Case Studies - Case Studies - Eduroam in Slovenia Eduroam in - - PowerPoint PPT Presentation

case studies case studies eduroam in slovenia eduroam in
SMART_READER_LITE
LIVE PREVIEW

Case Studies - Case Studies - Eduroam in Slovenia Eduroam in - - PowerPoint PPT Presentation

Jan 08, 2024 981 likes •1.25k views

1 Akademska in raziskovalna mrea Slovenije Case Studies - Case Studies - Eduroam in Slovenia Eduroam in Slovenia Rok Pape ARNES - Academic and research network of Slovenia aaa-podpora@arnes.si Eurocamp, Ljubljana, April 2006 2 Start

slide-1
SLIDE 1

Akademska in raziskovalna mreža Slovenije

1

Case Studies - Case Studies - Eduroam in Slovenia Eduroam in Slovenia

Rok Papež ARNES - Academic and research network of Slovenia aaa-podpora@arnes.si

Eurocamp, Ljubljana, April 2006

slide-2
SLIDE 2

Akademska in raziskovalna mreža Slovenije

2

Start of Wi-Fi project Start of Wi-Fi project Arnes started testing Wi-Fi equipment in 2002

– Testing equipment – Involved with TERENA tf-mobility work group – Unclear how technology will evolve – Testing of radius servers (Radiator)

slide-3
SLIDE 3

Akademska in raziskovalna mreža Slovenije

3

Arnes eduroam project Arnes eduroam project Ministry tender in 2004

– Deployment of wi-fi networks

Test setup

– Lab – Actual faculty environment – Radius tests (Radiator, freeradius)

Configuration samples Technical specifications

– Equipment – Network configuration – Security

E-mail support

slide-4
SLIDE 4

Akademska in raziskovalna mreža Slovenije

4

Eduroam now Eduroam now Technology used

– SSID=eduroam – WPA Enterprise (+ WPA2/802.11i) – Dynamic VLANs – Support for legacy networks (multiple SSID) – L2/L3 security

Radius configuration

– EAP-TTLS + PAP – Send real user-name in Access-Accept (accounting) – Log full radius accounting + IP address – Radiator – Freeradius

slide-5
SLIDE 5

Akademska in raziskovalna mreža Slovenije

5

Arnes eduroam map Arnes eduroam map http://www.eduroam.si

slide-6
SLIDE 6

Akademska in raziskovalna mreža Slovenije

6

Eduroam sites in Slovenia Eduroam sites in Slovenia Connected to the Eduroam in September 2004 2004

– 1 test WLAN in University of Ljubljana – 6 WLANs at Universities and a high-school center (ministry tender)

2005 - more institutions joined

– Secondary school Ptuj – Institute Jožef Stefan (*) – Central technical library, University of Ljubljana (*) – 3 not yet with a test connection

Now - 10 institutions in eduroam

slide-7
SLIDE 7

Akademska in raziskovalna mreža Slovenije

7

Slovenian eduroam network use Slovenian eduroam network use

9 04 10 04 11 04 12 04 1 05 2 05 3 05 4 05 5 05 6 05 7 05 8 05 9 05 10 05 11 05 12 05 5000 10000 15000 20000 25000 30000 35000 40000 45000

Eduroam network logins

FE/ FRI FERI FOV FDV FMF FHŠ PTUJ S KUPAJ

monthly

slide-8
SLIDE 8

Akademska in raziskovalna mreža Slovenije

8

Slovenian eduroam statistics Slovenian eduroam statistics Network use varies a lot

– Summer vacations – Winter vacations – Exam periods

Steep climb

– network logins – number of active users

March 2006 statistics

– 885 active users – 40 used roaming (4,52 %) – Most of the users are from technical faculties

slide-9
SLIDE 9

Akademska in raziskovalna mreža Slovenije

9

Student survey – Use of eduroam Student survey – Use of eduroam Student survey October 2005

– Use of any wi-fi

  • Only 15.2% of students use Wi-Fi technology (routers, sharing
  • f internet connection with a neighbor at home ...)
  • Eduroam is being used by 5% of students

– Reasons for not using the eduroam

  • Not informed about it
  • Don't own a laptop
  • They don't know how to use it
  • Bad experience with use

– Why students don't bring laptops to lectures

  • Don't want to stand out
  • Afraid of damage or theft
slide-10
SLIDE 10

Akademska in raziskovalna mreža Slovenije

10

Easier end user deployment Easier end user deployment eduroam without the eduroam_client

– Setting up windows wireless – Setting up SecureW2 – First connect problem (certificates)

eduroam client

– Uses secureW2 site deployment – Certificates are pre-installed – SecureW2 is pre-configured

  • username/password

– Wireless encryption settings – ftp://ftp.arnes.si/software/eduroam

slide-11
SLIDE 11

Akademska in raziskovalna mreža Slovenije

11

Eduroam client configuration Eduroam client configuration

slide-12
SLIDE 12

Akademska in raziskovalna mreža Slovenije

12

Future of eduroam in Slovenia Future of eduroam in Slovenia Eduroam on wired networks

– Testing of equipment (switches) – Looking at the possibility to use for dial-up

RadSec for inter-radius connections Eduroam_client

– Localization – Limited development resources

Eduroam in a box

– Deploying eduroam in smaller organisations – Web configuration wizard and management tool – (optional) built in firewalling (L2/L3 security) – Free software – http://eduroam.sourceforge.net

slide-13
SLIDE 13

Akademska in raziskovalna mreža Slovenije

13

Eduroam in a box: smaller network Eduroam in a box: smaller network Typical network: – Structure network

  • 802.1q VLANs

– Classroom – Staff

slide-14
SLIDE 14

Akademska in raziskovalna mreža Slovenije

14

Eduroam in a box: “plug and play” Eduroam in a box: “plug and play”

slide-15
SLIDE 15

Akademska in raziskovalna mreža Slovenije

15

Bob Metcalf, Xerox, 1972 What is in this picture ? What is in this picture ?

slide-16
SLIDE 16

Akademska in raziskovalna mreža Slovenije

16

Ethernet (in)security Ethernet (in)security Unauthorized network use

– Rogue Access Points

MAC spoofing ARP attacks

– Router – Other users

DHCP attacks

– DOS – Eavesdropping

IP spoofing

slide-17
SLIDE 17

Akademska in raziskovalna mreža Slovenije

17

Ethernet security mechanisms Ethernet security mechanisms Network login (wireless or wired - 802.1x) Wireless connection encrypted (WPA) Special mechanisms on a router/switch

– ip dhcp snooping – ip arp inspection – ip verify source

IP security

– Firewall – ACL

slide-18
SLIDE 18

Akademska in raziskovalna mreža Slovenije

18

Eduroam.si Eduroam.si http://www.eduroam.si mailto: aaa-podpora@arnes.si