DOCSLIB.ORG

Enforce: Integration with Google Workspace for Education

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Enforce: Integration with Google Workspace for Education Enforce: Integration with Google Workspace for Education Table of Contents Prerequisites .................................................................................................................................................................................. 1 Current Restrictions .................................................................................................................................................................... 2 Assumptions ................................................................................................................................................................................. 2 Overview of Steps ....................................................................................................................................................................... 2 Configure Google Workspace for Education ..................................................................................................................... 2 Create a Project ........................................................................................................................................................................... 3 Create the JSON File .................................................................................................................................................................. 3 Enable Domain-wide Delegation ............................................................................................................................................ 4 Enable APIs and Services .......................................................................................................................................................... 5 Manage API Client Access ....................................................................................................................................................... 6 Enroll a Chromebook ................................................................................................................................................................. 6 Secure WLAN ............................................................................................................................................................................... 8 Configure a Role .......................................................................................................................................................................... 8 Configure the SSID ................................................................................................................................................................... 10 Validate ......................................................................................................................................................................................... 10 Conclusion .................................................................................................................................................................................... 11 References .................................................................................................................................................................................... 11 Enforce: Integration with Google Workspace for Education (Applicable to software release 8.9.0 and higher) Google Workspace for Education is a collection of tools like Classroom, Gmail, Drive, Calendar, Docs, Sheets, Slides, Sites, and Hangouts, allowing teachers to: Effectively collaborate with students in and out of the classroom Keep classes organized Improve communication with students. For more information, visit Google Workspace for Education . Enforce is the Arista solution that integrates Google Workspace for Education and Wireless Manager. Enforce allows the school to restrict devices allowed on the network by assigning VLANs, firewall rules, bandwidth control, and redirection based on user roles. Enforce has been tested on Android, iOS, and Chromebook devices. This document walks you through the steps to set up Enforce. It describes a simple use case of setting up Google Workspace for Education for devices, setting up a device, and creating the connector between Google Workspace for Education and Wireless Manager. Once Enforce is set up, the connection workflow of a user proceeds as follows: A user connects to the wireless network using either the pre-shared key (PSK) or their 802.1x credentials. Neither of these wireless authentication mechanisms restrict which device (e. client MAC address) is used to connect; if the credentials are correct, the user can connect. Once the user is successfully authenticated on the SSID, the access point (AP) compares the client’s MAC address to the MAC list that the AP has downloaded from and synced with the Google device manager. If the MAC address is on the list, the client is allowed on the network. If the MAC address is not on the list, the client can be immediately disconnected or redirected to a web site and restricted as to what it can access. Prerequisites The following rights and licenses are needed to set up Enforce successfully: Google Workspace for Education is set up and configured properly. This includes School domain has been validated Users and groups have been created The proper licenses for Google device management have been acquired Access to Google Workspace for Education with administrator rights Access to Wireless Manager with administrator rights © Arista Networks | 1 WiFi has been configured with two SSIDs: one for onboarding and one for normal use. Current Restrictions 1. Role-assignment does not work with SSID profiles in NAT mode. 2. Radio Resource Management (RRM) features are currently not supported with Enforce. 