Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dartmouth’s Wireless Network May 16, 2005 David W. Bourque.

Published byJanice Martin Modified over 8 years ago

Similar presentations

Presentation on theme: "Dartmouth’s Wireless Network May 16, 2005 David W. Bourque."— Presentation transcript:

1 Dartmouth’s Wireless Network May 16, 2005 David W. Bourque

2 Topics Background (Dartmouth’s Wireless Network pre 2005) Dartmouth’s Wireless Network, Where Is It Going? “Fat” versus “Thin” Access Points An Architectural Evolution Virtual Networks Client Mobility Securing The Wireless Network The Aruba Wireless Location Tool Managing The Wireless Network Questions and maybe some Answers

3 Background Campus roughly one mile square User population is about 6000 Roughly 200 buildings/structures Campus is completely wired Currently over 1,000 wireless Access Points deployed –300 Cisco Systems –700 Aruba Wireless Networks

4 First Generation Deployment Installed over 18 months beginning in 2001 Cisco Aironet 350 series Approximately 500 APs installed Approximately 2200 active users per day Dartmouth’s wireless network named “Kiewit Wireless”

5 Dartmouth’s Wireless Network, Where Is It Going? Removing all of the existing Cisco 350 –“Fat” access points Installing Aruba Wireless Networks –“Thin” access points –Approximately 1400 devices at project completion Current status –Over 700 Aruba access points installed –85 buildings have been upgraded

6 “Fat” versus “Thin” Access Points Cisco Systems “Fat” access points –802.11b, 2.4 GHz, 11 Mbps data rate –Managed individually –All network decisions made at the access point –Hundreds of configuration files –Can operate as an independent stand-alone device Aruba Networks “Thin” access points –802.11b, 2.4 GHz, 11 Mbps data rate –802.11g, 2.4 GHz, 54 Mbps data rate –802.11a, 5.8 GHz, 54 Mbps data rate –Managed from a central tool, the “aruba master” –Network decisions made at a central tool –One “master” configuration file –Requires network connectivity to “aruba master” to operate

7 Architectural Evolution Media Access 802.11b RadioPolicy Mobility Forwarding Encryption Authentication Management “Thin” Access Points Centralized WLAN Systems “Fat” Access Points Diagnostics Calibration Monitoring Enforcement Location 802.11a radio 802.11n radio

8 Next Generation Wireless & Virtual Networks Increase AP density and thus bandwidth –Reduce or eliminate weak client pulling down others –Load balance associations in high client areas Develop three “Virtual” wireless layers –Kiewit Wireless Expand for general purpose bandwidth –Kiewit Voice Developed for wireless VoIP devices –Kiewit Video Developed for streaming video and latency sensitive services Kiewit Wireless and Kiewit Voice –Build for mobility

9 Client Mobility What does it mean? –Seamless movement from one access point to another access point within the same virtual network within the same wireless zone –Configuration Option: Clients get to start the day with one IP address and keep it throughout the day as they move across campus

10 Dartmouth’s Wireless Zones

11 Securing The Wireless Network Currently “Kiewit Wireless” is full and open access –Will become a guest network –Will become restricted to off campus Internet access only through firewall and router configurations –Will become bandwidth limited by firewall policies New secure data network will become available –TBD name “Kiewit ?” –Secure through one or more of the following 802.1x E-Token Authentication Dartmouth developed “Green Pass” “Kiewit Voice” –Not generically visible, “hidden” network name –Currently secure through MAC based authentication –Network traffic restricted through firewall and router settings to internal Dartmouth network –Bandwidth limited to 1 Meg “Kiewit Video” –On less popular, less crowded, less interference 802.11a band –Requires login through Captive Portal –Once authenticated full access and bandwidth

12 Securing The Wireless Network Special AP configured to only monitor “Air Monitor” –Allows for rapid detection of intrusions –Allows for more accurate client location Automatically defending the network against –Ping attacks –TCP SYN attacks, rate selectable An attempt to keep a server busy by opening many TCP sessions –Bridging between wireless users Ad-Hoc networking –IP Spoofing Changing IP addresses from the same MAC address –Man In The Middle Pretending to be the “sender” or “receiver”

13 The Aruba Wireless Location Tool Real time client location demo

14 Managing The Wireless Network Real time screens of the Aruba-Master

15 Questions And Maybe Some Answers Thanks!

Download ppt "Dartmouth’s Wireless Network May 16, 2005 David W. Bourque."

Similar presentations

Designing for Pervasive Network Security. Designing for Security Our aim in this section will be to concentrate on how campus Networks can be designed.

Designing for Pervasive Network Security. Designing for Security Our aim in this section will be to concentrate on how campus Networks can be designed.
Agenda Product Overview Hardware Interfaces Software Features

Agenda Product Overview Hardware Interfaces Software Features
Application Guide For Mesh AP – MAP-3120

Application Guide For Mesh AP – MAP-3120
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.

1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
NextGen Wireless Steven Bourque (IST). Overview Introduction Current Wireless Issues Access Point (AP) Hardware Controller Hardware Campus Design Redundancy.

NextGen Wireless Steven Bourque (IST). Overview Introduction Current Wireless Issues Access Point (AP) Hardware Controller Hardware Campus Design Redundancy.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.

The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
USRobotics Professional Access Point  Yosi Rafael.

USRobotics Professional Access Point  Yosi Rafael.
Wireless Networking TGIF, April 18th, 2003 Alvin Chew Kent Reuber

Wireless Networking TGIF, April 18th, 2003 Alvin Chew Kent Reuber
Wireless Design for Voice Last Update 2011.06.11 1.0.0 1Copyright 2011 Kenneth M. Chipps Ph.D. www.chipps.com.

Wireless Design for Voice Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
Team MAGIC Michael Gong Jake Kreider Chris Lugo Kwame Osafoh-Kintanka Wireless Network Security.

Team MAGIC Michael Gong Jake Kreider Chris Lugo Kwame Osafoh-Kintanka Wireless Network Security.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Cisco Unified Wireless Network Webinar Commercial WLAN.

1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Cisco Unified Wireless Network Webinar Commercial WLAN.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Remote Desktop Connection Techniques Wireless Communication Networks.

Remote Desktop Connection Techniques Wireless Communication Networks.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World

Similar presentations

Ads by Google