|
Computer system managers, network administrators, and all IT specialists at Penn State now have an internal training resource at their fingertips through Teaching and Learning with Technology's new laptop computer lab. Offered as part of the IT Professional training program within ITS Training Services, the laptop lab provides Penn State's IT professionals with the opportunity to learn administration-level skills in a hands-on environment without resorting to an external vendor.
According to ITS Training Services training specialists Ken Layng and Jay Hoff, the ultimate goal is to offer hands-on training on topics that are relevant to IT professionals at Penn State but which cannot be taught in the traditional Penn State lab environment, such as firewalls, Linux, networking, and security. The trick is to overcome some hurdles that occur in the traditional lab when teaching certain topics. In order to ensure a secure training environment for the topics in question, the lab computers would have to be isolated from (not connected to) the Internet or the Penn State backbone.
Layng said, "In order to teach people how to patch a computer, you have to start with an unpatched computer. If that unpatched computer is connected to the Internet, it could easily be compromised, and once one computer on the Penn State network is compromised, it puts the whole Penn State network in danger."
The solution, according to Layng and Hoff, is the IT Pro laptop lab—a mobile cart stocked with twenty laptop computers which, when in the cart, are connected by wire to two domain controllers (servers) with a built-in RAID (Redundant Array of Independent Disks) back-up system and a firewall for extra protection.
"The servers access the Internet through the firewall to get updates," said Hoff. "Then as soon as the laptops are connected by wire, the servers send out their updates." In this way, the laptops receive necessary updates without connecting directly to the Internet, thereby avoiding potential compromise through viruses or other destructive malware that reaches most computers through the World Wide Web.
Installed on each laptop is an application called VMware, which runs on either a Linux or Windows host operating system. VMware provides an environment in which another operating system, known as the guest operating system or the virtual machine (VM), can run simultaneously and independent of the host operating system. For example, through VMware, a computer running Windows XP can launch and run Linux. It can even run two or three operating systems at once, according to Hoff.
"We can do wireless networking between laptops and/or locally, within the virtual machines (VM) on the same laptop. The laptops have enough memory so that we can have a Server 2003 VM running and a Windows XP VM running," said Jay. "Those two can network with each other within the laptop—so each student can have two or three machines on their own laptops."
"The other nice thing," added Layng, "is that the virtual machines networked between laptops are not actually connected to the Internet." This allows Layng and Hoff to teach those topics that require network connectivity, such as Network Administration, while still ensuring a secure environment for the training. "The laptops are also prevented from accessing any Penn State networks," said Hoff, so participants do not log in with Penn State Access Accounts."
Once the VM is set up for a particular class, it can be saved as the entire operating system environment. An added convenience, according to Layng, is the ability to create "save points" at logical stopping points in the course material. This provides some customization whereby participants can enter into the course material at the appropriate point for their levels of expertise. It also makes it easier to respond to certain problems that may occur during a class. "If a participant crashes something, they can revert to the previous save point—within 30 seconds they're right back up and running," said Hoff.
The instructor creates a new virtual machine (operating system) on a laptop, which is then copied to the server in preparation for mass deployment. A series of scripts then copy the VM back to all the laptops.
One major benefit is the ability to set up the class once, and run it with very little effort in the future. "Essentially, the whole process is scripted, so that even if we run the same class four times, we just run the script to copy the original VM (created once) for that class back to the active folders on the laptops," said Hoff."Because it doesn't take as much time to set up the environment now, it has freed up more time for course development and customization, as well as developing professionally," said Layng.
Results so far have been extremely positive, according to both Hoff and Layng, who have trained over 100 people on Microsoft Server 2003, Linux, and Microsoft XP since implementation of the lab in February 2006. "By and large there was so much planning up front that it has come off really well," said Layng.
According to both Layng and Hoff, the laptop lab has established an environment that is conducive to developing training as well as providing the training. "The creation of the lab and the problem solving that has gone into it has been a fantastic learning experience," Layng added, "even as far as policies and working with the firewall. It's been a really good way to put in the practice needed to teach these concepts."
Future directions of the laptop lab include expansion of topics, mobility, and resource sharing. Layng eventually would like to share virtual machines between Penn State departments, campuses, and even other universities to save development time and make the most of existing training. "One of the most time-consuming things we do is course development," said Layng, "so resource sharing would help free up some of our time for teaching."
In addition to sharing previously created VMs to train on the topics mentioned, Layng hopes to share the concepts of using VMware, so that other campuses, universities, and groups may employ the model for their own training development.
According to Hoff, future course topics will be based on demand and feedback. Several topics for the upcoming year include Linux, firewall, and Penn State's wireless technology.
Additional benefits of offering these courses internally include the ability to tailor the courses to the Penn State environment as well as lower costs, as compared to similar sessions provided by external vendors. "The Penn State community will not have to outsource to external training on all subjects," said Hoff. "The lab will not alleviate all the high-end training needs," he mentioned, "but it will benefit the beginning to intermediate skill sets and provide more of a flexible, targeted training."
Newly developed courses are announced via the IT Pro e-mail distribution list. Instructions for joining that list are available on the ITS Training Services Web site at http://its.psu.edu/training/itpro/. For more information about this program, or to inquire about a topic of interest, e-mail it-pro@psu.edu.