3. Google Organizational Units (OU) is currently not supported. Assumptions For simplicity, the following assumptions have been made: Management of school-owned devices only, no BYOD Google Workspace for Education is used for Enterprise Mobility Management (EMM) Google Workspace for Education has been setup, validated, and configured for the school Only Chromebooks are being set up Devices have not yet been set up in Google’s device management. Overview of Steps Prerequisites: Google Workspace for Education is set up, the domain verified, and the administrator has logged in. Licenses have been purchased for Google device management. Two SSIDs (onboarding and regular use) have been set Broadly, the steps to set up Enforce are as follows: 1. Configure Google Workspace for Education Important: The steps in this section are documented based on the Google implementation at the time this document was created. The steps may change if the Google process workflow changes. Arista will support such changes on a best effort basis. We recommend that you contact Google directly for full support. 2. Enroll a Chromebook 3. Create Roles in WM Each step is explained in detail in the following sections. Configure Google Workspace for Education The Google Workspace for Education configuration consists of five parts. The first four parts are to be configured in the Google developer’s console, and the last one in the Google admin console. In the Google developer’s console: © Arista Networks | 2 1. Create a project 2. Create a JSON file 3. Enable domain-wide delegation 4. Enable APIs and Services In the Google admin console: 5. Manage the API client access The following sections describe each of the previous steps in detail. Create a Project 1. Log in to the Google developer’s console: https://console.developers.google.com/apis. 2. Click the projects icon as shown in the following figure. Click “New Project” and create a new project. Create the JSON File 1. Select the project you crated in the previous step. 2. Go to API > Credentials > Create Credentials > Service Account. © Arista Networks | 3 3. In the “Service account details” section, enter the service account name and description, and click “Create”. 4. In the “Service account permissions (optional)” section, click “Continue” without selecting a role. 5. Leave the “Grant users access to this service account (optional)” portion empty, and in the “Create key (optional)” section, click “Create Key”. 6. Select “JSON” under “Key type” and click “Create”. The key is saved on your computer. 7. Click “Done” on the “Create Service Account” page. Enable Domain-wide Delegation 1. On the left-hand navigation menu, select “APIs & Services” and “Credentials”. 2. In the Service Accounts section of the Credentials page, select the email for which you want to enable domain-wide delegation, and then click the “pencil” edit icon as shown in the following figure. © Arista Networks | 4 3. In the Service account details page, select “Enable Google Workspace Domain-wide Delegation” and save the settings. Enable APIs and Services 1. On the left-hand navigation menu, select APIs & Services > Dashboard, and then select the “ENABLE APIs AND SERVICES” tab. 2. In the Search bar above the tab, search for “Admin SDK” and select the “Admin SDK” result as shown in the following figure. © Arista Networks | 5 3. Click Enable on the Admin SDK screen. Manage API Client Access 1. Log in to the Google admin console: https://admin.google.com/ 2. From the main menu, go to Security > Settings > Advanced Settings > Manage API Client Access. 3. In the Client Name field, add the client ID from the JSON file saved on your computer (from the Create JSON section). 4. In the “One or More API Scopes” field, add the following URLs (comma-separated) and click “Authorize”:
Load more

Recommended publications
  • Microsoft 365 Education Provides Better Value to Schools Than Google Workspace
    Microsoft 365 Education provides better value to schools than Google Workspace The Microsoft 365 Education solution helps schools realize great value in many different ways. By partnering with Microsoft, you can: Include all students Empower Provide students Satisfy your at no extra cost educators with the tools they Microsoft software using Student to unlock creativity need to learn needs in a single, Use Benefits1 and find more their way3 cost effective, time to teach2 license Take a look at an example of how Microsoft 365 provides better value than Google Workspace Plus in a district with 86,500 students and 3,800 faculty and staff4 Microsoft 365 Google Workspace Education A3 for Education Plus Total annual cost to your $244,872 $432,500 school Annual $64.44 / staff license $60.00 / student license5 License cost One paid staff license = Four paid student License 40 student licenses licenses = one included included through benefits staff license Student Use Benefits1 You pay for 3,800 staff licenses 86,500 student licenses Additional 21,625 covered staff 152,00 student licenses licenses licenses provided Room to grow 65,500 student licenses 17,825 staff licenses Microsoft 365 Education is the best choice to maximize your budget and prepare for your growing student population 1. Student Use Benefits provides free licenses to students when 100% of faculty and staff have a paid license at a rate of 40 students per paid faculty license 2. Total Economic Impact Study – Forrester 3. Microsoft Accessibility and Assistive Technologies for Education a TEI Analysis 4. Enrollment numbers are based on an actual higher education school district.
