Wireless Networking

• By Jinx P. Walton
• 12/31/03

The University of Pittsburgh’s 9,600 employees, including 3,800 faculty members, serve more than 32,000 students through the programs of 18 undergraduate, graduate, and professional schools.

Wireless Networking Pilot
The demand for wireless network access at the University of Pittsburgh has increased dramatically over the past several years. In recognition of the need for increased network access and to keep pace with rapidly evolving wireless network technology, the University of Pittsburgh launched a pilot project in 2001 that involved several selected classrooms and a heavily used student area. The pilot program resulted in the decision to base initial wireless service on the IEEE 802.11b standard using equipment that could easily be reconfigured to operate under newer standards such as 802.11a or 802.11g—as support for these were incorporated into commercially-available equipment.

Central Directory Service
The University of Pittsburgh’s Central Directory Service (CDS) includes information on all individuals affiliated with the university. CDS provides the cornerstone for the university’s authentication systems. Because the role of each individual is maintained within CDS, the infrastructure for wireless user authorization was already in place.

Bluesocket offered a major advantage for our wireless implementation in that only a Web browser, not client software, is needed to access the customizable user login screen. It is completely compatible with the University of Pittsburgh’s LDAP authentication service and provides the ability to restrict or allow access based upon the user’s role within CDS. Bluesocket is compatible with all of the popular operating systems (Windows, Windows CE, Linux, and Macintosh) and supports multiple security protocols including IPSec, Point-to-Point Tunneling Protocol (PPTP), and Advanced Encryption Standard (AES). Bluesocket allows for roaming, even when using IPSec. Automatic failover is also supported. Finally, Bluesocket supports RADIUS user accounting allowing the University of Pittsburgh to keep user access logs by using the RADIUS accounting services already in place.

Wireless PittNet
Authenticated wireless network access is available to students in various high-traffic locations on the Pittsburgh campus, including study areas in several academic buildings, the main library, and the student union lounge. Outdoor wireless access is available in selected areas. Faculty and students can connect to the wireless network in designated classrooms. The university departments have the option to implement wireless network access in administrative offices.

Site surveys include consultation with the department to learn and understand its planned use of wireless technology, monitoring of existing radio frequency signals for interference, measurement, evaluation of signal strength, and delivery of a report that describes the proposed layout of the wireless network.

Bluesocket WG-2000 gateways are used to authenticate and authorize users in student areas. WG-1000 gateways are used in departments and classrooms. The University of Pittsburgh supports four wireless network interface cards: Cisco Aironet 340/350 cards, the Orinoco Gold card, the Enterasys RoamAbout, and the Apple AirPort card. All cards must be Wi-Fi compliant and support 128-bit WEP encryption.

Future Direction of Wireless PittNet
The University of Pittsburgh’s goal is to offer secure, reliable wireless network service for the benefit of the university community. The University of Pittsburgh will continue to meet or exceed industry standards for security and performance to ensure that this goal is met.