Login | Webmail
You are here: Home IT Committee Acceptable Use Policy Wireless access
Document Actions

Wireless access

Wireless access to AIT network: Security and Authentication


Current situation

Starting in 2002, a systematic plan to provide wireless access points (WAP) to our network in selected classrooms, meeting rooms and other gathering points such as AITCC lobby has been implemented. Furthermore schools or programs, as well as several faculty, and maybe staff or students have installed a WAP in their office or accommodation on their own, most often without any control or coordination with ITSU.

As of now there is no control whatsoever on who uses those access points. They can be used indifferently by the AIT community or by outsiders (which could be legitimate visitors or not). Wireless access points provide network access to community members and to our guests but also can potentially provide access to unauthorized persons. Because of the open nature of this method of access to the network, it could be potentially used by a malevolent seeking privileged access to some of our systems

Policy
•  All wireless access points will be put on a VLAN that is separate from the one used by desktops and servers to ensure easy management and enforcement of security and access policy. Unless there is a special requirement, all access points will share a common VLAN across AIT, administered by ITSU. If there is a special requirement not to put wireless access points in the common dedicated VLAN, then it must be justified and demonstrated that conformance to the security requirements can be achieved by the installing school or unit: filtering, authentication etc. This remedy might necessitate some limited funds to modify existing cabling or networking equipment.

•  The installation of wireless access points by individuals in residential areas is the responsibility of those individuals, however approval from ITSU must be sought in advanced. ITSU will then ensure that the wireless access point is properly configured. Installing wireless access point without ITSU's approval is deemed in violation of the Acceptable Use Policy.

•  Any unit or individual wishing to install a wireless access point in academic areas must inform ITSU in advance and is responsible for making sure that the requirements highlighted on point 1 are observed, with the assistance of ITSU.

•  All access through the wireless access points imply an acceptance of the Acceptable Use Policy of the Institute. This will appear clearly in the information presented to users requesting access.