. 4. Use the Dashboard and menu options to navigate and monitor appliances connected to the network. Media Appliance Support If you are unable to verify the appliance configuration or would like additional help for a physical or virtual media appliance, contact Media Appliance Support, [email protected]. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 13 | P a g e Revised 12/2016 Single Physical Appliance Update Modes Three modes are available to perform updates within a physical appliance: CacheAhead, OnDemand, and Monolithic. The modes reviewed below are intended for sites or districts utilizing a single physical appliance. Additional advanced configuration options for customers with multiple sites and/or multiple media appliances are available within the Multiple Physical Appliances Advanced Updates section of this guide. Please contact Media Appliance Support, [email protected], to apply update changes to your appliance. Monolithic Update Mode - Single Physical Appliance What is Monolithic updating? How it works: Monolithic update mode maintains a complete and single monolithic copy of ALL Edgenuity content (all 450 GB of videos). All content, regardless of need, is updated nightly. Bandwidth: Monolithic update mode works best for locations where bandwidth usage is not an immediate concern. Monolithic update mode uses the highest level of bandwidth usage with the shortest load times for media. This mode is not recommended for Edgenuity Virtual Media Appliances. Works best with: CacheAhead Update Mode- Single Physical Appliance What is CacheAhead updating? How it works: CacheAhead update mode caches multiple media files in a single course based on a student request. CacheAhead updating is applied onto all appliances as the default setting. The appliance reviews log nightly, determining which Edgenuity courses were accessed during the day. If a student has accessed media for any given course, the appliance will locate, download, and store the remaining media files for that course automatically. Stored versions of the media files are cached and available the next day for any student. Bandwidth: CacheAhead uses a slightly higher bandwidth-usage over the OnDemand mode, but shorter loading times occur once the course files have been cached for future availability. Works best with: CacheAhead is the best general-purpose option for schools with multiple students accessing the same media. OnDemand Update Mode- Single Physical Appliance What is CacheAhead updating? How it works: OnDemand mode is an option used per media file with cached files. Appliances are not actively downloading or storing any additional files. As content is requested, a media appliance will download and store cached versions of the media file. The stored cache will become available for subsequent requests for future use. Bandwidth: OnDemand mode reduces bandwidth required to serve students who may all need access to the same media; the first time any particular media is needed it must be downloaded from Edgenuity first. While this will use minimal bandwidth usage, slightly longer load times will occur for the first student accessing the media. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. This mode can prevent multiple downloads of same content from different requests / requestors. Works best with: OnDemand update mode offers the best solution for schools where many students are accessing the same media, do not need to view entire courses, and require practically zero bandwidth usage. 14 | P a g e Revised 12/2016 Multiple Physical Appliances Advanced Updates Edgenuity media appliances feature advanced configuration options for customers with multiple sites and multiple media appliances. To optimize network performance and media delivery, review this guide to learn about advanced configuration options. Contact Customer Support if you have any questions or concerns. Local Master Media Update Mode Overview In addition to the standard media appliance update modes of CacheAhead, OnDemand, and Monolithic, customers with multiple appliances within a network may be able to use the Local Master media update mode. Under standard appliance configuration, each individual appliance maintains its own cache of Edgenuity media, and receives updates for that media directly from Edgenuity. Appliances update overnight, however multiple appliances sharing the same internet connection for updates may consume a larger amount of bandwidth. To address this issue, multiple media appliances within the same network can be configured to update using the “Local Master” mode. Edgenuity will be able to apply media updates using the Local Master mode as long as appliances meet the requirements for our Monitoring system. What is Local Master Media Update Mode? Local Master Media updating can be used by customers, with up to three (3) media appliances designated as a Master appliance within their network for content updates. A Master appliance is identified as the primary appliance within the network to receive updates from Edgenuity and share to other appliances within their appliance farm. How it works In this configuration, up to three (3) appliances can be designated to serve as a Master local media repository for appliances to retrieve updates from, rather than downloading updates directly from Edgenuity for each appliance. There is no limit on the amount of appliances within your network receiving updates from any designated Master appliance. Please note: Using this method, the Monolithic update process would be applied for all appliances within the network. Updates for content would be distributed nightly from Edgenuity to the Master appliance, then from the Master appliance to all subsequent “Client” appliances instead of directly from Edgenuity. Should the Master appliance(s) go offline for any reason, Client appliances will default to receiving updates directly from Edgenuity, increasing bandwidth. When to Use Local Master Media Update Mode You may wish to