Professional Documents
Culture Documents
on
Mobile Computing
Prepared for the
University of St Thomas
UTAC committee
Carole A. Bagley
Blake Bristow
Peter S. Rhodes
Brad Rubin
2003
2
Table of Contents
V. Bibliography
In addition to reviewing UST designated “peer” institutions, four other premiere, early
adopter universities (Carnegie Mellon University, Drexel University, Dartmouth
University and Buena Vista University), the ACTC schools and several Minnesota
schools will also be included. The UST “peer” institutions include:
• Duquesne University
• Fordham University
• Loyola University Chicago
• Marquette University
• Seton Hall University
• St. Louis University
• University of Dayton
• University of San Diego
3
I. Overview of mobile/wireless computing
There are two views or models of Mobile computing. The first is “local” where
computers are located within 50-300 feet of a network access point. There would
be a network of interconnected access points so that a computer may access the
network without wires in any room and building on campus or outside. A second
model of wireless or mobile computing is “wide area roaming”. This is similar to
what currently exists with cellular phones. The first model will be addressed. The
second model or wide area roaming would require costs and carrier standardization
that are beyond the scope of the current mobile computing project.
Although cost, security, speed and the potential for abuse are concerns (and will
be reviewed in this paper), wireless campuses are the wave of the future. Gone
will be the days of classrooms with wires and power cables and desktop
computer systems. Instead, “WIRELESS” connections will cover campuses and
will eventually extend to parks and public buildings.
4
B. Why should a Wireless campus be built at UST?
There are many reasons why a wireless campus is desirable at UST. These
reasons include:
• Mobility and Convenience: students, staff and faculty can move freely
across campus and have access to their files, the internet, library and printers.
Lounges, dorms, the library, classrooms, and even outside airspace will
provide access to computing resources. Faculty and staff who move regularly
between office, classrooms, conference rooms, etc. will have the convenience
of access to files and information that are needed across campus whether it
be in a meeting, a classroom or other professional/ personal use.
• Ease and convenience of access for students are important reasons alone,
however, wireless will likely increase collaboration between students as well.
Students will work more collaboratively in sharing drafts, charts, and tables,
and in working on projects together. Since wireless networks allow for
ubiquitous Internet computing, students can upload and download information
from library databases, log chat discussions, send and receive e-mail, and do
other things from any location that, typically, they could do only from home
computers or a crowded computer lab. Research has shown that convenient
mobile access to the Internet can increase student productivity, and the use of
laptops and conferencing software can facilitate meaningful negotiations and
the provision of editorial input during the writing and revising process
(ts.mivu.org/default.asp?show=article&id=950).
• Competition: students and parents pay tuition at UST and expect high
quality services. The number of laptop/notebook computers being sold in
2003 is expected to match or exceed the number of desktop computers sold.
Laptop users want and expect more flexibility and mobility. Other universities
who compete for students with UST have built or are currently building
wireless campuses. UST must compete. The following peer universities,
ACTC schools and Minnesota schools who compete with the University of St
Thomas for students have wireless capabilities on their campuses:
5
ACTC and Minnesota Universities with wireless coverage
1. University of Minnesota – Mpls and St Paul campuses – full campus
2. Mankato State University – library, all outdoor areas, many classrooms,
notebook program with the College of Business. Expect full campus by
2004.
3. Colleges of St Benedict and St John’s – full campus
4. Macalester - library and some classrooms, with a pilot laptop program and
moving toward full wireless campus
5. College of St Catherine’s – wireless library with 32 laptops for use in library
6. Augsburg – one lounge area for students - Christensen coffee area
7. Bethel College – library
8. Hamline University – library and graduate building downtown Mpls
• Classroom flexibility: any classroom can become a computer lab. With the
increase in use of computers in instruction, UST does not have enough
computers in classrooms. Laptops and wireless allow the flexibility for
classrooms to easily use computers when they are necessary and put them
away when they are not needed. By not having fixed computer wiring in a
classroom, rooms can be adapted for different uses now and in the future.
C. Successful Implementations
Early adopters of campus-wide wireless computing include: Dartmouth College,
Buena Vista University, Drexel University and Carnegie Mellon University prior to
2001. Carnegie Mellon and Buena Vista University were the first universities to
adopt campus-wide wireless. The initial design, upgrade and future plans for
Carnegie Mellon University can be viewed at:
www.cmu.edu/computing/wireless/wirelesshistory.html.
Information about the wireless process at Buena Vista University can be viewed at:
ebvyou.bvu.edu/about.htm and tltc.bvu.edu/ebvyou/CIT2000/eBvyou_overview.ppt.