    [Show full text]
  • Businesses at Work Powered by March 2021
    Supplement for the GGV Capital Evolving Enterprise Conference Businesses at Work powered by March 2021 Okta, Inc. okta.com [email protected] Businesses at Wor k Contents 3 Introduction 4 Methodology: how did Okta create this report? 5 Apps at work: our most popular apps 8 The fastest growing apps 10 Remote work 12 Developers at work 15 Looking forward, moving ahead Businesses at Wor k 3 Welcome to a supplemental Businesses at Work report, prepared for the GGV Capital Evolving Enterprise conference. Our report dives into how organizations and people work today — exploring workforces and customers, and the applications and services they use to be productive. Our most recent annual Businesses at Work report launched in January 2021. This update dips into fresh data, revealing some important changes in how companies are gearing up for 2021. Last spring, as the pandemic became a global concern, our worlds were flooded with change. We turned to technology to stay afloat. Families scrambled to get equipped for remote learning, companies rushed to support their remote workforces, and organizations quickly developed new online experiences for customers. As the pandemic accelerated, tech solutions once preferred only by “early adopters” became survival tools for companies across all industries, and the population as a whole. It’s from this unprecedented lens that we view the data from Okta’s more than 10,000 customers and the Okta Integration Network (OIN), which includes over 7,000 integrations with cloud, mobile and web apps, as well as IT infrastructure providers. Our top apps underscore the new necessities of remote work: collaboration, security, employee engagement..
    [Show full text]
  • Everything Teams Need to Do Their Best Work, from Anywhere
    Everything teams need to do their best work, from anywhere Google Workspace seamlessly integrates all of the core elements of work, like email, chat, voice and video calling, document collaboration, storage, task management, and admin and security tools so your users can communicate and collaborate easily and securely, from wherever they are. How Google Workspace is different Simple Helpful Flexible Secure Apps chosen by Industry-leading AI A workspace that Secure, cloud-based billions of users — lets you focus on scales with your controls are easy to not mandated by IT high-value work organization manage Real-time collaboration Smart writing suggestions Built-in engagement tools Intelligent security insights helps teams work in help users create quality enable organizations to help you reduce risk parallel and move faster content, quicker exchange ideas and gather feedback Proactive protections help Intuitive, reliable mobile AI-powered data tools keep users secure apps make it easy to pick promote data-driven Google Workspace up where you left off and decision making integrates with the other Simple controls enable get work done on any business applications you centralized manageability device Intelligent meeting already use so you can capabilities make it easier work across platforms Closely integrated apps to collaborate across lead to better alignment languages and regions More than 6M businesses have chosen Google Workspace Why Google Workspace makes sense for your business Companies with engaged employees have higher 68% retention
    [Show full text]
  • 3 Retailers Who Have Streamlined Operations and Improved Customer Experiences with Google Cloud
    3 RETAILERS WHO HAVE STREAMLINED OPERATIONS AND IMPROVED CUSTOMER EXPERIENCES WITH GOOGLE CLOUD SADA / 3 RETAILERS WHO HAVE STREAMLINED OPERATIONS AND IMPROVED CUSTOMER EXPERIENCES WITH GOOGLE CLOUD / © 2020 SADA. All Rights Reserved. Table of contents 03 / Introduction 05 / Z Gallerie boosts productivity in stores nationwide with Google Workspace 07 / A world of tile experiences increased ease of business communication with Google Workspace 09 / Sunrider communicates worldwide in real-time with Google Workspace Retailers are finding themselves faced with a Introduction transformation driven by consumers who have come to expect a seamless experience between online and in store. These customers are interested in shopping experiences that ease their buying journey by making recommendations for them and helping them find what they need. In addition, today’s savvy customers want the entire experience to be faster and more personalized than ever before. Leading retailers across the globe are turning to Google Cloud to address these challenges. 3 Power digital transformation and win the hearts of Get insights faster customers with Google Cloud Google Cloud helps retailers pull valuable insights out of Scale your infrastructure massive amounts of data with its data analytics, AI, and machine learning capabilities. Innovative AI solutions Global retailers are using Google Cloud Platform (GCP) help retailers train models to interact with customers for its flexibility, reliability, and powerful computing. and provide insightful direction for agents. BigQuery, GCP ensures your infrastructure and operations can a fully managed serverless data warehouse, provides meet the demands of both preplanned sale days and insights faster to fulfill your mission, and Google Data unexpected spikes in traffic.