consider this option if your network meets the following requirements: Your Appliances can communicate with one another on port 22 over your internal network; and Your Appliances collectively share a single connection to the Internet; or Your site(s) communicate over a private network and you prefer to use this network rather than your Internet connection for distributing Edgenuity media content. Works Best With The Master / Client update process works best for locations where bandwidth usage is a concern due to multiple appliances being used within the network. Bandwidth The Local Master update process can save bandwidth for customers with multiple appliances. Content updates are downloaded from Edgenuity to the Master appliance only instead of multiple appliances updating independently. For this reason, bandwidth usage would be significantly lower than if multiple appliances within their network are updating each as a separate appliance. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 15 | P a g e Revised 12/2016 Multiple Appliances within a DNS Overview If you have multiple sites and / or multiple media appliances, standard instructions for DNS configuration may not be sufficient to cover your needs. Please review the following scenarios for DNS configuration on larger and more complex networks. Multiple Sites, Single DNS Server* Multiple Sites, Multiple DNS Servers Single Site, Multiple Appliances Multiple Sites, Single DNS Server* If you have multiple sites, each with a dedicated media appliance, and all sites receive DNS resolution from a single DNS server (or multiple DNS servers all at a single location), you will need to choose one of the following options: DNS Round-Robin Host File Configuration Active Directory Sites & Services Options listed above are detailed within the Multiple Appliances, Single DNS Solutions instruction section of this guide. Multiple Sites, Multiple DNS Servers If you have multiple sites where each site has a dedicated DNS server, you can configure each site according to the standard instructions, configuring each DNS server to house appliance.edgenuity.com DNS zone using a blank "A" record configured with the IP address of that site. If your sites are all members of the same Active Directory domain, remember to disable Active Directory Integration when creating these zones on your servers to prevent the zones from replicating to the rest of your DNS servers. Single Site, Multiple Appliances If you have a single site/network and wish to use multiple Edgenuity Media Appliances to share student load, you can configure your internal DNS service using DNS Round-Robin as explained above. This will cause your DNS server to provide DNS resolution in such a way as to distribute the network load across multiple media appliances. A dedicated load balancer appliance can be used between your users and your media appliances, configuring as you would any other load-balanced network resource. However, if you choose to do this we will not be able to assist in set up. Removal of the load balancer will be recommended should problems arise while accessing media. Load balancers should have all caching disabled. * Options listed above are detailed within the Multiple Appliances, Single DNS Solutions instruction, and available upon request. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 16 | P a g e Revised 12/2016 Multiple Appliances, Single DNS Solutions If you have multiple sites, each with a dedicated media appliance, and all sites receive DNS resolution from a single DNS server (or multiple DNS servers all at a single location), you will need to choose one of the following options: DNS Round-Robin Host File Configuration Active Directory Sites & Services DNS Round-Robin You can configure your DNS to serve multiple IP addresses for the hostname applied to your network. 1. To apply a DNS Round-Robin repeat the record creation step in the standard configuration instructions to create multiple blank “A” records in the appliance.edgenuity.com DNS zone, one for each individual appliance. Please note: You will need to ensure “Enable round robin” is selected within the DNS Advanced Settings. 2. Create multiple “Host (A)” records, one for each appliance, as shown: Host File Configuration 1. You will need to be logged in as an administrator with permissions to access and change host files. Windows systems: The host file is located at C:\Windows\System32\Drivers\etc\hosts Linux® and Mac systems: The host file is located at /etc/hosts 2. Using the Host File Configuration manually add a host file entry on each computer to reference the media appliance the computer should use by adding IP address appliance.edgenuity.com, where “ipaddress” is the static IP of the appliance. Active Directory Sites & Services If you are unable or do not wish to enable Round Robin for your DNS, or manually edit host files on each client computer, you will need to ensure that Active Directory Sites & Services (ADSS) has been correctly configured for your network. 1. Each subnet hosting a media appliance should exist as a subnet in ADSS assigned to a site. 2. After applying each subnet add multiple Host (A) records to the appliance.edgenuity.com zone as shown above. 3. Your DNS server should resolve requests for media appliances in a way that routes users to the appliance on their subnet. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 17 | P a g e Revised 12/2016 Appliance Statistics Usage statistics will display helpful information regarding the performance of your media appliance, as well as information about your appliance in the event that you need assistance. