NEW IPO Logo - by Charles Larry Home Search Browse About IPO Staff Links

Doing IT Right for You

Technology Initiatives for Park Districts

by Thomas Ellison

New options in hardware and software have created heightened demands for more advanced online and offline service offerings for today's park district. Sorting them out and then deciding on the specifics can be a daunting proposition-technically and financially. Is wireless better than wired? What is the return on investment (ROI) for the community? What will be the impact on the park district staff and how they do their jobs?

I'll explore these issues through a detailed case study of the fictitious Illio Park District. Illio is a composite of authentic park district technology needs and solutions—drawn from numerous installations completed over the past five-and-a-half years.

About The Illio Park District

Illio Park District is one of the larger park districts in Illinois, providing programs and services to 100,000 citizens. It offers programs, outings and trips to residents and non-residents alike, serving surrounding communities as well. It employs 50 full-time and up to 150 part-time employees. Yearly registration for programs is over 10,000.

Its amenities include an administrative building; a 10-lane, Olympic-sized pool; a large outdoor ice rink; the Daisy Hill Farm building with a separate snack bar; and a state-of-the-art gym and tennis center (which also includes a play lot and day care log cabin).

Illio City has also recently annexed significant acreage. It is estimated that the population will double in 10 years and that the district will need to expand accordingly in capacity and facilities. So, the district's information technology upgrade needs to provide a flexible and expandable groundwork on which to grow without having to face a so-called "forklift" upgrade.

At this size, Illio offers examples of virtually every scenario germane to all park districts, be they large, mid-sized or small.

The Park District's IT Goals

Typical of most park districts on the verge of an upgrade, Illio already had a local-area network (LAN) in its administrative building. The LAN deploys various software programs for accounting, payroll, registration, membership, point-of-sale functions, maintenance and miscellaneous office productivity (word processing, spreadsheets, desktop publishing). Also typical of a pre-upgrade scenario, communications between facilities were either slow or non-existent: the gym and tennis center connected to the administrative building via a dedicated 56kbps line; staff at Daisy Hill dialed in to the administrative center via modems. The pool and ice rink were not connected at all.

Illio has recreational software to track membership, registration, reservations, etc. The software resides on a server at the administrative center. Prior to the upgrade, the only way for the other sites to share its data was by having an employee whose chief task was to copy the program database every morning and then drive to every site with a disk with yesterday's end-of-business information. Disks were swapped for each site's "yesterday data," which was then input into the main server at the administrative center.

As part of the upgrade, the Illio Park District has chosen a new program, ParkDistrictWorks (not an actual program) that brings together various functions that had been performed by individual programs. As part of the migration, Illio decided to connect all its sites together so that everyone at every site could use the same database and information in real time. With the upgrade, Illio wants to allow online credit card authorization, touch tone registration and interactive online

52 | Illinois Parks and Recreation

September/October/November 2003 | 53

registration. Illio also wants to offer residents the ability to use registration "smart cards," that will identify park patrons and hold credit balances that allow them to make transactions anywhere in any park district facility. As time and resources allow, Illio will add e-mail, an anti-spam solution, network monitoring and controlled or restricted web browsing throughout.

The district has secured funds from the Illio Park Board for this project. But the district cannot hire additional IT personnel or pay for exceptional training for the current technology manager. The solution must require very little "babysitting" by overworked staff and entail as few recurring costs as possible.

Budget is always a consideration, and Illio's project, along with its number of users and clients, may make the scope of this example seem out of reach for many mid-sized or smaller districts. Remember, however, that budgets will vary according to the wants and needs of the district. In fact, bringing park districts closer to their constituents, serving them more effectively and still meeting a bottom line are well within the means of most park districts. As wireless technology matures and as software programs become deliverable via the Internet rather than traditional telecomm lines, budgets will come down. The key to a satisfying solution that meets both budget and user expectations is to find a reliable and experienced network consultant— someone who can assist in sorting through alternatives and make informed recommendations specifically geared to the needs of your district.

