UTS WLAN Success Story

1
UTS WLAN Success Story

• Speaker Craig Wilkins
• ITD Communications Systems Planner
• craig.wilkins_at_uts.edu.au
• Technical Expert Peter Bahas
• ITD Senior Network Engineer
• peter.bahas_at_uts.edu.au
• http//www.wireless.uts.edu.au

2
Todays Topics of Discussion

• How We Got to Where We Are
• Initial Objectives of the WLAN
• The Major Issues of Such a Network
• Key Factor, IEEE Standards Based
• The Implemented Technical Solution
• The Implemented Technical Diagram
• Impregnable Security
• The Students Experience
• The Operational Experience

3
How We Got To Where We Are

• Pilot Project Focus on Administrative
  Procedures and Management
• Polled Staff and Students on Their Experience
  Post Pilot Project
• Let a WLAN Request for Tender to Identify a
  Preferred Supplier
• Start WLAN Project
• Design and Implement Solution
• Hand over to Network Operations

4
Initial Objectives Of The WLAN

• Improved efficiency for students and staff -
  able to gain network access from public spaces
• Provide network access where it was previously
  limited or inaccessible
• Reduce load and overcrowding within computer labs
• Ease of implementing functions, seminars,
  enrolments etc.
• Positive perception of UTS IT Division by UTS
  community that we are employing a modern and
  useful technology
• Marketing potential to entice a greater number of
  students to enroll at UTS

5
The Major Issues of Such a Network

• The implementation of a Security policy for
  Wireless Network Access
• Data Security (Encryption)
• User Authentication
• Network Access Policies
• Non Proprietary technology for ease of use
• Total mobility and seamless roaming for users
  across campus
• Sale and distribution of wireless cards
• Students personal computers must meet minimum
  requirements
• Minimising support and potential overload on
  Help Desk resources
• Advertising of the WLAN to the UTS community

6
Key Factor IEEE Standards Based

• The End User MUST be unaware of back-end solution
• Any WiFi 802.11b card will work in the network

7
Impregnable Security

• Non Proprietary Technology
• IEEE Does NOT use the words Security and Wireless
  in the same sentence
• Standard WEP was not Adequate for UTS Security
  Policy
• Vendor Specific Proprietary Solutions were
  Unacceptable
• Key factor, IEEE standards based
• Encryption to LDAP required
• Utilise Native OS VPN (IPSEC) drivers
• Location and user based network access control

8
The Implemented Technical Solution

• Used WLAN APs as simple transmission devices
  only
• Turned off all encryption protocols on WLAN
  equipment
• Utilised native VPN (IPSEC) in PCs Operating
  Systems
• Purchased a 3rd Party box to bridge wireless
  users to the network which performs the following
  functions
• Initial Registration
• Authentication
• Roaming
• Dynamic DHCP
• Operational Management
• Operational Diagnostics

9
The Implemented Technical Diagram

802.11b signal
1. Standard Cabling Connectivity
LDAP Server
Access Point
To NSW RNO "AARNET"
DHCP Server
WLAN Connect Server
File Server
Firewall
Router
Core Switch Router
Distribution Switch
Click to Next slide
10
The Implemented Technical Diagram

802.11b signal
2. User enters UTS WLAN Hotspot
LDAP Server
Access Point
To NSW RNO "AARNET"
DHCP Server
WLAN Connect Server
File Server
Firewall
Router
Core Switch Router
Click to Next slide
11
The Implemented Technical Diagram

802.11b signal
3. Dynamic DHCP is provided to user
LDAP Server
Access Point
To NSW RNO "AARNET"
DHCP Server
WLAN Connect Server
File Server
Firewall
Router
Core Switch Router
Click to Next slide
12
The Implemented Technical Diagram

802.11b signal
4. Authentication and Set Up Encryption
LDAP Server
Access Point
To NSW RNO "AARNET"
DHCP Server
WLAN Connect Server
File Server
Firewall
Router
Core Switch Router
Click to Next slide
13
The Implemented Technical Diagram

802.11b signal
5. Connection is Made VPN Established
Access Point
UTS NETWORK
INTERNET
Core Switch Router
Click to Next slide
14
The Students Experience

• Simplicity
• Student has computer that meets minimum
  requirements
• Student purchases WiFi and 802.11b compliant card
  
• Student enters wireless hot spot at UTS
• WLAN detected, User dynamically assigned a
  network address
• User is portalled to customised UTS Wireless
  webpage via browser
• Download Mobile Domain Utility (MDU) from portal
  page
• Install MDU on computer by following install
  wizard
• Login to UTS WLAN using MDU with UTS email login
  and password
• NETWORK ACCESS

15
Initial Screen Shot Experienced by User

16
MDU Download Screen Shot

17
The Network Management Experience

• Ease of Management
• Central Management platform for entire WLAN
• Comprehensive diagnostic and monitoring tools
• Automated user management system
• Authentication and Access priveledges using
  existing data base (LDAP)
• Centralised configuration and automated
  propogation to entire WLAN
• Automated backups and DRP
• Maintenance staff more efficient with improved
  mobility

18
Network Operations GUI- Edge Controllers

19
Benefits To Staff And Students

• Relieves pressure on Computer Labs - now used
  primarily for Course Work
• Students can form break out study groups in WLAN
  lounge areas
• Access to server files in café and coffee shops
  (more productive?)
• Increased efficiency due to advantage of
  on-the-fly set up of network for special
  occasions
• Use of PDAs for file access and telephony - IPT
  over WLAN
• Students can access their e-mail whilst waiting
  to enter a class
• Troubleshooting and fault resolution from any
  WLAN hotspot
• Providing network access to areas which were
  previously inaccessible due to cabling
  restrictions

20
Benefits To UTS

• Cost savings reducing number of Lab seats
  required
• Cost savings due to more efficient Operations
  (staff efficiencies)
• Ability to network an area which is difficult to
  cable
• Improved reputation regarding modern technology
• Potential increased revenue from International
  students
• Solution is easily scalable for future expansion
• Cost cutting on mobile phone calls IPT over
  WLAN (potential)

21
Lessons Learned

• Staff Training
• Ensure ALL Operations resources are totally
  comfortable with the technology before going live
• Ensure Help Desk resources are well informed of
  the project and the support policies before going
  live
• Ensure up to date communication of issues
  relating to WLAN are passed on to Help Desk
• Research availability of spares and maintenance
  for ALL equipment in the local market
• Do not let client demands dictate the project Go
  - Live date
• Do not introduce a new Wizz Bang product
  without researching their competitors

22
Ongoing Issues

• Help Desk support levels for Students and Staff
• Staff are still not thoroughly trained
• Students are requesting expansion of service
• A post implementation review of HD support is
  required
• Networking issues NOT related to WLAN are
  perceived as WLAN faults
• No local maintenance available for 3rd party
  product
• Sale and distribution of wireless cards
  (deflected to retail outlet)
• Students personal computers dont always meet
  minimum requirements
• Updating aadvertising of the WLAN to the UTS
  community
• Prioritising future WLAN Hot Spot locations

23
QUESTIONS ?