Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC Jonn@martell.ca.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC Jonn@martell.ca."— Presentation transcript:

1 wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC October 3rd 2003 Copyright 2003 UBC Copyright 2003 UBC

2 University of BC (UBC) A Research 1 university
Public (and research) funded Motivation: Estrategy and UNP $30.6 M CDN wired project of which 10% was allocated to a specific wireless budget and project. High level support and buy in. Copyright 2003 UBC

3 The Largest Wi-Fi Campus network in the world….
5 million square feet of coverage 150+ buildings Over 1000 users (daily) Campus-wide coverage 1300 access points configured, installed and documented – up to 2000 possible. Now adding residential areas. Cited as the #1 item that stands out for new students. Copyright 2003 UBC

4 Copyright 2003 UBC

5 Prime Directives Meeting UBC’s mission: Research, Education and learning User centric & ease of use. Estrategy self service tools. Faculty, Student, Staff and guests/affiliate with sponsor Zero cost goal University funded Cost to user (dollars, time, grief etc). Built on standards and modular Copyright 2003 UBC

6 Biggest Issues Microsoft keeps shipping insecure default configurations Deploying & supporting Antivirus Deploying & supporting Personal firewall Aggregating intrusion alerts Copyright 2003 UBC

7 Survey of EDU environment
Secure and proprietary wireless EDU networks weren’t being used – denial of service? Cost of ownership can be difficult if not standards-based. Users come back from conferences or setup wireless at home and say, “it works there, why not here?” Users don’t care about security Copyright 2003 UBC

8 Technology 802.11b 11 Mbps everywhere
802.11g 54 Mbps as early as fall ‘03 802.11a 54 Mbps likely not campus wide, deployment on hold. Enterprise class equipment: Wireless access points: Cisco AP1200 and some AP1100 Powered Switched: Cisco 3550PWR Core/Carrier class: Cisco 4507R Colubris Wireless Gateway: CN3500 Nortel Contivity VPN Servers: 2700/1700 Copyright 2003 UBC

9 Conceptual Network Diagram
Copyright 2003 UBC

10 Balancing usability with security
Basic Access – Secure Web Login Only restricting (filtering) extremely flawed traffic (Microsoft Networking) Optional virtual private networking VPN (PPTPv2 and IPSec) Promoting safe computing Usability is more important to users than security Copyright 2003 UBC

11 Key to success Ease of use Designing for “zero cost”.
Low cost, standards-based network cards Handling security by heavy monitoring – access, time, traffic Automating abuse detection tools Advanced management tools – users don’t complain! Bad users are a small minority - let’s not punish good users because of the few bad users Copyright 2003 UBC

12 Triangulation to detect problems
Copyright 2003 UBC

13 VPN – Virtual Private Network
VPN no longer optional for Exchange, Microsoft File and Print etc. General service, free to faculty, staff and students. Works common campus single ID and password Supports both VPN standards (PPTP and IPsec) Copyright 2003 UBC

14 WPA & IEEE i WPA - Providing authentication and encryption between client and AP Will always be challenges to security VPN is here to stay…. Copyright 2003 UBC

15 Questions? www.wireless.ubc.ca
Jonn Martell, Copyright 2003 UBC

Download ppt "Wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC Jonn@martell.ca."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Ten Steps to Wireless for Libraries Live web event July, 21, 2005 WebJunction's Focus on Wireless Internet Access in Public Libraries.

Ten Steps to Wireless for Libraries Live web event July, 21, 2005 WebJunction's Focus on Wireless Internet Access in Public Libraries.
Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.

Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.
1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.

1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Wireless Networking TGIF, April 18th, 2003 Alvin Chew Kent Reuber

Wireless Networking TGIF, April 18th, 2003 Alvin Chew Kent Reuber
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A November 11 th 2003www.wireless.ubc.ca 1 Deploying the world’s largest campus IEEE 802.11b.

T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A November 11 th 2003www.wireless.ubc.ca 1 Deploying the world’s largest campus IEEE b.
Jonas Lippuner. Overview IPCop  Introduction  Network Structure  Services  Addons Installing IPCop on a SD card  Hardware  Installation.

Jonas Lippuner. Overview IPCop  Introduction  Network Structure  Services  Addons Installing IPCop on a SD card  Hardware  Installation.
Northern Arizona University Wi-Fi 2005 Flagstaff Campus Wireless Plan 4/11/2005.

Northern Arizona University Wi-Fi 2005 Flagstaff Campus Wireless Plan 4/11/2005.
Wireless networking Roger Treweek Oxford University Computing Services.

Wireless networking Roger Treweek Oxford University Computing Services.
Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………

Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?

Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
Cyber Security – Our Approach James Clement Network Specialist ETS: Communications & Network Services

Cyber Security – Our Approach James Clement Network Specialist ETS: Communications & Network Services
University of Maryland I.T. Security Gerry Sneeringer IT Security Officer

University of Maryland I.T. Security Gerry Sneeringer IT Security Officer
Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy Universal Access to Campus IT Resources Managed LAN portsFlexible.

Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy Universal Access to Campus IT Resources Managed LAN portsFlexible.

Similar presentations

Ads by Google