    [Show full text]
  • Google Workspace Security Whitepaper
    Google Workspace security whitepaper Table of contents Table of contents 1 Introduction 3 Disclaimer 3 Google’s security and privacy focused culture 4 Employee background checks 4 Security training for all employees 4 Secure Environment 4 Internal security and privacy events 5 Our dedicated security team 5 Our privacy teams 5 Internal audit and compliance specialists 6 Collaboration with the security research community 6 Operational security 7 Vulnerability management 7 Malware prevention 7 Monitoring 8 Incident management 9 Technology with security at its core 10 State-of-the-art data centers 10 Powering our data centers 10 Environmental impact 11 Custom server hardware and software 11 Hardware tracking and disposal 11 A global network with unique security benefits 12 Encrypting data in transit and at rest 13 Low latency and highly available solution 13 Service availability 14 Supporting compliance requirements 15 Regulatory compliance 16 Independent third-party certifications and attestations 16 Data usage 16 Our philosophy 16 No advertising in Google Workspace 16 1 Data access and restrictions 17 Administrative access 17 For customer administrators 17 Law enforcement data requests 17 Third-party suppliers 18 Empowering users and administrators to improve security and compliance 19 Access and Authentication 20 2-step verification and security keys 20 Single sign-on (SAML 2.0) 20 OAuth 2.0 and OpenID Connect 20 Information Rights Management (IRM) 20 Restricted email delivery 20 App access based on user context 21 Asset Protection 22
    [Show full text]
  • Setting up Match My Email (MME) in Salesforce.Com Using Google Workspace
    Setting Up Match My Email (MME) in Salesforce.com using Google Workspace The steps in this guide must be performed by a Google Workspace Super Admin for Email Service Connection and a Salesforce System Administrator for app setup within the Salesforce instance, Sandbox or Production. If a Super Admin in Google Workspace is not available, please return to the Match My Email Support page and use the setup guide listed for All Others. Table of Contents 1. Perform Steps in Google Workspace for API Connection .......................................................................... 1 2. Prior to package install: Enable Chatter, Enable Actions in Publisher, and Confirm My Domain .............. 5 3. Install Match My Email AppExchange Package in Salesforce.com ........................................................... 6 4. Proceed with Match My Email account setup ............................................................................................. 7 5. Best Practice: Add Ignore Rule for Email Domain ................................................................................... 10 6. Confirm company-wide settings for Matching and Upload Rules ............................................................. 10 7. For Enterprise & Unlimited Editions Only: Change Email Message Page Layout .................................... 11 8. Add Email Messages component to Lightning Record Pages.................................................................. 12 9. Optional: Convert to Match My Email’s Send Email button .....................................................................
    [Show full text]
  • Work Remotely with Google Workspace
    Work remotely with Google Workspace Help teams stay productive, wherever they are With Google Workspace, we’ve been building toward flexible work environments for more than a decade. Distributed teams need a combination of email, chat, video calling, real-time document collaboration and shared files — all in the cloud to ensure everyone has access to the latest version. It’s why customers like Colgate-Palmolive, Salesforce, and Whirlpool choose Google Workspace to bring their teams into the future of work. Designed for flexible work environments A successful transition to remote work requires more than just video conferencing or real-time chat. It requires a secure, integrated solution that helps people collaborate and communicate, wherever they are. Google Workspace has been a huge enabler of our new normal of working from home. Google Workspace is an integrated workspace that powers cloud-based Hangouts Meet is vital in collaboration so people can have impact — wherever they’re working from. keeping our teams socially connected, and Docs, Gmail and the full Google Workspace family of apps has the team's Security comes first in everything we do productivity and collaboration With Google Workspace, you get the same secure-by-design infrastructure, working as if we were in the built-in protection, and global network that Google uses to secure your office. The reliability and information and safeguard your privacy. Counter-abuse and security performance of Google features are on by default, and comprehensive user and device management Workspace has allowed the IT are included in every Google Workspace license. Our adherence to team to focus on other recognized international security and privacy standards is certified and challenges we face with a validated by independent auditors — wherever your data is located in Google remote workforce.
