KETS Technical Environment Information – Combined

Documents
Last Reviewed: June 27, 2023

Last Updated: June 22, 2023

Active Directory ................................................................................................................. 2

Internet Content Management System .............................................................................. 6
Electronic Email and Collaboration .................................................................................... 9
KETS Service Desk ......................................................................................................... 15
Tyler Enterprise ERP (formerly MUNIS) .......................................................................... 19
The KEN Network (Kentucky Education Network) ........................................................... 23
Security ........................................................................................................................... 26
Infinite Campus Student Information System ................................................................... 30

The information contained within this overview is the current state for the respective
Kentucky Educational Technology System (KETS) technical environments. Some
environments refer to current or future project related work that may result in changes that
impact the information contained within these documents. Where possible, that
information is included. However, these documents are for high level planning purposes
only.

The Kentucky Education Technology Systems (KETS) product and technology standards
enable commonality and consistency among Kentucky's public school districts. These
standards complement KETS initiatives and help ensure system supportability across all
districts. While the technical environment described in this document follows these
standards, the actual KETS Standards cover additional products and technologies, and
new systems implemented at the state and district levels are expected to conform to these
Standards where applicable. The KETS Standards can be found on the KDE website,
currently at
https://education.ky.gov/districts/tech/kpur/Pages/KETS%20Technology%20Standards%2
0and%20Purchasing.aspx.

Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020
KETS Technical Environment Information Document
Active Directory
Section 001
Last Reviewed: 6/22/2023
Last Updated: 6/22/2023

Prepared by John Logan

Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020

2
Summary
The KETS Active Directory provides authorization and authentication services for nearly
1,000,000 user objects and 500,000 computers and servers. It provides a directory
structure for easier management of the user and computer objects throughout the KETS
environment. Microsoft Active Directory services provide DHCP, DNS, WINS, Group
Policies for object management, as well as normal directory services like authentication
and authorization. There are also dependencies with our collaboration tools (Office 365
for Education and Google Workspace for Education) regarding account provisioning and
password sync. Please visit Section 5 ‘Electronic Email and Collaboration’ for more
information.

Visual Representation
This is a diagram of the KETS Active Directory structure. The green circles represent AD
Sites for replication and the orange circles designate domains. One of the two district-
located DCs is also a Global Catalog server. Though there are only three domains shown
these represent 178 domains, and one empty root domain (179 total AD Domains). All
Active Directory Domain Controllers are virtualized with the exception of the two root
domain controllers located in Frankfort (GC/DC).

3
Description
The KETS Active Directory is a mixed mode Windows Server single forest with 180
domains, averaging 3,500 users per domain. All domain controllers are running Windows
Server. The smallest domain has approximately 500 users while the largest has nearly
125,000. The forest consists of a root domain, one domain each for the Department of
Education, KY School for the Deaf (KSD), KY School for the Blind (KSB), a research and
development domain as well as one domain for each of our 171 school districts. There
are also three additional domains that are used for piloting updates. Each domain has a
minimum of three domain controllers with one acting as a global catalog server. One DC
for each domain is located in Microsoft Azure ‘in the cloud’. This provides off-site
redundancy from a district perspective. Generally, each district is also a single site within
the directory structure. Replication within the forest is a hub and spoke model with
replication hub servers hosted in Microsoft Azure and site links created between each
domain and the hub site. AT&T’s Netbond VPN solution as well as Microsoft
ExpressRoute allow for a reliable network connection between the KETS on premise
network and the cloud subnet.
Windows Server DNS provide naming services throughout the internal network. WINS is
only enabled in a few districts. DHCP provides IP addresses to workstations while
servers use static addressing.
Organizational units have been created within each district, named ‘Students’, ‘Staff’,
‘Leadership’, ‘Workstations’, and ‘Local Servers’. These top-level organizational units
cannot be deleted or have their permissions modified. Key district technical staff have
been delegated permissions to create/modify child organizational units for each school in
the district as prescribed in the KETS OU Naming Standards document (available upon
request).

