Lisbon School Department
Nestled down in the lower reaches of Maine sits Lisbon - a small town of 9,000 that serves as a bedroom community for the greater Portland area, including well-known companies like Bath Iron Works and L.L.Bean. With an eight-month wet season and seasonal temperatures ranging from 11°F to 80°F, Lisbon is inhabited by the rugged individualists that define the New England region.
Solution: Router, VPN
Product: pfSense Plus, Netgate 5100, Netgate Global Support
Deployment: Netgate Hardware
Lisbon School Department provides educational needs and IT services to the local community and four school campuses.
- Founded: 1952
- Location: Lisbon Falls, Maine
- Campuses: Lisbon High School, Philip W. Sugg Middle School, Lisbon Community School, and Department Central Office
- Upgrade networking technology used to interconnect four campuses that serve over 1,200 students and faculty
- Make full use of their new 1 Gbps circuits at each site, which was underutilized due to limitations of their old equipment
- With a very limited budget, ensure the new solution could manage potential hardware failures without a completely redundant Layer2 / Layer3 network
- The Netgate 5100 with its six fully-independent and high-performance CPU could maximize their Layer 3 router/firewall bandwidth capabilities between each campus
- Deploy a 5 device solution (4 live, 1 cold spare) to provide the broad connectivity and required reliability
- Netgate Professional Service and three-year TAC Support engagements to help with design, configuration, and deployment—as well as business assurance support down the road
- Campus-wide deployment was quickly executed without a hitch due to a coordinated effort between Lisbon’s IT team and the Netgate Professional Services team
- The entire campus can now make full use of their 1 Gbps secure network with robust site-to-site VPN connectivity
- Their network can now support the demands of all of their remote workers with plenty of room for growth with the upgraded VPN concentrator included in pfSense Plus software
The Lisbon School Department provides for the educational needs of the surrounding community. Four campuses comprise the Department: Lisbon High School (350 students), Philip W. Sugg Middle School (275 students), Lisbon Community School (650 students), and the central office. Campus interconnect with speed and security are essential to the Department’s IT infrastructure.
This is where our story begins. Campus interconnect was in need of an upgrade. Equipped with 1 Gbps circuits at each site—that previously could not be fully tapped due to underperforming firewalls—newer, more robust, terminating equipment was needed. And, as with all municipal school districts, capital funding was tight and support resource bandwidth was thin.
James Churchill, the School Department’s Technology Systems Director went on the hunt. A linux-based solution had been in-use since 2002, so any solution would need to support existing needs including routing through iptables, while adding VPN connectivity from building to building, a single firewall at each location (with the ability to authenticate users at the firewall), remote access for as many as ten concurrent remote users per building, and the ability to scale up for an annual two-day October conference that draws a slew of vendors.
Churchill did what we hear so often, he asked others. Super busy, he opted to speed his solution search by checking in with fellow IT compatriots (in this case the Association of Computer Technology Educators of Maine, ACTEM) for recommendations. A number of school departments were using pfSense® Plus software running on Netgate® appliances for their firewalls.
He reached out to Netgate, and our collaborative discovery process of finding the best product fit began. Together, we determined a Netgate 5100 would be the perfect fit for each location. With up to six fully-independent 1 Gbps Ethernet connections, the 5100 provides a 1 Gbps Layer 3 router/firewall at a bargain price. Additionally, its Intel®1 Atom C3558 2.2 GHz CPU with QuickAssist, AES-NI, and SHA instructions (which helps in OpenSSL and OpenVPN) provides all the horsepower needed to support high-bandwidth encrypted traffic processing between each campus.
Two more needs were discussed. Here in Maine, we know how things can fail—no matter how robust the product. Having a school go offline due to a hardware failure is no one’s dream day—but it also doesn’t financially justify a fully redundant Layer2 / Layer3 network. So, we jointly decided on a five device solution - four live, and a fifth as a cold spare. Rather than have the spare sit in a closet, it would be fired up in a school lab where students could use pfSense software themselves to learn all about networking.
The last solution consideration was that installation and configuration needed to be fast, transparent, and error-free. While pfSense Plus software and Netgate appliances are respected worldwide for their robustness, ease of use, and reliability—Lisbon School Department needed assurance that a cutover would go off without a hitch. The details always matter, and in this case, they included base configuration of pfSense Plus firewalls in four locations, migration of iptables configurations, firewall rule configuration, DHCP configuration migration to pfSense, site-to-site VPNs reformed from OpenVPN to IPsec, OpenVPN remote access configuration, lab modeling, testing, and deployment.
Churchill quickly recognized the need for professional services to help with network design, configuration, and deployment. He added three years of TAC support for business assurance support down the road. While he has the tech chops, his time is valuable, and Netgate engineers do this every day—faster and more cost-effectively than almost any customer can for themselves. The decision was even easier to make once he looked at the stellar customer satisfaction ratings of Netgate Global Support.
With deployment now complete, Lisbon School Department is set to sail into the future with a pristine, powerful, gigabit per second, secure network—as well as robust remote user connectivity—which should serve it well for years to come. As a bonus, inquisitive students get to learn networking with the real thing. Best of all? This was all done at a fraction of the cost of what legacy big-brand vendors would have charged.
Learn more about
pfSense Plus Software, Netgate 5100, Netgate Global Support, Router, VPN
Netgate Global Support has you covered.
The Netgate Technical Assistance Center (TAC) is a 24x7x365 operation with a worldwide team of support engineers unparalleled at diagnosing and resolving issues - and fast. From branch office to headquarters, premises to cloud, we’ve got you covered.