1.0 Intelligent Campus Network Solution
2.0 IDC Data Center Network Solution
3.0 Enterprise Cloud Solutions
4.0 Overall Information Security Solution
- 4.1 Exit Security Application Solutions
- 4.2 Branch and Mobile Internet Application Solutions
- 4.3 Data Center Security Solutions
- 4.4 Level Protection Comprehensive Solution
- 4.5 Disaster Recovery and Backup Integrated Solution
- 4.0 Overall Information Security Solution
- 4.6 CDP Local Disaster Recovery Solution
- 4.7 Dual-System Disaster Recovery Shared Storage Hot Standby Solution
- 4.8 Mirrored Hot Standby Solution for Dual-machine Disaster Recovery
- 4.9 Desktop Access Scheme
- 4.10 Anti-disclosure security management system for electronic documents
- 4.11 Email Security Overall Solution
5.0 Smart Wireless Total Solution
- 5.1 Cloud wireless solution
- 5.2 Application authentication access solution
- 5.0 Smart Wireless Total Solution
- 5.3 Smart Business Circle Solution
- 5.4 Wireless bridging solution
- 5.5 Elevator Wireless Coverage Solution
- 5.6 Hotel wireless coverage solution
- 5.7 Smart Campus Wireless Solution
- 5.8 Hospital Wireless Solution
- 5.9 Wireless retail solutions for malls
6.0 HD Video Conference Solution
7.0 IDC Computer Room Construction Solution
8.0 Intelligent Weak Current Solution
9.0 Intelligent Building Solution
10.0 Intelligent Management Center Overall Solution
1 Solution overview
With the rapid development of information technology, the demand for teaching has become more and more diversified. The traditional teaching method obviously cannot meet the current requirements for teaching development. At the same time, a series of problems in the teaching process have also seriously affected the quality and progress of teaching. . Teachers from national authorities to deep-cultivating three-foot podiums are deeply aware that education must be informatized in order to continue to meet the ever-changing teaching needs. Among them, the informatization of education methods is the most basic and most important. portion. And how to use advanced information technology to create a favorable environment for educational innovation is a new and challenging subject facing educators.
——H3C 云学堂。 Based on the most advanced cloud computing technology, H3C has designed a new generation of computer classroom construction plan, H3C Cloud School , in combination with the practical difficulties of the majority of universities . Deploy cloud host resource pools as needed, start virtual machines and deliver to cloud terminals through the network, and students can experience a vivid cloud school environment. Cloud Academy combines cloud computing technology with educational scenes closely, can create colorful teaching templates according to the curriculum, and provides comprehensive teaching management functions, reflecting the core value of "multiple, fast, good, and provincial", bringing teaching to the cloud era.
H3C has carried out in-depth field investigations on tens of thousands of general education, vocational education, and higher education institutions in China. In response to problems existing in traditional computer room teaching methods and combining the characteristics of cloud computing, it has launched cloud school solutions.
The overall goal of this solution is to use the most advanced cloud computing technology to build a cloud teaching room. PC ，向学生交付上课需要的教学桌面，并通过云学堂管理平台对云主机进行管理，使用云学堂多媒体教学管理软件丰富的教学功能高效的完成教学，从而提供丰富的教学场景支持，提高教学质量和教学体验，降低运维难度，在达到信息化目标的同时，节能环保，打造绿色的云校园。 By deploying high-performance cloud school hosts and cloud school terminals in classrooms, replacing traditional PCs with virtual desktops , delivering teaching desktops required by students to classes, and managing cloud hosts through the cloud school management platform, using cloud school multimedia teaching management software to enrich The teaching function of the system efficiently completes the teaching, thereby providing rich teaching scene support, improving the teaching quality and teaching experience, reducing the difficulty of operation and maintenance, while achieving the informationization goals, saving energy and protecting the environment, and creating a green cloud campus.