Identity extends to Office 365 for Education and Google

Workspace for Education
Azure Active Directory Sync (AAD Sync) is configured for each school district,
provisioning users and groups from on-prem Active Directory to each district’s Office 365
tenant. These AAD Sync services are supported by KDE/OET. For those districts who
have purchased Azure Active Directory Premium v1 they also have their passwords
written back from O365 to on-prem AD, allowing for O365 Self Service Password Reset to
be utilized.
Google Cloud Directory Sync (GCDS) is configured for some districts that choose to
provision users and groups from on-prem Active Directory to their Google for Education
tenant. This is supported by the school districts. There are some of these districts that
also choose to have their passwords synchronized from on-prem AD provision to Google.
For those districts OET has installed Google App Password Sync (GAPS) on the district
AD Domain Controllers. This is supported by KDE/OET.

4
Management and Support Strategy
The KETS Active Directory is monitored using Microsoft System Center Operations
Manager. The KETS Messaging and Directory Services Team and the other operation
service teams provide management of sites, site links, replication, domain controllers’
hardware, and all naming services. The KETS Messaging and Directory Services Team
manages all infrastructure and enterprise functions of Active Directory. District technical
staff manage user account creation/modification, computer account creation/modification,
and some group policy creation/modification within specified organizational units.
Permissions have been delegated to a named group within each domain for these
functions. When districts have issues they have the ability to call a technical service desk
employed by KDE. Some issues are escalated to the KETS Messaging and Directory
Service Team and potentially on to Microsoft through a Premier Support engagement.

5
KETS Technical Environment Information Document
Internet Content Management System
(Previously: Application and Content Caching)
Section 002
Created: June 23, 2005
Last Reviewed: 06/06/2023
Last Updated: 10/27/2021

Prepared By: Paul Shoemaker

Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020

6
Summary
This document describes the design and use of Internet Content Management Systems
within the KETS or Kentucky Education Technology Systems network and within the
districts.

Visual Representation

Description
The Kentucky Educational Technology System (KETS) utilizes an MPLS connection to the
Internet. The districts and KDE the Agency have independent connectivity to the Internet
through the MPLS cloud. KDE the Agency, as well as each school district, has their own
independent Internet Management System based on the Lightspeed Relay product.
Access and tracking are based on Active Directory authentication, IP addressing or client
installation on the end-user system. This is a combination solution consisting of the
Lightspeed Relay Smart Client used on district owned end user devices and the Network
Agent used for all on premise devices not owned by districts (BYOD) or devices that
cannot use the Relay Smart Agent software. Both solutions filter all Internet bound traffic
that pass through the Lightspeed Relay Smart Agent or Network Agent systems. The
Lightspeed Relay Smart Agents and Network Agents are managed by the same
7
administration console and policy sets and configurations are distributed to both systems.
The Network Agent architecture is based on DNS requests to determine filtering policy
application. The Network Agents are “Relay Aware” and do not filter devices that have the
Relay Smart Agent installed.

Districts are allowed to request a waiver from the Lightspeed product and select their own
Internet filtration device, so long as it meets the requirements documented in KAR 701-
5:120, CIPA and other regulatory guidelines or statutes. A baseline configuration is
provided to all districts that may be used as a guide with the Lightspeed system. Districts
may alter that configuration to reflect any additional policies or restrictions they practice.
Districts may employ a caching solution at their discretion.

Management Strategy
The Office of Educational Technology (OET) provides the Lightspeed solution and a
baseline configuration for all districts. Lightspeed provides direct support for this product
for districts and KDE. Each district is responsible for their maintenance and configurations
beyond the baseline provided. If a district has requested a waiver for a different product,
the district is responsible for all support and configurations and is expected to arrange for
support from the providing vendor.

