KETS Proxy Implementation Executive Summary

Published: 4/21/2014 2:26 PM
​The intent of the law, regulation and our KETS proxy approach is for a KETS proxy standard product to be at each school so each school will have a complete and timely choice on how to implement the electronic library, filtering and tracking for their individual school. 
​We also want implementation of the proxy software at the school level to maximize the response rates and the reliability of information for the students and teachers in that school who must go through data telco lines (e.g., 56KB, T1) to connect to the district hub Internet services. The intent is for the proxy software to be loaded on a workstation or fileserver within each school to service the students, teachers and administrators. The intent is also to have proxy software loaded on a workstation or fileserver within the district office to service district office staff. To maximize our existing resources across the state, the school proxy, district office proxy and state proxy will be in a KETS configuration (This means proxy running at each school and proxy running at each district office. The district node proxy serves as an upstream proxy to services running at each school and the district node proxy points to the state level proxy array). This allows Kentucky to create its own Intranet. This Kentucky P-12 educational Intranet will speed the response rates and increase reliability for commonly requested information by students, teachers and administrators across our state. With this design, one school requesting Internet information automatically increases the response rates of the other 1399 schools and 176 district offices by 30-70%. We have data from the districts that have already deployed the KETS proxy in a KETS configuration that confirm these estimates. Also, a district not implementing the state standard design will have a large negative impact on the Internet response rates on districts next to them as well as districts around the state.   So we need cooperation from every district to maximize the Kentucky taxpayer's investment in the Internet data lines in Kentucky.
 
However, the school's Technology Acceptable Use Policy (AUP) is the cornerstone of the SB230
strategy.   The AUP describes ways to maximize your technology resources as well as behavior or actions that are to be avoided.   Please look at the guidelines so you can ensure your district meets the requirements of the regulation.   Do not depend on a technical solution to completely solve behavioral problems.  Always keep in mind that any filter can be defeated by any adult or child that has the determination, skill, capability, opportunity and time.  We are trying to put into place temptation reducers that pose a hurdle while also tracking and highlighting Internet movements.  This detailed tracking information may be used for disciplinary purposes when the guidelines and intent of the school AUP are purposely violated.  When an adult or students know that each search they do or site they visit is logged in detail, this is the best temptation reducer for those that may spend time at non-instructional sites (games, shopping, entertainment, chats) or not staying on task.  Keep in mind that there is a difference between a person that bumps into ESPNnet for 30 seconds and the one that stays there for 2 hours.  The proxy logs are to be kept for at least 30 days and are to be periodically inspected by the staff in the school for the school proxy and by the staff in the district office for the district office proxy.
 
The proxy can also be used to help ensure all the district's adults and students are using a KETS product standard for e-mail as required by law versus using HOTMAIL types of e-mail.  MS Exchange can also limit to whom and from whom students can send and receive and gives you the immediate ability to inspect the contents of messages sent or received by students.  This is a very important school safety feature.  CHAT Rooms have one of the highest probabilities of non-instructional or non-productive use by students and adults.  Along with HOTMAIL types of e-mail, non-instructional CHAT room activity is at the top of the list of what parents are concerned about since they don't really know who their child is talking to or pretending to be.  The proxy can also track or limit CHAT rooms in accordance with the school's AUP.  This is also a very important school safety feature.
 
Schools and district offices will also have the choice to implement this Internet management tool in different ways.  The proxy can be set to block absolutely everything except certain sites to which you wish your students to have access.  The proxy can also be set up to block a long list of sites that are either supplied by a the school staff or by a Censorware vendor.  Keep in mind that Censorware products are extremely expensive initially and have high ongoing costs.  A corporation versus the school staff is picking the appropriate Internet content for the school based on the corporation's opinion.  Schools should be responsible for these choices of instructional content versus a company.  Most of the Censorware products do not let the school edit the list and many of the Censorware picked sites are inaccurate.  Given the amount of changes on the Internet hourly with the addition, removal and changing names of web sites an effort to keep up hourly and daily with any list is impossible and for the most part all these Censorware type products can be easily defeated by the average person.  It is the district option to take this path.  However, if you use Censorware products you must get the Censorware version that runs on top of a KETS Standard Proxy for your schools and then run the Censorware software on top of the KETS proxy.
 