Specific construction contents include:
CAS 虚拟化软件和云学堂管理端软件； Deploy cloud school host in data center computer room or classroom, install CAS virtualization software and cloud school management terminal software;
PC 上安装云学堂学生端软件，将其改造成云终端； Install the cloud school student software on the thin terminal or old PC and transform it into a cloud terminal;
Install Cloud School Teacher software on the teacher's computer;
2 User needs analysis
By investigating the actual scenarios of multiple colleges, we have summarized a series of problems faced by traditional teaching computer rooms.
With the continuous expansion of the school scale, the number of students continues to increase, and the teaching resources are gradually tight, so all universities are increasing the purchase of computers and the deployment of teaching computer rooms. At present, a lot of teaching work is carried out in the computer room, and the teaching computer room is also the main place for students to check information and complete homework in the spare time. Therefore, the management and response speed of the computer room will directly determine whether the teaching work can be carried out smoothly. However, the management of the teaching computer room is difficult, the software and hardware are updated quickly, the maintenance is complex, and the system stability is poor, which brings challenges to the managers of the teaching computer room.
60 台 PC 供学生进行上机操作，为防止学生操作导致的数据丢失和系统损坏，学校不得不在每台 PC 中安装还原卡，确保每次重启 PC 时，系统还原到初始状态。 Taking a middle school as an example, the school deployed 60 PCs in each computer classroom for students to operate on the computer. In order to prevent data loss and system damage caused by student operations, the school had to install a recovery card in each PC to ensure that each When you restart your PC twice , the system returns to its original state. PC 越用越少的困境，初期还得多采购一批备件，导致初始成本升高。 The recovery card is tedious to set up, has a high failure rate, and has strict requirements on hardware. In order not to fall into the predicament of using less and less PC , a lot of spare parts are purchased in the initial stage, which causes the initial cost to increase. In addition, the recovery card is easy to be cracked by students, the system is still often damaged, and the administrator must reinstall the system to solve it. At the same time, due to the need for teaching, a large amount of teaching software is often installed, the system is poorly compatible, excessively bloated, becoming more and more stuck, and frequent problems. These situations will not only affect the teaching quality and teaching efficiency, reduce the class experience, but also greatly increase the workload of the administrator.
The school also takes level examinations at least twice a year. PC 重装系统，准备考试需要的环境，考试结束后又要装一次系统，将 PC 恢复成教学需要的环境，工作量极大。 Before each test, the administrator must reinstall the system for all PCs and prepare the environment required for the test. After the test, the system must be installed again to restore the PC to the environment required for teaching. The workload is huge.
Although the school has made energy-saving solutions for the teaching room, such as power outages on time, student shutdown inspections, and teacher inspections. PC 是机房的用电大户。 However, the power consumption of the computer room is still a major problem that plagues schools. Among them, a large number of PCs are the major power users in the computer room.
The construction of teaching computer room often needs to achieve the following goals:
教学系统稳健性要得到进一步加强，在学生上机操作时对课件进行处理的时候，数据、系统的安全性会受到来个人自误操作及外部网络的各种威胁，为了防止人为或病毒的攻击，解决方案需要提供一套安全保护措施，充分保证操作系统和数据应用系统的安全，同时要实现在多教室同时授课情况下，对数据和系统的安全性和可靠性的保障措施，灾难应对及恢复策略。 Ensuring teaching continuity and data security: The robustness of the teaching system must be further strengthened. When students process the courseware while the computer is operating, the data and system security will be subject to personal misoperations and various external networks. Threats, in order to prevent human or virus attacks, the solution needs to provide a set of security protection measures to fully guarantee the security of the operating system and data application systems. At the same time, in the case of simultaneous teaching in multiple classrooms, the security of data and systems and Reliable safeguards, disaster response and recovery strategies.