8
KETS Technical Environment Information Document
Electronic Email and Collaboration
Section 003

Last Reviewed: 6/22/2023

Last Updated: 6/22/2023

Prepared by John Logan

Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020

9
Summary
This document describes the electronic messaging and collaboration applications used by
the Kentucky Department of Education, KSB, KSD, and the 171 Kentucky school districts.
This comprises nearly 900,000 user mailboxes (faculty, staff and students).
These solutions are ‘cloud-based’ as backend systems that deliver these environments
are maintained by the respective companies (Microsoft and Google). All districts and KDE
have both a Office 365 and Google Workspace for Education system. Each district/KDE
choose where their users will use e-mail service specifically, but all other services are
enabled for users (cloud drives, web conferencing, document sharing, etc). Users can
choose which they want to use, but e-mail is enabled only for one of the systems for the
entire districts or KDE.
The Office of Education Technology manages the provisioning technologies to provision
accounts to the Microsoft Office 365 environments. Districts/KDE manage provisioning to
its own Google’s Gsuite for Education environment. Districts and KDE maintain and
manage their respective communications environment.
The provisioning of accounts (users, groups, etc.) is accomplished by Microsoft’s Azure
Active Directory Connector of Office 365 and Google Cloud Directory Sync for Google
Workspace for Education. Both of these provisioning tools pull information from one
Microsoft Active Directory environment. For a deeper understanding of our Active
Directory environment, you can go to that section in this document.

10
Visual Representation

Office 365 Provisioning

Visual representation Microsoft’s provisioning topology as it pertains to Office 365

View of the provisioning infrastructure between Active Directory and Office 365. This
allows us to utilize Active Directory for user management instead of using Office 365
directly for account creations, etc.

11
SMTP Relay
There are 2 x Windows Servers running IIS configured to forward SMTP email from
allowed KETS devices (in districts and KDE). This is for devices that do not have the
builtin ability to send email. By default all email sent through the relay goes out a single
outbound connector, For those districts that wish to do DKIM Signing a dedicated
connector is configured to their O365 or G Suite tenant where they can configure DKIM
and then forward the mail.

Google Workspace for Education Provisioning

Visual representation Google’s provisioning technologies as they pertain to Google
Workspace for Education

12
Subset GAL
Visual representation how our ‘Subset GAL’ works

All adults in all districts show in KDE’s Email Global Address list, and are also available to
add to permissions of other Office 365 services (Sharepoint sites, OneDrive). Districts
can add a value of GAL to a special attribute in Active Directory which will result in that
user showing as a contact in all other district’s email Global Address List, for both Office
365 and Google Workspace email systems.

13
Description
The Office 365 solution is Microsoft’s cloud collaboration offering provided out of
Microsoft’s datacenters. It is comprised of the following:
• Exchange Online – Microsoft’s electronic messaging solution.
• Teams for Business / Teams – Microsoft’s web-conferencing solution.
• SharePoint Online – Microsoft’s organization solution for securely storing, organizing,
sharing and accessing your information.
• OneDrive Online – Microsoft’s individual solution for securely storing, organizing,
sharing and accessing your information.
• Office 365 Online suite. This allows users to install and update the Office suite of
tools on up to five devices from the Internet.

The Google Workspace for Education solution is Google’s cloud collaboration offering
provided out of Google’s datacenters. It is comprised of the following:
• Gmail – Google’s electronic messaging solution.
• Google Meet – Google’s web-conferencing solution.
• Google Drive – Google’s individual solution for securely storing, organizing, sharing
and accessing your information (Google doesn’t have a like-product to Microsoft’s
SharePoint)
• Google Docs – Used to create and collaborate on online documents. Edit together
with secure sharing in real-time and from any device
• Google Forms – Used to create online forms and surveys with multiple question types.
Analyze results in real-time and from any device.

Management Strategy
The KETS Messaging and Directory Services Team centrally manages the Active
Directory and provisioning solution responsible for CRUD (creates, updates, deletes)
between AD and Office 365. Districts manage those solutions for the Google environment.
The backend infrastructures themselves are managed by Microsoft and Google
respectively. When districts have issues they have the ability to call a technical service
desk employed by KDE. Some issues are escalated to the KETS Messaging and
Directory Service Team while many, depending on the issue, will be directed directly to
Microsoft and/or Google or their support providers.

14
KETS Technical Environment Information Document
KETS Service Desk
Section 004

Created: 6/24/2005
Last Reviewed: 6/26/2023
Last Updated: 2/7/2023

Prepared by Dan Gorman

Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020

15
Summary
This document provides an overview of the KETS Service Desk Services provided by the
Office of Educational Technology.

