Learning Management System School Network Design for Project in Masters
1. Password Policy
Following is a Password Policy developed for our School System:
- The users should not choose simple passwords such as ‘Password’, ‘123456’ or ‘ABCDEF’.
- The users should not use their personal information such as Birthdate, Contact Number, their first or last names in the Password.
- The users should choose the combination of letters, digits, and special characters as their password.
- The password length should be between 8 to 16 characters.
- The users are encouraged to use Random Password Generators to create strong passwords.
- The users should also change their passwords frequently to avoid the unauthorized access of their accounts.
- The existing users should not use their previous or current passwords while changing their passwords.
- The existing users should also follow all the statements mentioned in the Password Policy while changing their passwords.
- The users should not share their passwords with any other users or write them on their computers.
2. Risk Assessment
2.1 Asset Identification
Following are the list of assets owned by the school categorized into different categories:
|Asset Type||Information Assets||Data Classification||Impact to Profitability||Overall Risk Ranking|
|Infrastructure||School department cabin devices (Computers, Printers, Tablets, Cables, Scanners, Smartphones etc.)||Confidential||Low||4|
|School Servers and Data Centres||Highly Confidential||Very High||1|
|Other Network devices and Equipment (Switches, Routers, Cables)||Confidential||Medium||3|
|Other Infrastructure (Buildings, Departments, Cabins, Rooms)||Very Less Confidential||Low||5|
|Informational||Teachers and Student Personal Information||Highly Confidential||High||2|
|Teachers and Students Financial Information||Very Highly Confidential||Very High||1|
|Assessment and Grade Information||Highly Confidential||High||3|
|Backup Files||Highly Confidential||High||2|
|Exam Paper Information||Highly Confidential||High||2|
|School Network Monitoring Information||Confidential||Medium||4|
|Users||Executive Management and Teachers||Confidential||High||3|
|Parents and Visitors||Low Confidential||Low||5|
Legend: Overall Risk Rankings – 1 (Very High-Risk Ranking) and 5 (Low-Risk Ranking)
3. Proof of Concept (PoC) Implementation
School Web Site:
As it is not possible to demonstrate physical structure of the school building, we are going to use AWS public cloud to setup servers and host School Website and Media hosting site.
Here we used Forma LMS for Website setup, we can have our own site in future and hosted on the AWS or physical servers. Also, we used EMBY for media server.
- Connect AWS Console and open EC2 service to create instances
- Choose Ubuntu OS as AMI
- Select t2.micro instance since its just demo school website
- Select subnet and vpc details also define instance count to three as we are going to use two nodes for Website behind load balancer and one for Media hosting
- Keep default storage as we don’t need more at this stage
- Setup security group and allow http/https/ssh ports
- Three instances are ready
- Move to RDS service and setup centralize database for the School website, two of the instances will be connecting to the same database
- Select standard MySQL database
- Choose free tier eligible database and configure database name, username, and password
- Database is ready, now we can see all connection details in the screenshot
Forma Learning Management System (LMS):
- Connect both webservers and for Forma LMS setup
- Update packages
- Install apache for webserver hosting
- Start and enable the service
- Install php dependancy packages for School website
- Connect to the RDS database and create new database for School website, also grant admin permission to the new user
- Now, lets download Forma LMS source
- Extract the zip file
- Update necessary permission so webserver can access the application data
- Update Apache configuration to point to the application path
- Site is ready, let’s open it in a browser and finish one time installation
- System check information
- Accept License terms and conditions
- Configure database details
- Configure admin user and password
- Setting up database and language
- Installation completed, now download the config.pp file and copy it to both webservers
- Login page
- Default home page
- Add new courses and other details
- Admin section
- Here are the URL for individual webserver we setup for the school site, both points to the same RDS database so updating details on one site can immediately reflect in second site, we will later put both sites behind load balancer so it can be accessed with single link.
EMBY MEDIA Server:
- Let’s install Emby Media server on the 3rd AWS Ubuntu OS instance for video hosting
- Login to the server and download the installation package
- Install Emby server rpm and ensure that service is running
- Open Media site in browser with 8096 port and it will point to initial installation page
- Select language
- Create admin user
- Setup media library for School Courses
- Allow remote access to the Emby site
- Accept terms and conditions
- Login page
- Upload videos on the Media server on the directory specified during media library setup
- Empy provides a nice platform to run videos, you can go to any video and look at all the details before, Students can subscribe to videos them selves
- Example of playing one of the videos
- This media server can be used to upload and play recorded videos.