wireless.ubc.ca 1. No static WEP (doesn't scale past the workgroup). Plan to use WPA/802.11i which uses dynamic WEP/TKIP (and ultimately AES)
2. We use captive portals (Colubris CN3500) which uses a secure Web page to authenticate back to RADIUS (FreeRADIUS) which is then connected to our back end LDAP/Oracle user repository. We also run a parallel VPN service (until 802.11i/WPA matures although we still to worry about our users connecting from insecure remote sites) also connected via RADIUS. We support both PPTPv2 and IPSec (although VPN is a pain to support). 3. We use open DHCP, with planned filtering at the AP to prevent DHCP spoofing. There is extensive logging. 4. No fee for Faculty/Staff/Student. Will be charging for guests not associated some way with the University. 5. We use Cisco AP1200 and AP1100s 6. Suggestions: Get a large scale pilot going first; this will flush out important (and sometimes controversial) network design issues. Don't assume that people will be understand/use security. You need to balance usability with security. Set (and reset) expectations at every level. If you don't make the system simple to use, you won't get large scale adoption. More info on our implementation: www.wireless.ubc.ca Jonn Martell, Wireless Network Project Manager University of British Columbia - University Networking Program 2011 West Mall, Vancouver, Canada, V6T 1Z2 [EMAIL PROTECTED] http://www.wireless.ubc.ca > -----Original Message----- > From: Daniel, Colin [mailto:[EMAIL PROTECTED]] > Sent: Thursday, November 21, 2002 1:37 PM > To: [EMAIL PROTECTED] > Subject: [WIRELESS-LAN] Wireless Survey > > > All: > After monitoring this list for quite a while, the time has come to start rolling out >(on a small scale) wireless here at Montana State University. I have a few questions >that I could use your (the voice of experience) help with. I'll try and keep this >brief, and thanks in advance for your time. > > Do you use WEP and if so what level of encryption? > Do you use a Radius server or another means of authentication? > Do you use DHCP and if so is it open or reserved? > Do charge a fee for wireless access and if so how much? > Which vendor did you select for your wireless infrastructure? > If you have any additional information/suggestions/warnings I would greatly >appreciate the advice. > > Thanks, > Colin Daniel > Network Analyst > Montana State University > [EMAIL PROTECTED] > (406)994-4981 > > ********** Participation and subscription information for this EDUCAUSE Constituent >Group discussion list can be found at http://www.educause.edu/memdir/cg/. > > ********** > Participation and subscription information for this EDUCAUSE Constituent Group >discussion list can be found at http://www.educause.edu/memdir/cg/. > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/memdir/cg/.