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 18 | P a g e Revised 12/2016 Edgenuity System Login and Security Enhanced Passwords Edgenuity has signed the Student Privacy Pledge developed by the Future of Privacy Forum (FPF) and the Software & Information Industry Association (SIIA). The provisions require additional security to protect student data against unauthorized third parties access. Edgenuity has added additional security measures of password encryption. Password encryption converts plain text to unreadable text within Edgenuity preventing the information from being visible within the Student and Educator profile screens. Storing and transmitting encrypted passwords prevents anyone from acquiring passwords and sensitive student data. Password creation for user accounts can be within any format you wish, and are case sensitive. For security reasons, we recommend against creating passwords with predictable patterns such as student ID numbers. Reset features are incorporated into Edgenuity for Educators assisting users in password retrieval. Additional information regarding passwords is available at 2015-04-10-Password Security and New User Grids and 2015-05-07 – Change Student and Educator Password. User-Initiated Password Reset Forgot Your Password Forgot your password is a self-service feature that can be selected within the Edgenuity login screen should a user be unable to log into their account. Users receive a password reset email to the address on file to regain access. Password reset emails will come from ‘[email protected]’. It is recommended to check Junk or Spam folders within your email account if an email is not received shortly. Please note: Edgenuity does not require a user email address; it is recommended all educators update their Edgenuity account to include a current email address for the password retrieval feature. Alternative options are available should students not have an email address associated with their Edgenuity account. Educator-Initiated Password Reset Features Educators with the security permissions can assist student and fellow educator users in regaining access to their Edgenuity account with Change Educator (or Student) Password, Send Password Reset Email, and Get Temporary Password features. Change Educator (or Student) Password Change Educator (or Student) Password allows an educator to enter a new student or educator user password. Send Password Reset Email A password reset email can be sent if the user account has an associated email address. Get Temporary Password Educators can establish a temporary password for users to log in. The user must establish a new password after log in. This feature can be used if you don’t want the person changing the password to know the final password. Please note: When using Get Temporary Password the user’s original password is removed from the account and will no longer work. Impersonate Educators can assist students by logging into the Edgenuity account as the user. Once the account is accessed the educator can view and interact within the system as the user. Impersonation sessions are recorded and logged within Recent Actions similar to other actions that occur within the system. Please note: When using the Impersonate feature, please be aware of the following: • A warning will display for an active session if the student is currently logged into their account. Continuing with Impersonate will log the student off their active session. • Contact your Administrator if using the Impersonate feature on a computer not previously approved. * Password encryption does not affect login credentials managed via API, LTI, LDAP, or SAML integration. Users under those integrations sign in with credentials managed by a school and are not maintained by Edgenuity. Passwords will not be overwritten for users with nightly imports where manual password changes may occur. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 19 | P a g e Revised 12/2016 Edgenuity System Login and Security Secure Station Providing access to the Student and Educator portals via any Internet-connected computer provides maximum flexibility, but can also create network security issues. To resolve this, Edgenuity provides the option of a proprietary program called Student and Educator Secure Station. How Secure Station Works Secure Station provides the ability to secure access, control, and monitor Edgenuity Student and Educator portal environments. Edgenuity School or District Administrator users can allow or deny access to end-users by authenticating specific computer labs or other monitored computer workstations. If access is requested on a workstation not previously authenticated (such as home, a library, media center, or elsewhere), Secure Station can grant or deny entry into the portal. This process creates a Secure Station White List of verified computers previously authenticated and allowed by the District/School Administrator user. In creating a white list, Secure Station obtains and stores unique identifiers regarding the computer(s) attempting to log in, as well as details about the user. Secure Station then uses the white list containing the unique identifiers to authenticate and grant or deny access to the computer attempting to log into the Student and Educator portals. Please Note: Secure Station will not operate within the Chrome browser due to Java-reliant features. To address Java-reliant features within Secure Station for Chrome browser users, Edgenuity offers IP Registry for Secure Student Access. IP Registry provides the ability to secure access, control, and monitor Edgenuity Student and Educator portal environments without use of Java. Students Logging Into a Secure Station Network When students log into on a computer where Secure Station has not previously been authenticated, a java applet will appear within the screen to run Secure Station. Once Secure Station is running, the Edgenuity Security Management System will load the request authentication for the computer being used. Secure Station will then validate the computer workstation, allowing the student to enter into the portal successfully, or denying access to the student based on the authentication process. Educators Logging Into a Secure Station Network As an added security option, Edgenuity has also implemented Educator Secure Station. Identical to the Student Secure Station process, the system restricts access to the Edgenuity Educator site to authenticated locations. With Educator Secure Station enabled, students who may inadvertently obtain an educator’s login and password will be denied access to the site from unauthorized computers. Access from Remote Locations Outside of School In addition to a school’s computer lab, students can access their courses from any computer with a high-speed connection via the Edgenuity ASP model. A high-speed Internet connection can provide full access to all associated instructional videos, course materials, and other activities via the web interface for students accessing the portal outside of school. All results and tracking are posted within the Edgenuity School Administration system, allowing teachers to view progress of any student at any time. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 20 | P a g e Revised 12/2016 Edgenuity System Login and Security IP Registry for Secure Student Access Google Chrome has ended support for Java. Because of this, Edgenuity’s Secure Station feature will no longer function for users accessing the Edgenuity portals via Chrome. Users of other browsers such as Internet Explorer, Firefox, and Safari will not be affected and Secure Station will continue to function. To address this issue for Chrome users, an IP Address Registry feature can be used to ensure students are logging into Edgenuity. This feature allows school administrators to define a registry of IP addresses approved to access the system. Because the new approach will not rely on Java, students accessing Edgenuity from an approved IP address will also be able to access Edgenuity on tablets and Chromebooks. Secure Station will continue to exist in its current form but will not function on the Chrome browser. Edgenuity’s Secure Station for Educators will not be modified at this time, and will continue to function as is in IE, Firefox, and Safari. What Do I Need To Do? If you have Secure Station for Students enabled and if your students use the Chrome browser, you will need to enable the IP Address Registry feature to replace Secure Station. If your students do not use Chrome, or if you don’t currently have Secure Station enabled, you do not need to take any action at this time. However, you may choose to implement the IP Address Registry as it has the additional benefit of regulating Edgenuity access from tablets and other devices that don’t use Java. If you have Secure Station for Educators enabled and if your educators use the Chrome browser, you will need to identify an alternate browser for Educators to use. How Do I Prepare? Once you’ve made the following decisions, you are prepared to enable the IP Address Registry. For each school, decide which Educator account holders will be given the user permissions to create and administer the IP Address Registry and individual student bypasses. Educators who currently have the Manage Virtual Classroom Secure Station and Manage Web Admin Secure Station permissions will automatically get the new Manage Student Access Control and Manage Educator Access Control permissions. For each school, determine the IP addresses (or ranges) of the firewall or edge router that represents the 'gateway' to the Internet. You will enter this IP address or range in the Edgenuity configuration page. Decide whether you want students on non-approved IP addresses to be completely blocked from accessing Edgenuity, or to be allowed access to coursework but not assessments. If you have individual students with permission to do coursework and assessments from home, prepare a list of those students. You will be able to put those student accounts on a bypass list that lets them access Edgenuity from outside the block of registered IP addresses. If you currently have Educators using Chrome and want to enforce Secure Station for Educators, decide which alternate browsers you will support for Educators, and inform Educators of this change. Additional information regarding IP Address Registry is available when logged into the Educator portal. Please contact Customer Support for more information for this feature. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 21 | P a g e Revised 12/2016 Some software products marketed by Edgenuity and its distributors contain proprietary software components of other software vendors. Microsoft, Windows, Internet Explorer, and Hyper-V are trademarks or registered trademarks of Microsoft Corporation in the United States and other countries. Apple, iPad, iPad mini, Mac, Mac OS, Safari, and QuickTime are registered trademarks of Apple Inc. Intel, Celeron, Xeon, and Core are trademarks of Intel Corporation in the U.S. and/or other countries. AMD is a registered trademark of Advanced Micro Devices, Inc. Broadcom is a trademark of Broadcom Corporation and/or its affiliates in the United States, certain other countries, and/or the EU. Firefox is a registered trademark of the Mozilla Foundation. Google, Chrome, Chrome OS, and Chromebooks are trademarks or registered trademarks of Google Inc. Adobe Flash Player and Adobe Acrobat Reader are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. Java is a registered trademark of Oracle and/or its affiliates. Advanced Placement is a trademark registered and/or owned by the College Board, which was not involved in the production of, and does not endorse, this product. SOPHIA is a registered trademark of SOPHIA Learning, LLC. VMware is a registered trademark of VMware, Inc. in the United States and/or various jurisdictions. Citrix is a trademark of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries. Dell is a trademark of Dell Inc. HP is a registered trademark of Hewlett-Packard Development Company, L.P. Acer is a registered trademark of Acer, Inc. in the U.S. and other countries. Samsung is a trademark of Samsung Electronics Co., Ltd. Edgenuity Tech Install Guide © Edgenuity, Inc. All rights reserved. 22 | P a g e Revised 12/2016