The Challenge

The major challenge is to design an enterprise that fits Illio's current needs, with room for expansion and growth for the next three to five years. Beyond that time frame, the technology future is hazy and harder to anticipate. Then there is the whole set of challenges particular to park districts. These include:

• Finding a cost-effective manner to bring multiple facilities into one coherent computer network so they can all communicate and share the same data.

• Bringing the numerous components in all those facilities into the scheme. These include: computers, cash drawers, point-of-sale terminals, ID scanners, card printers and so on.

• Providing for internal security. A teenage summer lifeguard and the executive director should not have the same access permissions to Illio data or Internet browsing. On the other hand, many park district employees rove among workstations or even locations, yet they need the same access and user profile to follow them wherever they may log in.

• Determining cost-effective and technically sound communications solutions for seasonal facilities that may be idle for parts of the year.

• Providing an optimized way for remote sites to access ParkDistrictWorks software securely, reliably and efficiently.

Finally, the technology initiative design must be fiscally responsible, grounded in proven technology, scalable and durable.

Architecture of the solution

Given the imperative that the district wants an effective way to link its recreation sites to the administration building resources, the chief network architect designed a Wide Area Network (WAN) that would meet this directive.

Refer to Figure 1 for the design. Its logic includes:

• Implementing a hub-and-spoke configuration of point-to-point lines between the administrative center hub and several remote sites

• Using a fiber connection between Daisy Hill Farm and its adjacent snack bar

• Using a wireless connection between the gym and tennis center and the day care facility

The WAN (Wide Area Network)

Deciding how to connect two sites is a function of cost + distance + users. Most park districts will begin this decision-making process by examining the pros and cons of traditional dedicated lines versus the newer and much-discussed alternative of wireless technology (sometimes known as WiFi). Some points they will consider include:

Reliability

Traditional phone lines win this point easily, since dedicated lines almost never go down. On the

Figure 1 The Wide Area Network configuration for the Illio Park District shows how the district's remote sites will connect to the administration center's router.

54 | Illinois Parks and Recreation

other hand, wireless is susceptible to interruptions by weather (even a crisp breeze can play havoc), reflection (tree leaves are notorious villains here), and competing devices (wireless has only three channels available and other products, such as gigaherz phones, use the same channels).

Cost: The biggest knock against dedicated lines is the fact that they constitute a recurring cost, month after month, whereas a wireless connection, once paid for, lasts the life of the product. The telecommunications industry is suffering from the economy, so great deals are to be had, especially if locations share the same central office of origination. These deals often involve multiple-year leases, however.

Figure 2 The Local Area Network configuration for the Illio Park District shows the configuration of the switches that will be used to keep the network traffic up to speed.

• Speed Remember that nowadays most workstations connect to servers at lOOMbps. The fastest telecomm link is a Tl, at l.5Mbps; ISDN and regular service are measured in kbps. Newer standards for WiFi can go up to 54Mbps.

• Adaptability: For park districts interested in IP telephony (converging voice and data traffic over the same wire), standard telecommunications lines are recommended in order to obtain voice quality better than that of a bad cell phone connection.

These factors were discussed, and Illio made the following provisions: The gym and tennis center is a year-round facility with a permanent staff of 15. It will be connected via a Tl line. The same is true for Daisy Hill Farm (which is also year-round and with 10 staffers) and the pool (which, although seasonal, is only a mile from the administrative center, and therefore not much more expensive to connect with a Tl than it is to connect with a slower ISDN line).

The ice rink is open only four months a year, and it is six miles from the administrative center, so the network architect recommends an ISDN line—a more economical solution that still has enough bandwidth to accommodate the four staffers who work there.

The snack bar is a major point-of-sale site and therefore needs to be tied in to the WAN, but not at the expense of its own point-to-point connection. On the other hand, it is a separate building, too far from the main Daisy Hill Farm building to be connected via copper wire. The solution here is to run a fiber cable from the main building to the snack bar, using the trench already dug for the phone line. Fiber requires a front-end investment, but once that cost is absorbed it connects a remote facility without recurring cost and at very good speed.