16
Visual Representation

17
Description
The KETS Service Desk provides support to both internal and external KETS customers.
Internal customers are defined as the Kentucky Department of Education (KDE) including
the Kentucky School for the Blind (KSB) and the Kentucky School for the Deaf (KSD) as
well as districts (171) and schools (approximate 1,400) throughout the state of Kentucky.
The KETS Service Desk also services external customers defined as the general public
who need assistance with any public facing technology that KDE provides such as web
applications.
The KETS Service Desk resolves technical issues and answers questions on the following
platforms and services: messaging, Internet/network connectivity, public facing web
applications, internal end-user technology service (KDE the agency only), Active
Directory, and network security. Issues are generally resolved within 20 minutes, though
more complex issues may take longer. Resolution may entail working directly with a
Service Desk analyst for a short time (Tier 1), escalation of an issue to another team
within KETS (Tier 2), or by escalation to another non-KETS resource (Tier 3). Examples of
a Tier 3 resource may include vendor partners such as Extreme, Microsoft, and McAfee.
Service provided to KDE the agency is often the first level of triage meaning that the
Service Desk encounters a wide range of issues varying between simple password resets
all the way to workstation reimages. Support provided to the school districts is often more
technical in nature as the issues escalated to the KETS Service Desk have already gone
through layers of technical support within the school district. However, this varies from
district to district depending on the size and availability of IT staff. Issues escalated to the
KETS Service Desk by school districts are either issues that can’t be solved in the district
or issues where the district staff may not have the rights to change something such as
DNS entries or firewall configurations.

Management Strategy
The KETS Service Desk is a process-driven entity and allows for seamless operation with
KETS Service Teams. The KETS Service Desk is staffed each business day 7:30 AM – 5
PM Eastern. The KETS Service Desk is the central hub and entry point for accessing
technical support for all KETS provided technology.

18
KETS Technical Environment Information Document
Tyler Enterprise ERP (formerly MUNIS)
Section 005
Created: June 20, 2005
Last Reviewed: 6/22/2023
Last Updated: 6/22/2023

Prepared By Martin Herbener

Kentucky Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020

19
Summary
This document covers Tyler Technologies' Enterprise ERP (formerly known as MUNIS),
KETS’s financial software.
170 districts use a Cloud Service implementation; one district uses on-premise equipment.
This document describes both implementations where applicable.

Visual Representation

1.1. On-Premise Network Overview

20
 1.2. Cloud Service Network Overview

Description
Enterprise ERP (formerly known as MUNIS), from Tyler Technologies, is the financial
system for Kentucky public school districts. For both the single remaining on-premise
district and all Cloud districts it runs on Windows servers. Tyler Technologies hosts the
Cloud districts in its own data centers. Most end user access requires connectivity to
Tyler’s data centers through VPN; each district has a dedicated, Tyler-provided VPN
device to provide this connectivity from computers on the district network, and Tyler also
provides an end-user VPN service for user access from other locations.
Most functionality is browser-based, though a few specialized reporting features rely on
additional client software. Tyler also maintains automated data transfers to and from the
Commonwealth’s Department of Employee Insurance and Deferred Compensation vendor
Nationwide.
Users are authenticated to both the end-user VPN (when used) and to certain specialized
functions using Enterprise ERP-specific credentials. Users from cloud districts use their
Azure Active Directory accounts to authenticate to most Enterprise ERP functions.

21
Management Strategy
One remaining on-premise district in Kentucky has an Enterprise ERP server. Users,
printers, security and operating system design are managed by the district with Tyler
support.

For Cloud districts, users and printers are managed locally, while application updates,
databases, security and the operating system are managed by Tyler.

KDE’s Office of Finance and Operations provides policy guidance to districts regarding
recording and reporting financial activities. KDE’s Office of Education Technology
provides oversight of technical operations and guides Kentucky-specific customizations of
the system.

22
KETS Technical Environment Information Document
The KEN Network (Kentucky Education Network)
Section 006

Last Reviewed 06/27/2023

Last Updated: 12/2/2021

Prepared by Howard Keeter

Reviewed by Keith Exley
Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020

23
Summary
This document provides a brief, high-level view of the layout of the Kentucky Educational
Technology System (KETS) networking environment throughout the Commonwealth of
Kentucky. This document does not provide vendor-specific information with regard to
network components, nor does it provide component level configuration information.