在建设新机房的同时尽可能减少对学校现有网络环境和电路作修改。 Minimize changes to the existing environment: Minimize changes to the school's existing network environment and circuits while building new computer rooms. It is best to use the original old computer room for direct reconstruction, or to directly upgrade from ordinary classrooms without the need to deploy strong electricity when building a new computer room.
Ensure the compatibility of teaching application systems and peripheral equipment 保证系统在 3-5 年时间内兼容现有教学应用系统，并能够随时支持新的教学场景切换。 : Ensure that the system is compatible with existing teaching application systems within 3-5 years, and can support new teaching scene switching at any time.
To achieve the most efficient centralized management of teaching application systems, fully consider reasonable operation and maintenance costs and less difficulty in operation and maintenance services, and minimize comprehensive maintenance costs. Taking into account various software applications and hardware equipment in different periods, these systems are transformed at a lower cost. Take into account the compatibility with various existing teaching management systems and identity authentication systems. PC ，云终端等。 Take into account different terminal devices, including PCs , cloud terminals, etc. USB 设备，并口设备，串口设备等。 Take into account a variety of external devices, such as USB devices, parallel devices, serial devices, etc.
3 Overall architecture
H3C 云学堂管理端、教师端和学生端。 The core components of the cloud school solution are the H3C cloud school management, teacher and student. The administrator makes course templates for different courses on the management side. “ 上课 ” ，即可在云主机中生成几十个虚拟桌面并推送到学生端；点击 “ 下课 ” 即可终止课程，删除所有虚拟机，回收资源。 Teachers perform simple operations on the teacher's program: Select the required courses and click " Lesson " to generate dozens of virtual desktops in the cloud host and push them to the students; click " Leave " to terminate the course and delete all virtual machines Recycling resources. Web 图形化管理界面查看，一目了然。 The operation records and running status of the cloud host can be viewed through the web graphical management interface, which is clear at a glance. PC 完全相同。 After the student's cloud terminal is powered on, it automatically connects to the cloud host to obtain a virtual desktop. The operation method is exactly the same as that of a traditional PC .
For different usage scenarios, note the following:
→ 按课程要求在虚拟机中安装标准化操作系统 → 安装课程需要的教学应用和多媒体教学管理组件 → 将虚拟机转换成模板并按课程命名。 Classroom as a unit to make mirroring order by course: Create virtual machines according to the courses in the curriculum → Install standardized operating systems in virtual machines according to the course requirements → Install the teaching applications and multimedia teaching management components required by the courses → Convert virtual machines into templates And named after the course. If different courses use the same or similar teaching applications, you can consider merging the applications in the same course template and commenting the template name. This can reduce storage space consumption and reduce waste of resources.
Application compatibility. To avoid compatibility problems in course applications, pay attention to the tuning of environment variables and parameter configuration when installing applications in the virtual machine to ensure that all applications are used normally.
Peripheral compatibility. Considering that different courses may have detailed external requirements, you need to turn on the peripheral redirection function in the cloud host, connect the peripherals to the cloud terminal, verify that the device can identify and install the device driver in the virtual machine, and test the basic functions. , And then make the virtual machine into a course template.
Because the virtual machine installed with different applications consumes different amounts of cloud host system resources, it is recommended to make a solution based on the maximum resource consumption and select the cloud school host type on the premise of meeting user requirements. In the following, we will analyze the current important use cases and propose recommended and alternative solutions.
3.1 Classroom deployment
Classroom deployment is the independent deployment of a cloud host in each teaching room. Its characteristics are:
Sufficient bandwidth for best display effect without occupying campus network bandwidth
No problem in the classroom, easy positioning and less impact
Management is divided into actual classrooms at a glance
No need to transform existing network architecture
Data center deployment
Centrally deployed in the data center or equipment room and delivering remote desktops through the campus network, the most prominent features are:
The cloud host does not need to be placed in the classroom, saving space, avoiding noise, and reducing air conditioning pressure
The overall environment of the data center is better, the server is aging slowly, and the failure rate is relatively low
Data center is relatively closed, property is safe and protected from damage
Single point of maintenance, administrators can complete all operations in the data center
The network needs to be planned accordingly
For this scenario, because all terminals use the campus network to connect to the data center, there are certain requirements for core switches. You need to configure the LAN environment separately for the cloud school environment, and configure a dedicated switch to connect the cloud host in the data center and the cloud terminal in the teaching room. Although the data center deployment looks a little more complicated, considering other factors, if the school conditions permit, it is recommended to deploy in the data center, which is convenient for management and maintenance, and the server performance is easier to maximize.
