Our team is responsible for the design, implementation, and day-to-day management of Oak Ridge Schools Windows based services which include but are not limited to Active Directory, Server Hardware, Server Applications, Operating Systems, and other related Software Applications, Services and Utilities. It is our goal to provide ORS staff with the technology, tools and flexibility they need to enhance student learning and increase productivity.

showcaseSchoolsJefferson Middle School 2016/17

Travis Ferguson
Systems Engineer

Paul Mohr
Systems Administrator

For Staff and Students

Windows 11 has been customized and integrated with ORS systems for use by staff and students.
Below is an overview of some of those customizations:

STEM: All one to one systems have STEM related software available via the Software Center and Application Catalog as optional installations. Some examples of this are:

  • AURODESK REVIT
  • AUTODESK INVENTOR
  • AUTODESK FUSION 360
  • ANACONDA
  • ARDUINO
  • ROBO PRO
  • ROBOT C
  • UNITY
  • Geometers sketchpad
  • And many more!

LANSCHOOL: All one to one systems include LanSchool classroom management software, some key features are listed below:

  • Monitor Students
    Monitor students by using the Thumbnail view to quickly see each student’s screen. You can monitor up to 3,000 students at a time, and dual monitors are supported. The Details View shows columns of information about students. Useful information, such as last application run, as well as last website visited is shown. ScreenFeed rotates through student screens, allowing teachers to monitor student screens from a distance. Other features such as Screen Snapshot, Internet History and Keystroke Monitoring helps maintain a safe environment for all students.
  • Remove Distractions
    Getting the attention of students with technology in their hands is difficult at best. The Blank Screens feature allows teachers to focus students’ attention to the front of the classroom by blanking all student screens. In addition, you can keep your students focused on the task at hand by limiting their access to specific web sites and applications that are running on their computers.
  • Teach
    Teach more effectively by broadcasting the teacher screen to the rest of the class. Show a student screen to the rest of the class as positive reinforcement. Remote control a student’s desktop to help with key concepts. You can easily co-browse the internet, so students go exactly where you do. Make questions fun by randomly choosing a student using LanSchool.
  • Communicate
    The communication features found in LanSchool help teachers more effectively communicate with students within the classroom. Teachers can audio chat, send a message to keep a student on task, chat with an individual or group of students and answer questions quickly with the communication features found in LanSchool.
  • Assess Student Progress
    Use the powerful features of LanSchool to assess student progress, either by asking for quick responses with the voting function, or using Assessment Mode for a test. Assessment mode addressed the PARCC testing requirements to lock down a device during a test, preventing students from leaving the test, or going to unauthorized websites or applications. An audit log lets you know what actions were performed on both the student and proctor machine.
  • Save Time
    Save precious teaching time by using LanSchool to send and collect homework assignments to students. Use the capabilities of LanSchool to power on, logoff, restart and power off machines from the teacher console.
  • Class List
    Class Lists are used to automatically discover and bring in student devices at the start of class. Monitor battery life on student devices so that you are never caught unaware by a low battery.

Preloaded applications and policies allow for a seamless integration with Office365, OneDrive and ORS internal resources. Systems are designed to provide a solid base for additional customizations.

Application Catalog and Software Center
A library of ORS applications available for installation based on user rights assignments. This is made possible through Microsoft System Center Configuration Manager and users do not need administrative privileges to install applications. ORS currently has more than 50 additional applications available for installation on devices.

You might be wondering how the Application Catalog is different from Software Center. The Application Catalog is the user’s gateway to the available applications that they can install while Software Center helps the user track the status of available and required software, and lets users configure various options, such as their business hours to prevent their computer from restarting during their working day.

  • ORS customized applications
    Applications are customized to meet ORS needs. Most applications will install with no user interaction.
  • Granular permissions for deployment
    Ability to make software available based on many types of criteria including class enrollment, grade level or ORS job function.
  • Easy to use – No admin rights required
    Application installation without the need for administrative rights on the local machine.
  • Safe and secure
    Applications delivered via the Software Center / Application Catalog are safe and allows ORS to manage software on systems without the need for users being administrators or downloading applications from the web.

ORS machines are pre-configured to allow for connectivity and ease of use. Some of those customizations are listed below:

Direct Access: Pre-configured for remote access of ORS resources. Users can reach authorized resources any time they have an available internet connection.

Wireless Profile: Pre-configured wireless profile for easy access to ORS wireless networks.

Microsoft Teams: Allows for collaboration and creation of online meetings. Users can share screens and applications as well.

We use a combination of tools to customize and manage ORS machines. Below are some examples of the tools used:

Group Policy: Microsoft Group Policy is heavily utilized to enforce security related settings and configuration items.

EndPoint Manger: Microsoft EndPoint Manager is utilized to manage configuration and compliance.

Web/Content Filtering: iBoss web filtering is applied both on and off ORS networks.

  • Web Filtering for CIPA Compliance
    iBoss protects students from inappropriate Web content to ensure ORS is complying with CIPA rules. The extensive URL database is classified into categories for easy and efficient policy enforcement while iBoss real-time threat defense protects against damaging malware and other exploits. The integrated Threat and Event Console Reporter provides forensic-level compliance reporting and live dashboards for instant visibility across the school network, allowing ORS to mitigate problems before they can cause damage.
  • Advanced Application Management and Safe Social Media
    With more students participating in social media via mobile devices, and thousands of mobile applications, schools need security that can enable learning and protect against inappropriate content. iBoss content-aware application scanning with deep packet inspection (DPI) provides granular control over social media and blocks unwanted applications.
  • Multi-layered Proxy Enforcement Prevents Circumvention
    Students who try to circumvent ORS school’s Web security solution are often assisted by Web proxies designed to enable anonymous browsing. iBoss technology immediately identifies and secures circumvention attempts using a hybrid cloud database.

Drive Encryption:
Microsoft BitLocker Administration and Monitoring (MBAM) is used along with the MBAM client to ensure data is secured.

  • What is it?
    Windows BitLocker Drive Encryption is a security feature that provides better data protection for your computer, by encrypting all data stored on the Windows operating system volume. A Trusted Platform Module (TPM) is a microchip that is built into a computer. It is used to store cryptographic information, such as encryption keys. Information stored on the TPM can be more secure from external software attacks and physical theft. BitLocker uses the TPM to help protect the Windows operating system and user data and helps to ensure that a computer is not tampered with, even if it is left unattended, lost, or stolen.
  • How does it work?
    If the computer is equipped with a compatible TPM, BitLocker uses the TPM to lock the encryption keys that protect the data. As a result, the keys cannot be accessed until the TPM has verified the state of the computer. Encrypting the entire volume protects all of the data, including the operating system itself, the Windows registry, temporary files, and the hibernation file. Because the keys needed to decrypt data remain locked by the TPM, an attacker cannot read the data just by removing your hard disk and installing it in another computer.