6
The University of St Thomas has adopted 8 universities as UST “peer
institutions”. Of these universities, Loyola and Seton Hall provide campus-wide
wireless access. The University of Dayton and Fordham University have near-
campus wide wireless access, and Marquette, Duquesne University and St. Louis
University have a variety of locations that are wireless across campus, but not the
entire campus. Numerous Minnesota university campuses also provide wireless
access. Six of the eight “peer” institutions and three Minnesota university
wireless campuses are further described below:
Seton Hall
Seton Hall began a university-wide strategic planning process in the 1994-95 academic year,
and as part of that process the institution developed a long-range plan for information
technology. A steering committee was formed to assess the institution’s technology needs
and develop solutions. The committee included campus-wide representation, and it was co-
chaired by Dennis Garbini, who at the time was associate vice president for finance and
administration, and then-faculty member Stephen Landry. Members of the committee were
given substantial release time for a semester as they were expected to focus much of their
efforts toward the IT plan.
After receiving input from the larger community and examining issues through numerous focus
groups, the committee formulated an ambitious five-year technology plan, backed by a long-
range technology budget.
Funding for technology initiatives came through a number of sources: increases in tuition and
fees, capital investments, cost reductions through reengineering, and corporate partnerships.
Landry notes that the development of a long-range IT budget was instrumental in enabling the
university to lease technology equipment and move IT expenditures from a capital to an
operational expenditure.
Seton Hall’s Mobile Computing Program (technology.shu.edu/) is one of the university’s most
visible technology initiatives. Through a strategic partnership with IBM, first-year students are
issued current Thinkpad laptops when they arrive on campus. The program includes
integrating technology into the institution’s curriculum and providing an infrastructure to support
the use of technology in teaching and learning.
Started as a pilot project in 1995 with 20 students and 12 faculty, the Mobile Computing
Program was the result of a decision to make computers available to students on a one-to-one
ratio. Landry explains that because only 50 percent of Seton Hall’s undergraduate students are
residential, a portable computer was chosen to allow better access; notebook computers also
open more windows for using technology in the classroom.
The Mobile Computing Program became mandatory for freshmen in 1998 after larger pilot
projects proved successful. Participating students pay $650 per semester in technology fees to
help offset the cost of the laptops, which are refreshed on a two-year cycle. By 2001 all full-
time undergraduate students had received notebook computers. Faculty receive laptops as
part of the program, as well as technical, pedagogical, and financial support to incorporate the
technology into their teaching.
The Catholic university, which recently was ranked No. 13 in Yahoo Internet Life magazine's
list of the top 200 most wired colleges, has what was one of the first and most pervasive
laptop-mobile-computing programs in the country. When freshmen and new students enter the
liberal arts university today, they are issued laptops with a built-in wireless LAN card and an
Ethernet NIC.
7
All Seton Hall classrooms provide Internet access for faculty, and one-third of the classrooms
provide data and power connections to each seat as well as built-in computer projection
equipment. The supporting network includes an ATM backbone and switched 10Mb Ethernet in
most academic buildings as well as a state-of-the-art network server architecture.
Residence halls are wired to provide data connection for each student. The wireless network is
also accessible from many public spaces, including library carrels, lounges, the Pirates’ Cove
coffee bar, and even outdoor park benches. But some venues are still tough to reach. The
university will continue to try to permeate those areas.
Despite the overwhelming success of Seton Hall’s mobile computing efforts, the program has
had its challenges. Asset management and distribution have been more difficult than
anticipated, and keeping the program affordable is a constant concern. For part-time students
who don’t participate in the program, course selection is limited to classes not using mobile
computing.
Due to the unique nature of each graduate program, adoption of mobile computing at the
graduate level has been slower than at the undergraduate level. Several graduate programs in
the School of Graduate Medical Education have adopted their own versions of the mobile
computing program, and others are exploring this option.
The wireless LAN poses some labor challenges for Seton Hall. Replacing an access point
requires more physical labor. And then there's the delicate balance with security. As a
university, Seton Hall needs to make its network available to its resident, as well as part-time,
faculty members and students who plug in with their own laptops that didn't come from Seton
Hall's IBM ThinkPad laptop program. At the same time, the university also needs to protect its
network and users.
The security is working, but it's not the kind of security you see in corporations or government.
Seton Hall, meanwhile, has been building out its physical network capacity, starting with an
aggressive fiber installation. The university completed an upgrade from its ATM backbone to
Gigabit Ethernet and is now beginning to add VoIP (voice over IP). Like many organizations
with ATM, the university had maxed out the pipe and was looking to add bandwidth for less
money and with reduced management overhead. During the summer of 2003, Seton Hall will
introduce video on demand to its network, which, among other benefits, will let instructors use
a laptop and overhead projectors to bring video clips to their lectures.
