Flexible network access overview
This presentation is the property of its rightful owner.
Sponsored Links
1 / 8

Flexible Network Access Overview PowerPoint PPT Presentation


  • 80 Views
  • Uploaded on
  • Presentation posted in: General

Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy. Universal Access to Campus IT Resources. Flexible Access. Managed LAN ports. Remote Access for Staff and students. On Campus For Staff, Students and Visitors. UoG-ISP. Dial-In. ISP. Modem

Download Presentation

Flexible Network Access Overview

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Flexible network access overview

Flexible Network Access Overview


Flexible access an integral part of universal access policy

Flexible Access an Integral part of Universal Access Policy

Universal Access to

Campus IT Resources

Flexible Access

Managed LAN ports

Remote Access for

Staff and students

On Campus For Staff, Students and Visitors

UoG-ISP

Dial-In

ISP

Modem

VPN

Broad Band

VPN

Communal Locations

and other areas

Managed LAN ports

VPN

Managed WiFi Access

VPN


On campus flexible access aims

On Campus Flexible Access Aims

  • Allow staff, students and visitors to access UoG campus network resources via their own systems

  • To provide UoG campus network security measures via authentication, encryption and personal firewall

  • To provide UoG ISP security measures via mistrust I.e., assume other systems on UoG ISP are suspect

  • To support as wide a range of systems a possible

  • To provide a scaleable and manageable solution that could be adapted for specific (faculty/departmental) requirements

  • To support the most appropriate LAN technologies

  • To provide as near a self service as possible backed by Web based documentation and FAQs


On campus flexible access progress and futures

On Campus Flexible Access Progress and Futures

  • Pilot study initiated in January 2004 – Report available on CS Web site http://www.gla.ac.uk/services/computing/network/flexible/index.shtml

  • Pilot located in University Library providing a choice of 10/100Mbs Ethernet ports and 802.11b Wireless access points

  • UoG ISP implemented via private IP address space

  • UoG Campus access and security implemented via a modified VPN service providing authenticated access, strong encryption and an integrated personal firewall

  • Choice of existing VPN solution easy to make

  • Pilot has been extended to other areas in library and other buildings

  • Plan to continue rollout to other communal areas and work with departments on local requirements

  • Plan to address Visitor requirements out with UoG VPN solution

  • Plan to provide ‘lightweight’ alternatives to VPN e.g SSL-vpn, WPA2 and 802.1x


Flexible access pilot general issues

Flexible access Pilot General Issues

  • Scalability complex requiring VLAN structures to maintain the UoG ISP and Private address leakage with ACLs to accommodate departmental requirements

  • VPN requirement can be daunting for some users

  • Same old P2P misuse plus un-patched systems – right to mistrust!

  • Identifying suitable locations and getting agreement to deploy

  • User support – Self service OK! For most but a significant number of users have problems with VPN configuration and or foreign language support


Flexible access pilot technology issues

Flexible access Pilot Technology Issues

  • Both wired and WiFi access ports have proved popular

  • Wired ports easier to manage and secure

  • WiFi access certainly provides the required flexibility but requires significantly more work to deploy


Flexible access pilot wireless lan issues

Flexible access Pilot Wireless LAN Issues

  • Pilot deployments conform to draft Wireless LAN Policy: http://www.gla.ac.uk/services/computing/regulations/

  • Main concerns are to do with

    • Doing proper site surveys to ensure maximum coverage and a safe and secure operating environment for support staff

    • Managing non overlapping frequency ranges to avoid interference

    • Ensuring acceptable levels of security on a shared communications medium

    • Restricting access to authorised users

    • Ensuring acceptable contention ratios per Access Point

    • Real cost of WiFi deployments is the back end infrastructure required to provide security, scalability , AP management, roaming and rogue AP detection


Flexible access visitor issues

Flexible Access Visitor Issues

  • Because of site licence restrictions and US export restrictions it is not possible to supply visitors with a copy of the VPN client

  • Other ad hoc solutions have been implemented based on off campus access

  • Work in progress to provide acceptable visitor solutions based on some or all of the following

    • Temporary account creation and 802.1x and WPA as appropriate

    • LIN pilot for proxying authentication to users home site

    • OS provided or Public domain VPN support


  • Login