    [Show full text]
  • 【Rakumo Sync】 Installation Manual
    Installation Manual The tool which makes a calendar of Salesforce and Google Workspace synchronous with both directions in real time rakumo inc. 2021/05/26 Copyright Ⓒ rakumo inc. All Rights Reserved. About This Manual The rakumo Sync is the tool which makes calendar of Salesforce used in the company and a Google calendar of Google Workspace (old name : G Suite) synchronous with both directions in real time. This manual is intended to provide you with preparations and the specification of rakumo Sync . When introducing, please refer to this manual. 2 Table of Contents 1. rakumo Sync is installed in Salesforce. .................................................................................... 4 2. A license of rakumo Sync is given to the user ......................................................................... 9 3. rakumo Sync Admin and rakumo Sync Engine are established ........................................... 10 3-1 rakumo Sync Admin is established. ..................................................................................... 10 3-2. rakumo Sync Engine is established. .................................................................................... 13 4. Google Workspace is established .......................................................................................... 16 5. The user is established. .......................................................................................................... 22 Register all at once using the CSV file. ..................................................................................
    [Show full text]
  • Google Workspace Vs. O365 Impact on Business Introduction and Landscape
    Google Workspace vs. O365 Impact on Business Introduction and Landscape Picking a productivity software suite for a company is no longer as simple a choice as it used to be. Microsoft Office, once the only option, is now competing against several alternatives, most prominently Google Workspace*. Microsoft and Google each make a number of claims about how its product can improve the way a company operates. Google commissioned Quadrant Strategies to examine and compare the effects of both softwares on the companies that use them—and not by lining up the feature sets of the two suites—by listening to what users say in companies using one of the suites compared to what users say in companies using the other suite; and doing that in a quantitative survey that would give us statistical confidence in any differences we found. To make sure we were getting an apples-to-apples comparison, we carefully balanced the two groups of respondents: those using only Microsoft Office 365, and those using Google Workspace. The goal was to make sure the groups had the same profile across all characteristics that could influence the results—same company size profile, same industry vertical profile, same country profile, same age profile of the respondents, same ratio of managers to non-managers, and same job function and department within their companies. We wanted to filter out every confounding factor, in order to leave the only explanation for any differences as the productivity suites. A detailed look at the profiles of the survey respondents is contained in Appendix A. We then asked the respondents the same set of questions, and compared the results.
    [Show full text]
  • Google Workspace
    Do your best work, all in one space: Google Workspace So, what's Google Workspace? Google Workspace, formally G Suite, now packs an integrated workspace designed to be and function in a way that is truly helpful. Imagine a technology so seamless and intuitive that it feels invisible, yet anticipates our needs and augments our work so that we can maximize our time! That's Google Workspace for you in a nutshell. Just like G Suite, all Google Workspace plans provide a custom email for your business and includes collaboration tools like Gmail, Calendar, Meet, Chat, Drive, Docs, Sheets, Slides, Forms, and Sites. Google Workspace will help your teams create, communicate, and collaborate from anywhere. Jump on a secure video call on the go, collaborate together in real-time on any file in Docs, Sheets, and Slides, and easily share content from any device seamlessly. Here's what you can expect with Google Workspace Pure cloud-based solution - Easy setup and manage users, devices, and data; 1. giving you more time to focus on your business. Simple and easy to use - Most of your employees are probably already familiar 2. with Gmail, which helps reduce the time required to learn new tools. Enhanced collaborative work - With Google Workspace, you'll seamlessly connect 3. employees and organizations to/from the cloud in real-time and on any device. 95% of Google Workspace users are 85% of users say Google Workspace able to easily work with multiple helps break down silos that impede people in the same document vs 84% effectiveness vs 74% of Office 365 of Office 365 users.