In the long term, this network will be used for true multimedia.
IT Department Info
• Size of IT staff: 7
• Network support person average work week: 50 hours
• Biggest challenge: Keeping up with growth and knowledge.
• Latest projects: Voice over IP, Gigabit Ethernet rollout, video on demand.
• Coolest part of the job: "Seeing technology rollouts rapidly put to use by a
8
large group of users."
Loyola's Virtual Private Network (VPN).
The Loyola VPN provides a remote link to Loyola University's network resources, including
secure production systems. The VPN allows authorized staff and faculty to access these
systems from any remote location with an Internet-connected computer. To protect against
unwanted entry by computer hackers, the VPN employs a dual authentication system
consisting of a PIN number and a Secure ID Token or "fob".
What is a fob? A fob is a physical device that looks like a keychain. IS provides each VPN
user with a fob, which displays a sync number that changes once every sixty seconds. This
sync number, in combination with the VPN user's PIN number, allows the user to login to the
VPN (see VPN Logging On for more information). The dual authentication system (using both
the PIN and sync numbers) greatly reduces the chance of someone guessing a VPN
passcode and accessing secure Loyola information.
St Louis University plans to provide wireless service by fall semester, 2003, particularly in the
Bush Memorial Center. Careful attention is being given to security and HIPAA standards so
that electronic information is protected from outside sources.
Two key benefits of a wireless network are mobility and flexibility. The major drawback to
wireless is that in most cases, the performance of a laptop PC is poorer and slower.
As progress is made on these projects, more information will be released in Newslink and the
IT Insider, the St Louis University newsletter and web site.
St. Louis University has found wireless to be less expensive. When wiring any facility,
including campuses, you have the cost of installation and materials to contend with, as well as
the possibility of tearing up roads and walls to lay all the cable. Secondly, a wireless system
allows freedom to the organization to set up workspaces, classrooms and labs anywhere and
redesign those spaces without worrying about where the computer outlets are. Finally, the
users have the mobility to work where they want within a few hundred feet of the access point.
So students can take their laptops and work outside, in their dorms, at the student union or in
the classrooms. It's much cheaper to put two to three access points on each dorm floor than
cable each individual room.
University of Dayton
The University of Dayton is now beginning their fifth year of the UD Student Computer
Initiative (which requires students to purchase either a desktop or notebook computer).
9
Beginning Fall 2002, the School of Business Administration required all entering SBA first year
students to purchase notebook computers.
The University offers a wireless data network in selected areas around the campus and is
greatly expanding wireless access as part of the Student Notebook Initiative.
The student Notebook Initiative is contracted out for purchase and support.
The campus network as currently configured does not permit anytime/anywhere network
computing. This limitation has been a source of frustration for many students and faculty
across campus. As ACTS implements dynamic addressing, mobile connections are available
in more buildings across campus. The Library, Miriam Hall and Kennedy Union were among
the first, most important locations.
The central micro labs will not fade away as more students own personal computers as part of
the student computer initiative. Rather, these facilities will evolve from the 1980’s concept of
open-access labs to the concept of technology-intensive teaching and learning environments
that directly support an increasing number of academic programs with technology-driven
curricula. By the year 2005, public computing facilities will become closely tied to information
resources available only in their original non-electronic forms. As a result, the academic library
will become the sole location with a need for open-access computing hardware. The
interwoven nature of computing technology, information research specialists and information
resources, in both electronic and physical forms, will have redefined the notion of what
constitutes a library.
While face-to-face learning will remain a central and valued approach at UD, teaching
efficiency and productivity will be enhanced by the use of network resources such as Lotus
LearningSpace, where course support materials (syllabi, reading lists, lecture notes and
handouts) are readily available. In addition, innovative resources such as multimedia materials,
discussion forums and student-directed collaborative work environments (known as “electronic
team rooms”) are readily accessible and carefully integrated into the design of classes.
10
By the year 2005, faculty, students and staff will establish, build and sustain a series of on-
going cross-discipline and community-wide conversations that address the critical issues that
impact the quality of life throughout the campus and larger community. These conversations
will be enhanced and extended through the use of electronic threaded discussions that
encourage participation of all members of the community--local and remote.
By the year 2005, faculty, staff and students will routinely design, deliver and participate in a
variety of innovative approaches to the learning process that emphasize active learning,
collaboration, and the integration of academic, service, and residential life experiences within
a community of learners.
When beginning the mobile computing plan, a survey of faculty, staff and students
uncovered the following information:
Favorable factors:
UD has the basic infrastructure in place to support mobile computing
Facilities in Miriam, the Library, LTC, KU and the student neighborhoods are accessible
for mobile computing.