However the proxy can also be set up to block only a few sites (based on the review of your logs of popular non-instructional sites) or no sites.  In this case, you can enforce compliance by periodically reviewing the proxy logs and disciplining those adults or students in accordance with your AUP.  If you frequently review the logs and discipline folks early in the process then the word will get out and in the long term it will take much less time.  This is a very successful technique to reduce the temptation for those that may contemplate misusing this resource.  We will be working on finding products that can enhance the school and district office ability to do more sophisticated reporting and analysis of the proxy logs.
 
Also don't forget the other things teachers have been doing for years like frequently walking around the room, picking out the Instructional Web sites ahead of time and book marking them, leading instruction from their workstation and appropriately grouping students.  There is also software available that can randomly bring up anyone's workstation screen at any time.
 
Only two products currently meet the KETS proxy product standards.  The Microsoft proxy product and its required network operating system (i.e. NT Server) is provided at no cost to each of your schools and your district office.  The other choice is the Novell product which can be purchased out of the instructional software line item with EDTECH funds or any other funding source you may have.  If you are using the Novell product, KDE needs to know you have made that choice (see Appendix A) and intend on installing the KETS configuration standard.
 
It will be extremely rare that a non-KETS proxy standard product will be approved.  To this point we have not seen any other proxy product beyond Microsoft and Novell that meets our technical, support, data line maximization, filtering, fire walling, and tracking standards nor one that can be logically justified.  It will also be rare that a waiver requesting or not following all of the KETS proxy configuration standards will be approved.  For example: installing a proxy only in the district office and not in the schools does not meet the intent of the law nor does it maximize the data lines within and outside the district.  However if you are part of the 1% that has a very unique situation (e.g.  two small schools in the same building or connected by fiber on a campus with have a great working relationship that will allow cooperative and timely selection of the content Internet websites) then you have the opportunity to describe and submit a waiver using the criteria and details in Appendix B below.  You will have until June 4th to submit this waiver; otherwise, we will assume you are following the state product and configuration standards.
 
All further KETS offers of assistance funds and Technology Literacy Challenge Funds (TLCF) after 1 July 1999 for the district will be withheld until the district and schools with WAN access complies with the KETS proxy product standards and proxy configuration standards (unless otherwise approved in advance by KDE).  For those districts and schools with WAN access still not in compliance by 1 July 2000, the district's SEEK, KETS Offers of Assistance, and TLCF will be withheld and the district's Internet access will be turned off.
 
For more information on the proxy and the Kentucky's approach you can:
(2)  have a complete overview of SB230 with its other requirements for district the district AUP and e-mail.  Please contact your KETS Regional Engineer if you have any questions.
  
THE DETAILS
 
Appendix A
For the school districts that will be using the Novell proxy product for each school and its
district office.
We realize that the state is providing the Microsoft proxy product and networking operation system (i.e. NT Server) at no charge for each school and district office we have.  However we have chosen to pay for the Novell proxy product and required network operating system components required to make the Novell proxy work with our EDTECH funds, 100% local funds, or other funding sources.  We plan on fully following the KETS configuration standards (Novell proxy at each school, Novell proxy at each district office, proxy services running at the district node location serve as an upstream proxy to the services running local at each school location, district node proxy points to the state level proxy array) in the deployment of this Novell proxy product.
 
Appendix B
Wavier for not using a KETS product standard software and/or not following KETS configuration.
It will be rare that a waiver that requests or not following all the KETS proxy configuration standards will be approved.  For example installing a proxy only the district office and not in your schools does not meet the intent of the law.  However if you are part of the 1% that has a very unique situations e.g. two small schools in the same building or connected by fiber on a campus) then you have the opportunity to describe and submit a waiver using the criteria below and details in Appendix A.  You will have until June 4th to submit this waiver.
 
The intent of the law was to give each school the choice in selecting the Internet electronic web sites they wanted or did not want to make available to their school's electronic library in a very timely manner versus someone else outside that school making those content choices.  Much like the schoolbook committee selecting the books for their school, schools need to be able to quickly add or delete electronic web sites content to their electronic library.  Unless the school is connected by fiber or unshielded twisted pair to the district hub then the school is unable to take advantage of the speed and reliability the proxy gives them to Internet web sites.  Unless you (1) have the school(s) connected by fiber/UTP and (2) can show each school will have tremendous timely input to the web site content they want/don't want available in their school, then the odds of approval are extremely unlikely.  If you still want to submit a waiver please follow the requirements.
Phil Coleman
Office of Knowledge, Information and Data
15 Fountain Place

Frankfort, KY 40601
Phone: 502-564-2020
Fax:  502-564-1519
phil.coleman@education.ky.gov