1 / 19

A General Access Wireless Network for University Campuses

This overview explores the goals, complications, and unique problems of implementing a general access wireless network for university campuses. It discusses the external and internal challenges, as well as the advantages and drawbacks of such a network. The article also provides recommendations and highlights the importance of listening to the needs and concerns of stakeholders and users.

pbaughman
Télécharger la présentation

A General Access Wireless Network for University Campuses

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A General Access Wireless Network for University Campuses Scott Sinclair Information Technology Services The University of Queensland scott@uq.edu.au

  2. Overview • What we mean by ‘General Access’ • Goals • Complications • The Battlefield • Unique Problems • The University of Queensland Model • How do we do it? • Questions (and hopefully answers!)

  3. ‘General’ Access = Nirvana • The Goal is Network Access for the masses: • Anywhere • Anytime • Any user • Any client environment • Any service • With or without wires • Oh… And make sure it isn’t too expensive and make it vendor neutral

  4. The External Battlefield • Typically education = classically problematic • Students, Staff and ‘External’ Users • All with their own unique qualities • Security, Scalability and Availability • Existing Policies, Legislation… e.g. Under 18 controls • Future Requirements • Ever increasing traffic volume • Local and remote resources – chaos • Well we’re standard, but… • VPNs, Specialised Requirements, Local rights…

  5. The Internal Space • Senior Management Group • Software Infrastructure • Infrastructure Management • Data Networks • Remote Access • Client Services

  6. The Scary Monsters • People who make decisions are finding out about this stuff • Conferences, Airports, Gloria Jeans • Or worse – they have HOME NETWORKS • Existing Wireless Networks already deployed – “Bunnings” installs • “It works.. so I guess it must be set up right” • Colossal security threat to the larger network • Try it for yourself – NetStumbler is free

  7. ‘General Access’ Wireless • Two Wireless Networks servicing very different requirements • One network for the masses • It’s a Jungle, no implied security… • Total traffic accounted across the link • Multiple networks for ‘private’ use • Departmental Wireless Networks • Secure access to local resources • All running on the same medium

  8. Advantages • Central Account Management • Leveraging off existing systems • Central Spectrum Management • Fewer angry users - Better QoS • Reduce the cost of implementation • Central Incident Detection and Response

  9. Drawbacks • Loss of ownership • You pay, we control • Can be overcome by consultation • Central Responsibility • Do it right, or you’ll be sorry • Need to be transparent • Need to listen to requirements and concerns

  10. How can we do it… • Network Design • Overall planning of the 802.11 space • Setting up of a Wireless Networkers’ Group • Stakeholders and Users • Role based user access • Ways of differentiating users on the network • Traditional Username/Password? MAC based? • Central ‘Ownership’ of the entire space

  11. This is how you sell it… • Central Account Management • Anyone can play – Web Browser Auth • Abstract the user from the back end • Plug in to bring on-line • Build One – Deploy Many • Deploying networks in nasty locations • Internet Kiosks • No need to herd cats

  12. Equipment • Hardware • Bluesocket WG-2100E Authentication Gateways • Variety of Base Stations and Access Points – Vendor Neutral – but…. • Software • RADIUS is the core • Airmagnet Sniffing Software • Account Management

  13. Features Used • Variety of Authentication Mechanisms • Backend Kerberos Username – 60,000+ • 802.11 Roaming • LDAP • Local Flat file (yoiks!) • Static IP Allocations • Realtime Role Management • Triggered by network events • Walk-Up ports • Why stop at Wireless? • Library, College, Wet labs, etc.

  14. Modifications • Requested Seamless Real-Time Role changing • Quota Exhausted • Unauthorised Activity • External ISP Applications - ADSL • Static IP allocations for special users • Walk-Up ports • Library, College, Wet labs, etc.

  15. Politics • University Administration as a whole • ITLO’s – UQ’s IT Departmental Contacts • Users – Who, When, What and Where

  16. Recommendations • Think not now – 12 months to 2 years • Expect everything to change • Be ready for ‘gee that would be cool’ • Profit from others mistakes • Scary Monsters • Biggest Lesson – LISTEN • If you don’t Risk being your own worst enemy • Admin, Users, RF guys, outside input

  17. Where are we? • Completed Proof of Concept Install • 4 week trial • Supplied from Microbits • Hardware Delivered • 2 Bluesocket WG-2100 Gateways • Base Stations installed • Plugging in existing wireless and wired networks

  18. Questions?

More Related