4 Scheme details
4.1 Cloud hosting design
H3C 自主研发的高性能服务器，配备了性能卓越的处理器、高速固态存储、高速内存，搭载业界领先的 CAS 虚拟化平台和云学堂软件，软硬件全融合，一体化交付。 The cloud host uses a high-performance server independently developed by H3C . It is equipped with a high-performance processor, high-speed solid-state storage, and high-speed memory. It is equipped with the industry-leading CAS virtualization platform and cloud school software. The software and hardware are fully integrated and integrated for delivery.
32 位 Windows7 操作系统，每桌面配置 2G 内存，可以满足日常教学需求。 The virtual desktop operating system uses a 32 -bit Windows 7 operating system, and each desktop is configured with 2G memory, which can meet the daily teaching needs. IO 瓶颈导致的启动风暴问题。 Linked clone technology is used to generate virtual machines in batches, and the generated differential data is stored in high-speed solid-state drives to solve the startup storm caused by IO bottlenecks. A new virtual machine is generated every class to ensure the security and stability of the system. All virtual machines will be automatically deleted at each class. Any changes made by students will be discarded. Personal data or assignments that need to be saved can be submitted. To the work space. The homework space is actually a shared disk automatically mounted by the virtual desktop, divided into teacher space and student space. Teacher space is visible to teachers and all students, and student space is visible only to students and teachers. Teachers can upload courseware and assignments to the teacher space for students to download. Students can submit completed assignments to the assignment space for teachers to extract. SATA 硬盘中，容量可根据用户实际需求配置。 Install the teaching application required for the course on the course template, and store the completed course template in the large-capacity SATA hard disk of the cloud host . The capacity can be configured according to the actual needs of the user.
4.2 Network topology design
Based on the foregoing requirements analysis, design principles, and overall architecture requirements, the network topology diagram is as follows:
H3C 自主研发的哈雷桌面传输协议，每个终端只需要极少的带宽即可流畅工作，因此只需要在接入交换机上分配 1 个 GE 口作为教室网络出口即可满足网络需求。 The Harley desktop transmission protocol independently developed by H3C is adopted between the cloud host and the student machine . Each terminal requires very little bandwidth to work smoothly, so only one GE port on the access switch needs to be allocated as the classroom network exit Meet network needs.
4.3 Desktop Transmission Protocol Design
H3C Cloud Academy uses the self-developed Harley Desktop transmission protocol, which has high transmission efficiency and low bandwidth occupation, providing better performance and better experience. In addition to containing multiple virtual control channels, this protocol can be controlled individually, providing the greatest degree of control freedom.