    [Show full text]
  • Haven Schools
    HAVEN SCHOOLS Chromebook Student/Parent/Guardian User Agreement & Educational Workspace Account To Student, Parents and Guardians Haven Schools require each student to have a touchscreen Chromebook device in 6th through 12th grades. Our current 12th graders will still have the option to continue using an iPad. New students entering 12th grade will need a Chromebook. The network, including the Internet, is a tool for research and education. Chromebooks and the network must be used for educational purposes while on campus. Chromebooks and usage are a privilege not a right and may be revoked at any time for inappropriate conduct. Students are expected to abide by the following rules and behavioral expectations on school campuses: USE OF EQUIPMENT ● The Chromebook is to be used for educational purposes only while on campus. ● Student/Parents/Guardians are responsible for the device, and the school is not responsible for breakage nor repair. THE NETWORK ● Engaging in online activities that are inappropriate will result in automatic termination of the student's network/Internet privileges at the administrator’s determination and discretion. ● Sending messages via school technology with the intent to intimidate, frighten, threaten, or bully another person is considered harassment and will have significant consequences. ● Students may not change, alter, bypass, or attempt to bypass any Chromebook security measures including filtered Internet sites for inappropriate content, or VPN. PRIVACY ● It is a violation to share your Chromebook or your password with anyone else or to access any account belonging to other students, faculty, or staff. MANAGEMENT ● Havens Schools require the addition of a Google License for each device, and that device will be required to be enrolled in The Haven Google for Education Domain to monitor safety and security of content and state testing requirement from the Department of Education.
    [Show full text]
  • 7 Organizations That Increased Productivity with Google Workspace for Government & Nonprofits
    7 ORGANIZATIONS THAT INCREASED PRODUCTIVITY WITH GOOGLE WORKSPACE FOR GOVERNMENT & NONPROFITS Supercharged collaboration & boosted mission impact SADA / 7 ORGANIZATIONS THAT INCREASED PRODUCTIVITY WITH GOOGLE WORKSPACE FOR GOVERNMENT & NONPROFITS / © 2020 SADA. All Rights Reserved. 1 Table of contents 03 / Introduction 06 / State of Arizona boosts productivity and saves millions with Google Workspace 09 / SADA helps LACMA go Google & save $125,000 annually 13 / San Antonio housing authority creates dynamic communities with the help of Google Workspace 18 / Franklin County communicates and collaborates effectively with Google Workspace and Google Vault 21 / City of Monterey empowers city-wide advancement and saves cost with Google Workspace 25 / The World Wildlife Fund works more effectively with Google Workspace 28 / Kansas State Department of Wildlife and Parks leverages the benefits of the Cloud with Google Workspace Government agencies and nonprofits are making the Introduction move to Google Workspace because it provides them with the technology needed to sustain and evolve in a rapidly changing, data-driven and digital world. Google Workspace for Government and Nonprofits offers your organization straightforward, secure and cost efficient tools that allow your team to focus on your goals and not on IT. 3 Stay connected Reduce IT costs Google Workspace gives your team the virtual legs Google Workspace is an optimal solution for tight they need to run smoothly and effectively whether government and NGO budgets. Save on IT costs by they are working on-site or around the world. With eliminating the need to buy or maintain servers or Google Workspace, your organization can access additional software. Plus, with automated updates and email, calendars, documents, and files anytime and a simple interface, your agency will spend less time and from any device.
    [Show full text]