Punahou School in Honolulu has moved into the networking vanguard since presidential candidate Barack Obama graduated from the K-12 school in 1979.

The private school's 45 buildings are now connected via a fiber backbone and point-to-point laser system for short-range wireless communications, with Cisco switches and a voice-over-IP system for 500 phones, all installed in just the last two years. The 76-acre campus also is Wi-Fi enabled.

Except for the very youngest of Punahou's 3,700 students, most attending the school have a laptop assigned to them at the start of the school year, and are given strict instructions that it's intended for academic purposes, not fun and games.

"We have an acceptable-use policy and students have to sign it, and sometimes parents do, too," says David Parrish, chief architect of the IT network at Punahou. (Yes, if Barack Obama were in high school there now, he'd have to sign it, too, to use the school computer and network.)

Punahou recently installed Secure Computing's Secure Web appliance for Web and malware filtering, which blocks access to Internet porn and Web sites known to host malicious software. The school also decided to ban social-networking sites, such as Facebook, because the school administration wants to keep students focused on education.

"When I was in school, kids would pass notes," Parrish says. The modern equivalent, he says, is students contacting each other via the Internet or text messaging. While Punahou students are allowed to carry cell phones and personal devices, they cannot use them in the classroom.

In addition, Punahou has established a security policy based on 802.1X wireless authentication for laptops used by both students and faculty, setting up role-based access to the Internet using Microsoft Active Directory.

The school deployed Cisco's Security Monitoring Analysis and Response System (Cisco MARS) appliance to monitor the campus network to detect possible attacks, suspicious behavior or unauthorized application use.

"It's very good at getting a handle on what’s going on in your network," Parrish says. However, the MARS approach to mitigating problems -- which often is to shut down ports automatically -- isn't always the best approach for the school, he says.