Tim this is indeed one of the ways of doing this - the minor issue is
that as the VMware client program is controllable from the desktop - it
could be 'windowed' and then the normal desktop used at the same time.
That's about the only issue I can think of, and I will ask my guys to
look into it.
- or at least as this is according to my current level of knowledge. I
was a bit surprised to see that no other colleges using a dual-partition
technique and instead locked things down at desktop level via group
policy.
I have thought about VMware though for other uses, in particular as the
VMAP programme make its very attractive for non-production use (i.e.
teaching/learning) and it might be the case that using VMWare in this
fashion means that apart from hardware costs, the licence for a full
VMware infrastructure server is free. I am trying to get this idea
introduced to our IT tutors who teach programming..
I am also aware that the VDI approach means that exam PC images could be
easily reset 'teflon coated' and centrally managed. But I think also the
issue is that the performance ratio may only be about half that of an
identical terminal server solution. I read somewhere that VDI vs
terminal server concurrent support is about 20 clients to 40 clients
using identicail hardware. But of course it is true that online exams
are very on memory or performance.
It is entirely true to say that the VMWare LAN could be totally
segregated from the normal network - I tried this a while back when the
free vmware (3i) came out and it is possible to set the VM virtual PCs
to use one VLAN tag whilst the host uses another. In this way, remote
control from the classroom client to the host, occurring at IP level
makes zero IP connection with the virtual LAN VLAN. In other words, a
fancy IP over a KVM solution. Apart from fiddling around with the switch
config a bit, it works.
The ramifications of this were that it is possible to:
a) Create multiple segregated VLANs using entirely seprate networks,
into which virtual PCs running on BOTH VMWare Infrastructure 3i servers,
and even VMWare Client-based virtual machines could be run and
communicate. The only condition being to use 802.1d tagging on all
ports, and to ensure that VLAN IDs are assigned to each virtual LAN
b) Use these from multiple suites (timetabling constraints lowered)
c) Where the power of single server was not sufficient, instead use host
(PC) based Virtual PCs in this manner.
I think this will be suitable for programming activities.
-----Original Message-----
From: Harrison Tim (Staff) [mailto:[log in to unmask]]
Sent: Wednesday, January 07, 2009 10:59 AM
To: Burhan Loqueman; [log in to unmask]
Subject: RE: Online/PC-Based Examinations Suites
As an alternative, though not necessarily cheap, you could set up thin
clients (Citrix/VMWare VDI) which are built to a simple specification
with no access to internet or other areas. It might be possible to
create a virtual network which is self contained. That way no physical
resources (other than a server or two) need to be dedicated to the
process. The VMWare version certainly allows you to remove USB devices
and my experience of Citrix was that it did not work anyway.
Just a thought.
Tim
-----Original Message-----
From: JISC RSC-Eastern Technical [mailto:[log in to unmask]]
On Behalf Of Burhan Loqueman
Sent: 05 January 2009 10:33
To: [log in to unmask]
Subject: Online/PC-Based Examinations Suites
My apologies to all if this is an old subject; however we are facing
increasing pressure to provide PC facilities that can be used flexibly
for a variety of requirements including PC-based online examinations as
well as normal learning/teaching activities.
It is my impression at this point in time that the ideal computer
environment to conduct examinations is one that is segregated from the
main network (with either no internet access or access to specific exam
sites only), with only the software that is required for the exams
installed. Additionally, in the ideal world software would be used to
lock-out access to removable media and USB ports.
However, dedicating enough computing resource in this manner is
difficult - at least in our environment.
I have been considering the used of tagged VLAN switch-ports, in
combination with multiple OS partitions, and NIC drivers on PCs capable
of tagging packets - such that when booted in the 'exams' OS partition,
only a segregated 'exams' VLAN is available; and whilst in the
'classroom'
partition,
the PC is a able to communicate normally on the network. Thus a single
PC with a reboot can be used in entirely different network/software
environments.
If you have five minutes to jot down an email, I'd like to know the
approaches and experiences of my colleagues at other colleges in the
region.
Thanks.
|