The final component is the wireless WAN between the gym and tennis center and the day care facility. Again, the day care isn't big enough to justify its own Tl. And it is a separate building too far to connect with copper wire. Fiber was also ruled out because there is no previously dug trenching to the day care facility, and it is impossible add a trench because the intervening real estate is a playground. Here the architect proposes a wireless WAN connection and it works ideally: there is a good line-of-sight between the buildings and there are no trees or other obstacles to disrupt the signal.

LAN (Local Area Network)

The two primary features of the LAN design (see Figure 2) at the administrative center are the use of gigabit connectivity for the servers and the proper segmenting of the network by employing switching technology down to the desktop. Until recently, speed over lOOMbps was financially out of the question. Nowadays speeds of l,OOOMbps (gigabit) have become available over standard CAT5 wiring, and good server hardware comes with a gigabit-capable network card as standard.

Server speed does little good unless that speed can propagate throughout the network down to the workstations. The centerpiece to a properly designed network is a good backbone switch: everything on the network will, directly or indirectly, plug into this device. Choice of a backbone switch is critical: if it is not powerful enough, the network performance will sag.

Throughout the entire enterprise, the network architect decides to use switches rather than hubs to connect subsidiary devices. Switches are intelligent devices; hubs are not. Switches have what is called backplane capacity (conceptually equivalent to their potential energy) measured in gigabits; hubs max out at 100 Megabits. In practice, this translates to a switched

September/October/November 2003 | 55

network of great speed and controlled traffic versus one of mediocre speed and profuse network collisions. The best analogy here is to think of the Chicago Loop at 5:00 p.m. on Friday. A network with hubs is like a street grid with no traffic lights or police officers, resulting in gridlock. The switches add capacity for about 20 additional lanes of traffic, and they act as the lights and officers, properly routing traffic while both literally and figuratively avoiding collisions.

Deploying the Application

The Illio Park District has about 35 users located in remote facilities (other than the administrative center) who will need to use ParkDistrictWorks. The network architect considers several options for dealing with this remote access challenge and decides that the solution relies on the strengths of two pieces of software.

The base installation will be Microsoft Terminal Services, which conveniently enables remote access, but has the drawback of mediocre speed. The network architect further selects a remote access program to "sit over" Terminal Services, intensifying its capability. This remote access program is very powerful because it uses a special protocol that does all the processing, taking the load off remote workstations by sending only mouse clicks, keystrokes and screen refreshes over the WAN. In practice, this means that users with the proper bandwidth will get performance equal to that of LAN users. For all intents and purposes, they will be on the administrative center LAN, even if they are miles away.

This "on the LAN" (fast speeds) feeling can be extended to employees who wish to connect from home. There is no more need for modems and communications servers, because remote access software allows park districts to move beyond the outdated "dial in" concept. Any employee with a PC and an Internet connection can access the services deployed by the administrative center at any time, at exceptional speed and securely. (The remote access software client encrypts all transmissions that flow over the Internet.)

Finally, the remote access software includes a set of comprehensive and powerful administrator tools. By "shadowing," network administrators can actually seize control of remote workstations to troubleshoot user problems, so they no longer have to visit terminals in remote locations to render help. Now this can be done centrally, desktop-to-desktop. Access rights can be controlled down to a very, very specific level as well, ensuring that users have access to only the

56 | Illinois Parks and Recreation

information and files the network administrator grants.

Proper deployment of this remote access software is a very particular and specialized undertaking. Printing is always touchy and must be carefully planned. One user printing a big report can drag down an entire server. There is also the temptation to load up remote access servers with lots of applications and lots of users. Performance can and will degrade rapidly as bandwidth dwindles and users increase (especially if they are printing). The design to be implemented for the Illio Park District will not have bandwidth issues with its remote sites (and use could in fact grow if needed).

Due to the architect's long and diverse experience with this application, he does not believe that more than 20 to 25 simultaneous users should be on one server. Degradation tends to kick in quickly rather than incrementally. Furthermore, it is not sensible to spend a great amount of money for mediocre performance and dissatisfaction. For these reasons, the architect has selected load-balanced remote access servers for the anticipated 35 users. This solution has the added benefit that, in the event of a hardware failure, 35 people could muddle along on one server, albeit with a performance hit.

