[unisog] Campus Wireless deployment models - 3 questions - feedback appreciated

Eric Weakland eric at american.edu
Fri Feb 10 13:43:02 GMT 2006


First of all - Thanks to everyone who participates in this list - it is a 
great resource.

We are currently going through a network redesign and are considering 
options for changing the placement and deployment model of our wireless 
network.  I wanted to get a "market view" of what a lot of other 
university's are doing. 

I would be most greatful if you could all respond to a couple of questions 
- I will be posting this to the perfigo (Cisco Clean Access) list also, so 
my apologies if you get this twice.  Don't be afraid to be very brief and 
technical in your responses - you don't have to make it palatable for a 
non techie audience!  I'll take care of that.

My thoughts on the question are as follows:

        I favor a QOS - type model - we can support multiple vlans and 
SSID's - multiple personalities on our wlan.  For example:

                1. fairly open "starbucks" type of wireless network, but 
that network must be isolated from the University network and offer a very 
low level of service - strictly web browsing.  Still would require simple 
"registration" of your device when connecting so that we can contact you 
if you've been turned into a "bot" or you're behaving badly.

                2. Student centric wlan - This would require not only 
registration, but also encryption like WPA that is supported on virtually 
any platform.  Access to the internet and certain student resources like 
our student courseware, email and portal.
                3. Staff/Faculty wlan - same as #2 but would also add 
heavier encryption (via ssl vpn) to access more sensitive resources.

Thanks again and feel free to reply directly to me or to the list - I will 
be glad to summarize to anyone that is interested. 

Eric Weakland, CISSP
Director, Network Security
Office of Information Technology 
American University
eric at american.edu

1.  Do you offer an "open access" wireless lan? 

2. If so do you required any sort of device registration and/or 
encryption?  If your answer is no, how do you deal with potential legal 
risks from things like filesharing?

3. Do you offer varying levels of service on your wireless lan?  For 
example - an "open access" wireless lan that offers only web browsing to 
non university resources, and a registration/WPA required wlan for student 
access etc? 

More information about the unisog mailing list