Case Study: Texas University Breaks Down the Walls of the Classroom With Wireless Connectivity
Among students today, desktop computing seems to be a thing of the past and laptops are the computer of choice. Just as the Internet changed the face of education, the concept of "nomadic computing" is taking higher education by storm. Soon, all students will have their own computers. They will also want the ability to use their laptops and handhelds to e-mail a paper, conduct library research and participate in class discussions online from anywhere on campus without having to worry about physically plugging in their hardware.
Like many higher education institutions, The University of Texas at Dallas (UTD) was presented with the challenge of breaking down the walls of the classroom on its campus. The university is located at the heart of Texas' Telecom Corridor, home of many well-known multinational technology companies. Currently, more than 7,000 undergraduate and 5,000 graduate students attend UTD for its broad offering of bachelor's, master's and doctoral degree programs.
As director of technology customer services for UTD, my team first turned to wireless technology in 1999, implementing a wireless network for the faculty. Feedback from annual student recruitment interviews revealed that wireless access in every academic area of UTD was a necessity for today's students - with the vast majority of those surveyed asking for wireless access. The wireless connectivity project for the faculty quickly became a campuswide initiative to increase UTD's wireless network penetration. This plan would include all academic and nonacademic areas, including the library, lecture halls and cafeterias.
Securing a Network
By 2001, campuswide wireless connectivity was rapidly becoming a reality. Our first challenge with the campuswide initiative involved finding a way to cut cabling infrastructure costs and providing secure authentication in a new off-campus apartment complex known as "Phase 8," a complex of seven buildings that house about 530 freshmen. Since Phase 8 was our test bed for student wireless connectivity, and because it is located off campus, we had several concerns.
While WLANs are convenient for students, teachers and administrators, we were very concerned about security; in particular, the reliability and security holes in IEEE 802.11, the Ethernet-based wireless standard. For example, five critical areas to consider when securing a network are: authentication, authorization, privacy, administration and accessibility. The 802.11 standard addresses only authentication and key management for networks - just two parts of a multidimensional challenge to implementing and maintaining a secured, functional network.
We were also concerned with the potential of "war driving," where uninvited crackers might use software easily found on the Internet to break into networks from outside of campus buildings. It was critical that UTD's WLAN be protected from outsiders who had no business being on our network. With a wireless network, communication is not confined to a physical link. Instead, it is broadcast through the air in all directions, passing through walls, doors and fences. Therefore, a confidential memo regarding a student sent to a dean might be intercepted by anyone with receiving equipment within the range of wireless waves - typically 50 meters to 500 meters. Anyone with receiving equipment within this range could have access to all confidential material that you're sending, and there are enough financial or revenge incentives to make all of us potential targets for hackers of one sort or another. So, it was critical that the wireless networkbe protected and that only approved users have access to appropriate information.
Our team initially reviewed a range of security options, including remote authentication dial-in user service (RADIUS). But the campus was moving steadily toward a lightweight directory access protocol (LDAP) solution - an increasingly common form of authentication involving a lookup and security binding via a central service - so we settled on LDAP authentication. We found that the managed access-gateway technology built into Bluesocket Inc.'s Wireless Gateways offered a clean and straightforward approach to our security concerns, because it provided us with the ability to authenticate every user via the campus LDAP service.
Now when students register for classes, UTD automatically generates accounts for logins to the network. About 80 percent of students have PCs. At Phase 8, as many as 200 simultaneous sessions have been supported using a single Bluesocket Gateway and 25 access points, which are small wireless base stations that plug directly into Ethernet jacks. Phase 8's wireless connectivity implementation was considered such a success that we're now finishing Phases 5-7, three more off-campus apartment complexes that house about 900 students. Phases 1-4 and 8a are also on the horizon for wireless connectivity implementation strategies.
Wireless technology is in its infancy, yet our wireless strategy is a dynamic process. We continually review new technologies, and we have found it's most important to work with vendors who evolve with the ever-changing wireless standards and are willing to commit to growing with us.
Director of Technology
The University of Texas at Dallas
This article originally appeared in the 09/01/2002 issue of THE Journal.