Visual Representation

Description
The Kentucky Education Network (KEN) network consists of 1200+ schools in 171
districts. There are over 1 million end user devices and servers serviced by KEN.
Approximately 100,000 staff members and 650,000 students are consumers of the
services of the network.

The current Kentucky Education Network consists of an MPLS backbone supplied by

AT&T. The school districts have direct Internet connection via this MPLS backbone. Only
services housed at a state level require connection to the Kentucky Department of
Education. Each district connects to the backbone via an Ethernet hand off with lines
speeds from 100Mb/s to 10Gb/s. At this district level the Kentucky Department of
Education supplies a managed firewall, traffic management device, and shared services
24
switch solution. This is the demarcation point between the services supplied by the
Kentucky Department of Education and district owned and managed services. In most
cases the district connects to the managed firewall via a layer 3 switch or routing device.
The buildings that make up the district connect to the district's hub site by any direct
method that is available to them for that location. It cannot be assumed that all buildings
in a district contain classrooms. Some examples of buildings with alternative uses are bus
garages, athletic complexes, and technology and maintenance centers. The variety of
connections can include methods such as District owned fiber or Managed Ethernet
Services with line speeds from 100Mb/s to 10Gb/s. Inside each building there is at least
one wiring distribution frame where the local Ethernet switches and additional components
(such as phone systems and video distribution systems) are located. Classroom wiring is
completed as homeruns back to these wiring distribution frames. Wiring between
distribution frames inside a building is generally completed by the use of multi-mode fiber
optic cable. If wiring is needed between buildings on a campus it is encouraged that it be
done with the use of single mode fiber optic cable.

Management Strategy
The Office of Educational Technology, with the assistance of vendor partners, supports
and maintains all centralized KETS shared service level and distributed components,
including Firewalls, VPN servers, Traffic Management devices, etc. for all 171 school
districts. Additionally, all hardware components, Leased-Line connectivity, and
configuration management for connectivity between the school district’s hub site and the
state is funded and managed by OET. OET sets standards for all other network-related
components and negotiates contracts on behalf of the school districts with approved
vendors. OET also provides design and configuration assistance to school districts on an
as-needed basis. School districts are responsible for all networking components and their
configuration and management within their own LANs on their side of the KETS Firewall.

25
KETS Technical Environment Information Document
Security
Section 007
Created: June 22, 2005
Last Reviewed: 06/06/2023
Last Updated: 10/27/2021

Prepared By Paul Shoemaker

Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020

26
Summary
This document provides an overview of the Network Security Services provided by the
Office of Educational Technology (OET) for the Kentucky Educational Technology System
(KETS). This document only covers security services supported by the OET Network
Security Team and Contracted Network Management Services with AT&T Network
Services.

Visual Representation

27
Description
Network Security Services include the following:
1. Intrusion Detection – Systems that passively monitor and detect harmful network
traffic or attacks
2. Border Router Filtering – Basic filters placed on border routers which filter out
common “noise” before it hits security devices
3. Firewall Services – Systems that provide security of outward facing network
connections.
4. Enhanced Firewall – Additional protection for end user devices when connecting to
outside networks.
5. SPAM Filtering – Systems that monitor and remove unwanted e-mail sent to the
KETS network
6. Intrusion Prevention – Systems that actively look for harmful network traffic or
attacks and reset connections as needed
7. Virtual Private Networking – Systems that allow secured access to the KETS
Network from outside networks
8. Virus Protection – Virus detection and removal software that is loaded on all
workstations and servers in the KETS network
9. Traffic Management – Systems that can either guarantee or limit the amount of
traffic of any specific type on the network
10. Certificate Services (Internal usage only) – A root certificate authority tied to the
KETS AD forest is established at KDE. Districts wanting to implement certificate
services may stand up their own subordinate certificate server to be used for
wireless authentication and other certificate related authentication practices
required in the district
11. Policy Management – Baseline rule sets for firewalls, virus protection, VPN, and
other security-related systems
12. Patch Management – Systems that monitor status of and install patches to
operating systems and other software within the KETS network
13. Private IP Scheme – Standardized assignment of Private Internet Protocol
addresses to devices within the KETS network, as well as Network Address
Translation to allow some of these devices to interact with the Internet