Online Registration: Live Time and Secure

This final piece pertains to the combined issue of Internet access, security against encroachment from the Internet (through a firewall) and the need to offer online registration.

It is now common knowledge that anyone with a dedicated connection to the Internet needs a robust firewall to keep out the bad guys. (But don't forget a good antivirus solution, too. Firewalls prevent hacking, not viruses.) The firewall and the router will connect Illio to the Internet while protecting it with an impregnable security tool that has never been hacked (as long as it has been properly configured by a security professional). It employs a method of security called stateful inspection: the firewall will not allow anything into a LAN that has not been specifically requested by users browsing the Internet from inside the network.

Figure 1 (page 54) demonstrates that all locations are behind the firewall, ensuring security throughout the WAN. The firewall has a third interface that sets up the so-called DMZ (Figure 2). This term is used to describe a set up wherein servers (such as the web server deploying online registration) are able both to converse with the Internet and be part of a private LAN without compromising security.

The Illio Park District has expressed interest in online registration, which can be accomplished by enabling the web server to connect to the ParkDistrictWorks server and its database. Online registration is made possible and secure because the web server is carrying on a two-way conversation: it's talking to the user on the Internet and at the same time it is retrieving data from or writing data to the ParkDistrictWorks server. If the web server were on the internal LAN (like the other administrative center servers) then the firewall would have to allow Internet traffic into the LAN, thereby making security completely ineffective. This way the LAN is safe, the web server can do its Internet work and it can still pull data from the LAN.

The concept of a DM2 might seem complex, but it is extraordinarily important for any park district. Its existence will be absolutely invisible to users. At the same time, it provides the highest possible level of security to the LAN. Most important, it positions the Illio Park District to leverage the power and convenience of the Internet to the public by making possible online registration today and hosting its own web site in-house or linking to other Illio City web sites for transactions tomorrow.

How it Could Work For You

In our composite case study, the Illio Park District would successfully and seamlessly migrate from its old environment to the new one, keeping the legacy server online for several months until ParkDistrictWorks was up and running. Before ParkDistrictWorks would be deployed, the entire LAN would be installed and all the remote sites would be brought up and shown to be able to connect to the administrative center, thus easing the transition. (OK, in actual fact, something goofy could always happen: a backhoe could accidentally cut one of the phone lines or the lifeguards at the pool could unplug the router so they could plug in their microwave instead. But these things can be overcome in real life, so I didn't include them in this simulated case study.)

Of course, the district's technology manager would have a pager that monitors all the sites and their uptime (thereby forestalling emergency calls from the gym and tennis center at 5:00 a.m.) and there would be a Management Page web site that allows single-site management of the enterprise.

Many park districts already have extensive LAN/WAN technology in place, host their own web sites and provide users with authentic real-time registration. (This case study is based on actual installations, after all.) More important, citizens are coming to expect these types of technological amenities from larger park districts—just as they already do from private sector services.

Smaller districts can position themselves to take advantage of new technology, too. They may not be able to address as many issues, all at once, as the Illio Park District did. A feasible starting point for small and mid-sized park districts might be to explore the possibilities of Internet-based software that will provide high-profile services like online registration: this can have a bandwagon effect that will fuel enthusiasm and funding for further projects.

Park districts, like any other business, service or public sector concern today, have technology challenges ahead. But when handled properly, these challenges can create long-term cost savings, more efficient employees and a more satisfied constituency.

Thomas Ellison is founder and president of Sterling Network Integration Inc. in Rolling Meadows, Illinois. Since 1998, his company has worked on projects for many park districts, including one that required designing and implementing a 13-site WAN with T1, ISDN, and wireless connectivity and the installation of nine servers with recreation software, e-mail, web-based mail, an anti-spam solution and a web server. The company has also worked with banks, municipal bodies, service organizations and the private sector. You can reach Tom at info@sterlingnetworks.com.

September/October/November 2003 | 57

|Home| |Search| |Back to Periodicals Available| |Table of Contents| |Back to Illinois Parks & Recreation 2003
Illinois Periodicals Online (IPO) is a digital imaging project at the Northern Illinois University Libraries funded by the Illinois State Library