We would like to give everyone brief overview of how we filter internet content for the Chicopee Public School district.  I think it will be beneficial for everyone to have a general understanding of the process, the limitations of it, and our intentions.

We operate our district’s firewall from our main office, which all internet access is run through.  The purposes of that firewall is to block unauthorized access to our network, prohibit or allow outward communication, and also filter internet content.  We are going to focus on the content filtering aspect of our firewall.

These filtering categories help us stay compliant with the Children’s Internet Protection Act (CIPA) which allows us to get government funding through the FCC’s E-rate program.  The E-rate program allows us access to telecommunication services, internet access, and other network devices the city normally couldn’t afford.

While our network has grown over the last couple of years with Chromebooks, iPads, and other mobile devices, we are still a Windows based network.  All of our servers run Windows, most if not all teachers should have a Windows based desktop or laptop computer.  Everyone in the district has a Windows network account; which they use to log into these desktops and laptops.  Our firewall has the ability to integrate with our Windows directory of network accounts.  We configured several servers that parse every network login, so when a student or teacher logs into a Windows desktop or laptop, our servers take note of who has logged into that computer and relays the information to our firewall.  If someone is using a Chromebook, iPad, phone, or a personal device not issued by the district our Firewall has no way to identify who the user is.

The firewall will take that login information and put them into groups, they are sorted by students, teachers, and SRO officers (if the firewall can’t identify the user they will be considered a member of the student group).  First each of these groups is filtered by their own individual set of 64 categories, which are determined by the manufacturer of the firewall (these range from social networking, travel, multimedia, religion, news, games, alcohol, weapons, etc.).  When a user tries to access a website, the firewall checks the category of the website, cross checks it with that user’s list of allowed and denied categories, and either gives them access to the website or denies them access.  For each of these groups (students, teachers, SRO officers) we can then add a whitelist (websites we allow even if they are in a denied category) and a blacklist (websites we prohibit even if they are in an allowed category).  We cannot block or allow a portion of a website, or an individual video, we can only allow or block the entire domain.  

All individual teacher logins, including the elementary school logins, have access to YouTube.  We understand YouTube hosts some truly informative and captivating videos, however it also hosts violent, pornographic, and racist videos.  We don’t have any control over what videos on YouTube can be accessed, we only control whether YouTube (in its entirety) can be accessed or not.  Without being able to control that access we don’t feel it’s safe to open up all of YouTube for student access.  YouTube access also uses the largest chunk of our internet bandwidth.  The average music video on YouTube can use up to 80MB of bandwidth.  That’s just one connection, we have 15 buildings in the district each with hundreds, the larger buildings with thousands of connections each day.  If YouTube access was granted to all students the amount of bandwidth used would be staggering.  The entire district shares one pool of bandwidth, it is our job to make sure that this bandwidth is available for high priority necessities, such as NWEA testing, MCAS testing, WIDA testing, Lexia testing, Edgenuity, library catalogs, email communication, Munis access; the list of online activities and testing can go on indefinitely.

If a teacher is having a problem accessing YouTube from a Windows computer please have them log off the computer, and log back in.  This will reinitialize the login process where the firewall will sort the logged in user to the correct group (students, teachers, and SRO officers).  If there are problems after that please contact our office so we can check the teacher’s network account, as well as the computer they are using.

Teachers can use their YouTube access to find appropriate videos for their classroom and show them on their projectors, interactive boards, or TVs.  They can also use a YouTube downloader (such as http://www.videograbby.com/) to save a YouTube video to their computer.  They can host that video in their Google drive and add it to a Google classroom so that students can access it from any device at school or at home.

Our commitment is to help facilitate the education process for the school district as a whole.  We are in a digital age where technology is a vital part of educational process.  We strive to help bring technology into the classroom and do our best to maintain the functionality of our the technology in our district.  Please feel free to contact our department with any comments or concerns.

Mike Barrett

Telecommunication Technician