Embed Size (px)
Citation preview
The "How" and "Why" of a Large-Scale
Wireless Deployment March 3, 2004
EDUCAUSE Western Regional ConferenceSacramento, CA
Copyright Philip Reese, 2004. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.
‘How’ and the ‘Why’ at Stanford
Outline: ‘How’ of the deployment
Stanford details. Deployment details. Technical details. What didn’t go well?
‘Why’ of the deployment What is next? Why do all this?
Questions?(Feel free to ask questions during the presentation as well!)
‘How’ of the deployment SU Information
14k students, half undergrad, half grad 800 acre main campus 600 buildings Residential school- > 10,000 students live on
campus Decentralized network, centrally run
backbone, schools can run their own networks
Clearly a lot of challenges!
‘How’ of the deployment Started deploying Access Points in late
2001 as a pilot with some specific academic areas interested in the impact.
No authentication, only a registered MAC address.
More went out in 2002 but then deployments slowed, as funding became an issue.
Authentication added, Perfigo. Clientless was the key criteria!
‘How’ of the deployment Established a model for moving forward
with deployments in early 2003, but only a few more were added.
Current total of ~300 Cisco Access Points Campus is craving more availability.
Administration is nervous without encryption, but client installation issues are not trivial!
Perfigo has good offerings for authentication and encryption.
‘How’ of the deployment
‘How’ of the deployment
‘How’ of the deployment Technical details
Site survey first Cisco APs using power over ethernet Building and aggregating switches Allied
Tellesyn PERFIGO servers for Authentication Cisco WLSE for monitoring, currently has a
max of 500 APs, likely moving to Perfigo’s WLAN management due to cost
Guest access option Kerberos authentication Encryption optional
‘How’ of the deployment What didn’t go well with the
deployment? Network jacks aren’t usually in the correct
location. Faculty have strong opinions about whether
to have wireless in classrooms. The size of campus implies that even at 300
APs, only around 30% of campus is covered.
Web based only Auth isn’t enough. At the start of the roll out, we didn’t have
an SLA, we do now!
‘Why’ of the deployment What’s next?
No more AP deployments! Need to move to a ‘Cell Site’ model for AP placements.
Political discussions around authentication/encryption issues.
Assuming encryption, which model to use? Clients using IPSEC, VPN, or WPA? IPSEC- Once installed, use is pretty seamless VPN- Cisco client is pretty heavy but always
seems to work, advantage is wireless is protected everywhere!
WPA- Current OS’s come with it, lightest weight encryption, only works on campus.
‘Why’ of the deployment Why do all this?
Wireless may not replace wireline connections for some time but it is a ‘player’
Availability of wireless has the potential to greatly help in disaster/business recovery scenarios.
Other agencies on campus want it for business reasons- Facilities for work tickets, parking to check on permits, and Public Safety would benefit from campus wide secured access to directory, building floorplans, and HazMat info
‘Why’ of the deployment Is that all?
The campus is in the midst of a VoIP backbone deployment to help with an aging TDMA switch. Wired VoIP phones are only a transistional technology. The future seems to be Wireless VoIP using 802.xx existing infrastructure.
Throw is some alumni benefits and these are the reasons why wireless is a big initiative at Stanford.