Key advantages include:
Data encrypted transmission
2D 图形渲染 Speed up 2D graphics rendering
Intelligent graphics compression, automatic adjustment of picture quality based on network bandwidth
Video redirection, allowing playback of HD videos
Peripheral redirection allows more external devices to be used
Computational redirection, allowing the use of the computing power of the terminal to run overloaded applications and offload the computing pressure of cloud hosts
Internet Internet control, allowing control over whether students can connect to the Internet
Local system control, allowing control of whether students can log in to the terminal locally, and can continue classes when the server fails
The H3C cloud school solution isolates students' direct access to the local system. Through virtualization technology, all data is stored in the cloud, which greatly improves the overall security of the system. Accounts are hierarchically managed and decentralized by role. IT 水平有限，只有管理员可以登录管理平台进行虚拟机级的操作，这样可以避免教师误操作对系统产生负面影响。 In view of the limited IT level of some teachers , only administrators can log in to the management platform for virtual machine-level operations, which can prevent teachers' misoperations from adversely affecting the system. +MAC 地址绑定的认证方式登录教师端。 The teacher logs in to the teacher through the authentication method of account + MAC address binding. When users access virtual desktops, they use the industry-leading Harley desktop transfer protocol to interact. The protocol only transfers a small amount of information such as desktop image changes and mouse movements, keyboard input, and it automatically encrypts the transmission. Business data does not land in the cloud, avoiding the possibility of data leakage. Provide centralized and refined policies to control authorized access of users, and decide whether to allow users to access based on the attributes of users, network location, terminal environment, applications, cloud hosts, etc.
4.5 Cloud terminal design
PC 。 It is recommended to use a thin client instead of a traditional PC . X86 处理器、高速内存和高速固态硬盘，提升操作体验；能耗极低，绿色环保；具有硬件成本低、能耗低、用途广、生命周期长等特点。 The thin client is exquisite in appearance, small in size, and simple in connection, which can ensure that the computer room environment is clean and tidy; the interface is rich, which can meet all peripheral needs in the teaching process; it is equipped with a high-performance X86 processor, high-speed memory and high-speed solid-state hard disk to improve the operating experience ; Extremely low energy consumption and environmental protection; It has the characteristics of low hardware cost, low energy consumption, wide use, long life cycle and so on. PC 进行利旧，只需安装云学堂学生端软件即可。 It also supports the use of existing PCs . You only need to install Yun Xue Tang student software. PC 也可以胜任。 Because the calculations are performed in the cloud, the processing capabilities of the terminal are not high. Even old PCs that have been used for four or five years can be qualified. After installing the cloud school student software, the terminal will automatically connect to the virtual desktop after startup. Unless the teacher controls, the local system is not visible to the students. PC 上一样使用这些外接设备，例如标准 USB 设备、串并口设备等。 The solution also allows users to connect peripherals to the cloud terminal, without the need to install additional drivers, these external devices can be used like traditional PCs , such as standard USB devices, serial and parallel port devices, and so on. USB 存储设备。 This feature allows students to use any USB storage device in the same way as traditional methods . If schools have concerns about this feature, they can also turn off peripheral redirection.
4.6 Template management design
The program provides standardized course templates, and administrators can create personalized course templates based on the software required for teaching on this standard template. Any changes need only be made on the template, and students will get the latest teaching desktop. Through the flexible use of this function, it is possible to transfer high-quality teaching resources between regions, which greatly balances the resource differences between regions and improves the overall teaching level of the region.
5.1 Management side introduction
The picture shows the management side of Cloud Academy. The management terminal has a beautiful, friendly and concise interface, and the simple operation can cover extremely rich management functions. Web 随时随地登录管理平台，进行云主机资源监控、课程模板管理与制作、账号管理、虚拟机管理、云终端管理等工作。 Administrators can log in to the management platform anytime and anywhere through the Web to perform cloud host resource monitoring, course template management and production, account management, virtual machine management, cloud terminal management, and other tasks.
5.2 Teacher's Introduction
As shown in the figure is the Yun Xuetang teacher's end. Teachers can use the teacher account to log in to the teacher. H3C conducted a detailed analysis of actual teaching scenarios and operating habits, and designed a concise and easy-to-use interface and functions. “ 上课 ” 按钮，虚拟机就会在 2 分钟内启动完毕，并交付给学生。 In class, the teacher first starts all student terminals through remote boot, selects the required course in the course list, and clicks the " lecture " button. The virtual machine will be started in 2 minutes and delivered to the students. “ 启动教学软件 ” 按钮打开多媒体教学管理组件，使用丰富的教学功能。 During the class, teachers can click the " Start Teaching Software " button to open the multimedia teaching management component and use rich teaching functions. “ 下课 ” 按钮，所有资源会被云主机回收，然后通过远程关机关闭所有学生终端。 At the end of the lesson, the teacher clicks the " Lesson " button, all resources will be recovered by the cloud host, and then all student terminals are closed by remote shutdown. “ 更多 ” 菜单唤出更丰富细致的管理功能。 At the same time, teachers can call up richer and more detailed management functions through the " More " menu.