Management Strategy
Intrusion Detection, Firewall Services, Enhanced Firewall services, SPAM Filtering,
Intrusion Prevention, Traffic Management, and Virtual Private Networking are all managed
by a combination of the OET Network Security Team, Microsoft Office365 and Contracted
Network Management Services (AT&T). Policy Management is managed by a
combination of the OET Network Security Team and relevant vendors. Border Router
Filtering is cooperatively managed by the OET Network Security Team and AT&T Network
Services and Contracted Network Management Services with AT&T Network Services
that handle daily maintenance and updates while the OET Network Security Team
handles defining policies. Virus Protection, Patch Management, and Private IP are
supported by both the Network Security Team and local district support. Certificate
services are granted to districts’ subordinate certificate servers through KDE. Districts

28
issue, expire and reclaim certificates to their end users through their own support local
support services.

29
KETS Technical Environment Information Document
Infinite Campus Student Information System
Section 008
Created: February 23, 2009
Last Reviewed: 6/22/2023
Last Updated: 12/16/2022

Prepared By Martin Herbener

Department of Education
Office of Education Technology
Division of School Technology Planning and Project Management
300 Sower Blvd.
Frankfort, KY 40601
(502) 564-2020

30
Summary
The Kentucky Student Information System (KSIS), based on Infinite Campus, is the
system of record for most student-level data for all public school districts across Kentucky
and allows districts and KDE to create reports for decision-making purposes. KSIS is
cloud-based (hosted by Infinite Campus) for all districts and for the state-level
components using a Software as a Service model.

31
Visual Representation

32
Description
Infinite Campus provides the KETS standard student information system. This system
includes three main components:
• Infinite Campus District Edition
• Infinite Campus State Edition
• Statewide Reporting Warehouse

Plus several optional (per-district) components:

• Food Service
• Messenger with Voice
• Campus Learning Suite
• Online Registration
• Campus Analytics Suite

Infinite Campus District Edition is the application used by school and district staff –
teachers, administrators, and support staff. It tracks data such as attendance, grades,
behavior, student demographics, schedules, fees, instructional plans, and health. It
produces numerous reports and constantly synchronizes certain data elements with the
centralized Infinite Campus State Edition installation. As a web-based application it is
accessible anywhere in the district and from the general Internet. Campus Student and
Campus Parent interfaces, with accompanying mobile apps, are available for those
populations to use.
Infinite Campus State Edition is the application used by KDE and other state-level staff.
It automatically receives certain data elements from each District Edition installation for
reporting purposes. It is also used to manage district, school, and in rare cases (such as
duplicate student ID cleanup) student records.
The State Reporting Warehouse is a single SQL Server database instance which
contains copies of all the Infinite Campus District Edition databases, updated weekly.
This database is used as the source for reports that required detailed data which are not
synchronized to the Infinite Campus State Edition application.
Infinite Campus Food Service is an optional module that manages cafeteria menus and
links with Point of Sale devices to process food service transactions.
Infinite Campus Messenger with Voice is an optional module that places voice phone
calls and/or SMS (text) messages to staff, students and/or parents based on triggers
(such as absences) or manual input (such as to announce special events).

Some districts have integrated their Campus District Edition installations with either
Microsoft’s Azure Active Directory or the Google Directory so that staff and/or students
can log into Campus using credentials from those external systems.
Management Strategy
The Kentucky Student Information System based on Infinite Campus is operated as a
service provided by Infinite Campus. Infinite Campus owns, monitors and administers all
equipment other than Point of Sale terminals. AT&T (on behalf of KDE) is responsible for
the network infrastructure used by districts to connect to the Internet, while districts are
responsible for their local networks, client devices, and Point of Sale terminals. A
dedicated VPN connection between the KETS and Infinite Campus networks, which is
used for a limited set of data transfers, is jointly managed by Infinite Campus and AT&T.

34