Wireless Services - Local policy

Implementation of Wireless and policy on expansion

There are a number of grey areas in the support and maintenance of this project. Firstly, it must be noted that this is a OUCS-managed project, not a Departmental initiative. The design of OWL/Eduroam, the implementation of the VLANs to run it over and the NAT and Firewall services used in the backend of the wireless networks are all OUCS-controlled and maintained services.

The networking infrastructure in the local Departmental buildings is entirely run and maintained by the local IT Officers. The situation is more complex in multi-disciplinary buildings like the OCGF, where the infrastructure is actually provided by all local Departmental IT teams, with the infrastructure support being managed by one of them (in the case of the OCGF, the Statistics IT team runs the infrastructure).

Because the University is comprised of such a diverse collection of Colleges, Departmental buildings, laboratories and many other types of building, the service is designed to be as flexible as possible, but it requires that IT officers abide by the implementation rules laid out by OUCS.

A typical implementation consists of three steps:

  1. Procurement. The necessary hardware needs to be bought. This is not just the WAPs, but also includes network bandwidth upgrades and additional switching infrastructure. Our own Departmental provision is to provide the core networking infrastructure (which is now completed where possible) and to maintain this infrastructure. As an "opening gambit" we bought five WAPs to go into various pre-arranged locations within the Department, although this has since been expanded by agreement with the Computing Committee. If you are within reach of one of these beacons, then congratulations! You can use OWL/Eduroam. If not, then expenditure from a grant or PRA, or agreement by the Computing Committee will be required before a purchase can be made. This assumes that it is possible to install wireless infrastructure into your building.
  2. Further WAP procurement from central IT funds will not be forthcoming without Computing Committee approval.
  3. Infrastructure. The WAPs themselves need to be connected to the switching equipment and this equipment needs to be configured to connect to the core OUCS VLANs. This requires OUCS to install FroDo locally. In addition, the local IT Officers are required to implement a specially secured switch configuration within which to connect the WAPs.
  4. WAP placement. Finally, WAPs can be configured and locations found for them. As good quality WAPs are moderately costly and easy to steal, they must be bolted to the wall and ideally, padlocked. There are also signal strength considerations as to where they can be placed.

Policy on Expanding the Departmental Wireless Network

Providing wireless connectivity could prove to be incredibly expensive for the Department. WAPs have a limited signal "reach", that can be impeded by walls, floors, steel substructure in modern buildings and, most importantly the signals are absorbed by water. Given a human body is 70% water, a large crowd of people (for instance in a lecture theatre) will impede the wireless reach considerably.

It has been decided that the Computing Team will provide the following from the limited central funds and resources:

  • Wireless implementation expertise for local configuration and switch management. In addition we will provide the switching infrastructure in each building requiring OWL/Eduroam (so long as OUCS have already installed FroDo. Remember that FroDo is an absolute requirement for running any OWL or Eduroam service). We will provide limited support for Wireless users. It is designated as a low priority "Tier 4" level of support.
  • Some local "on the ground" support for Wireless problem solving. We reserve the right to refer the problems to OUCS for resolution.
  • Sensible decisions as to beacon locations have been made (based on requirement for lecturing and previous cases made to the Computing Committee). If you are within reach of one of the signal beacons, then you are fortunate. If you are not, and require access to the Wireless services, then firstly, you must be in a building that can support it, secondly you will have to speak to us about access. The following points need to be remembered:
  1. There will be no more WAP procurements from central IT funds without Computing Committee approval.
  2. If you wish for a beacon near your location, then it should be funded from your PRA or a grant.
  3. No other wireless networks will be permitted on the Departmental network. This is a security consideration, and indeed, the Cisco WAPs we use can be configured to recognise the SSIDs carried by each other. If one of our WAPs discovers a non-OWL WAP in operation nearby, it can be set to prevent the non-OWL WAP from functioning.
  4. If you have decided to buy a WAP for your location, then please contact us. We have specific Cisco models that are recommended to us from OUCS. The reason we agree to OUCS specification of WAPs is because OUCS are supporting Eduroam. To use this, we will decide on the WAPs that go onto the network. Our current recommendation costs approximately 250 per WAP.