5.3 Student introduction
The picture shows the student side of Yunxuetang. Before the teacher starts classes, students can freely choose the courses in the course list to learn. When the teacher starts the class, the student will automatically switch to the course selected by the teacher. When the student system fails, the student can initiate a request, and the student teacher controls the student system to return to the original state. In just ten seconds, the requesting student can get a brand new teaching desktop and continue the class without affecting Other students. After the student's network is disconnected and reconnected or the system is restarted, it will automatically connect to the teaching desktop, which cannot be escaped to ensure synchronous teaching. CAS 虚拟化平台的分布式计算功能，将计算压力从云主机分担到负载相对较轻的学生终端，从而实现对 CPU 消耗较大的重载应用的支持。 Students can use the functions of virtual applications and use the distributed computing function of the CAS virtualization platform to offload computing pressure from cloud hosts to relatively lightly loaded student terminals, thereby enabling support for heavy-duty applications that consume large amounts of CPU .
5.4 Introduction to multimedia teaching management components
As shown in the figure is the multimedia teaching management component, which provides a wealth of teaching functions, including: screen broadcast, screen recording, screen rebroadcast, screen monitoring, Internet theater, network filtering, group teaching, network drawing board, electronic lifting Hand, electronic roll call, remote control, student presentation, online discussion, test paper import, online examination, electronic call answering, file management, file distribution, electronic pointer, electronic voting, black screen silence, voice broadcast, voice intercom. 95% 以上的教学场景，且针对虚拟化环境做了大量细致的优化，性能相比同类软件大幅领先。 It can basically cover more than 95% of the teaching scenarios in terms of functions, and has made a lot of meticulous optimizations for the virtualized environment. The performance is significantly ahead of similar software.
6 Cloud School Program Features and Benefits
H3C 云学堂的四大核心价值。 As shown in the figure, "multiple, fast, good, and provincial" are the four core values of H3C Cloud Academy.
Multiple application environments: multi-course, multi-scenario support, easy to deal with common scenarios such as teaching, examinations.
PC 利旧、瘦客户机、笔记本、平板都可以做云终端。 Terminal support: PC old, thin client, notebook, tablet can be used as cloud terminal.
75 用户，集群动态扩展，单集群最大支持 500 用户。 Many management nodes: a single cloud host supports a maximum of 75 users, the cluster dynamically expands, and a single cluster supports a maximum of 500 users.
90 秒。 One-button startup: One-button wake-up and one-button startup. It only takes 90 seconds from turning on the student machine to all students can enter the teaching desktop .
120 秒。 Fast switching: It only takes 120 seconds to change the teaching desktop used by students in batches .
Office 、 Photoshop 等软件秒开。 Application seconds open: Office , Photoshop and other software open in seconds.
it is good:
The teaching experience is good: the environment is dedicated, the flow is not stalled, the class process is controllable, and the teaching effect is good.
Good O & M management: One-stop O & M, template management, and simplified operations.
1080P 高清视频流畅广播。 Video effect is good: 1080P HD video smooth broadcast.
Peace of mind: Less maintenance workload, low difficulty, low failure rate, zero maintenance of the terminal, peace of mind.
10W ，机房整体耗电是传统的十分之一。 Power saving: Terminal power consumption is as low as 10W , and the overall power consumption of the computer room is one-tenth of the traditional one.
Save money: Low initial investment, low maintenance costs, and low use costs.