The emphasis on “in classroom” use of computers may not be required for widespread
implementation across campus. Selective classroom uses (in specific rooms) may
allow for appropriate implementation of notebooks.
Facilities for “beyond the classroom” uses of notebooks in support of connected learning
and scholarship are currently available (wireless, data ports, formal and informal
meeting spaces)
We are approaching the point where we will need to systematically replace furniture in
many classrooms. This may offer us an opportunity to leverage this investment with
new furniture that is “mobile computing friendly.”
Unfavorable factors:
Classroom readiness with appropriate tables, wireless connections and AC power outlets
will require funding.
The cost of adding a wireless data card to each notebook computer will increase the cost
by about $125.
The cost to prepare a typical classroom for 40 wireless data connections will be $4,000
plus annual maintenance costs of about $1800 per year.
For rooms not already equipped, the cost of adding data projection is about $10,000.
The capital investment to replace desks with appropriate chairs and tables in a room with
40 students will typically run about $15,000 – $24,000
The cost to add appropriate AC power outlets around the perimeter of each room will be
range from $3000 to $5,000.
The high end cost of preparing a classroom for full notebook readiness will be about $43,000.
The low end cost of preparing a classroom for full notebook readiness (with new furniture)
will be about $22,000.
For rooms that require only AC and data, the cost will be between $7,000 and $9,000 dollars.
Unfavorable factors:
Unsecured notebooks are susceptible to theft
Secure storage lockers will require additional funding and installation in spaces not
currently designed for storage (such as KU, Library)
11
Maintenance and Support
Favorable factors:
Maintenance and support for notebooks is typically more efficient than desktops if an on-
site repair depot is established.
The cost to support notebooks is lower than desktops because technicians do not need to
go to the student’s room.
Student can “drop off” notebooks for service in the morning and typically pick them up
later the same day.
Unfavorable factors:
Notebooks are more likely to suffer significant damage because they are portable and
susceptible to abuse.
Notebooks can be more expensive to service and insure.
Some components on notebooks require off-site repair, which can result in students
waiting an extended period of time for their computer.
Fordham's new wireless network, which launched in early February, 2003 allows laptop and
personal digital assistant users to connect to the Web using wireless/radio frequency
technology rather than by the traditional Ethernet card.
The wireless network supports 802.11b High Rate, also known as Wi-Fi technology. Most
laptops manufactured within the past six months to a year come with compatible wireless
networking cards pre-installed. For those that don’t, cards are available for purchase at most
computer retailers and at Fordham’s CompURam stores at Rose Hill and Lincoln Center.
Access points have been installed in most buildings on the Rose Hill and Lincoln Center
campuses, letting users log onto the network from a variety of areas, including study lounges,
cafeterias and libraries. A laptop's wireless card uses radio frequencies to communicate with
the access point then linking the user to the campus network and the Internet. The wireless
network transfers data at about four to five megabytes per second, which is faster than a 56k
modem but slower than a standard Ethernet connection.
According to Jason Benedict, director of computer services and operations, the wireless
campus-wide network is expected to be fully completed by Fall, 2003.
Although there is no service charge to connect to the wireless network, users do need to
register for access. To register or get more information and to learn more about specific
coverage areas and wireless policies, visit http://www.fordham.edu/wireless.
Duquesne University
Duquesne has engaged in a pilot wireless network program. As a part of this program, the
University is inviting the participation of a limited number of qualified members of the
University Community. Qualification is based somewhat on the technical capabilities of the
laptop computers owned by these individuals and the environment that they operate their
laptop computers in when not on Duquesne's campus.
12
• Reasonable coverage in the 4th floor Ballroom of the Union
• 5th floor Options dining facility of the Union
• Minimal coverage on the 6th floor of the Union
Wired equivalent privacy (WEP) 128-bit key encryption scheme is supported. 64-bit
encryption may NOT work.
Macalester College
Currently, the library and some classrooms are wireless, with a test number of laptops
available for checkout and use in the library.
What are the short-term, mid-term, and long-term visions for using wireless?
The short-term was a one-year pilot experiment where Macalester purchased wireless-access
laptop computers, both Macs and PCs, and made them available for public check-out in the
DeWitt Wallace Library. Wireless access points were installed throughout the building so as
to create a complete overlap of wireless signal. The goal was simple: to discover how well the
technology worked as a technology by letting students, faculty and staff "play around" with it,
in the most secure (e.g. limited access/egress) facility on campus.
The success of this program exceeded the most sunny expectations. Macalester then
expanded the wireless checkout program to the newly-constructed Stricker-Dayton Campus
Center. Here, the challenges included a less secure environment, a more difficult-to-cover
space for wireless access, and a less tech-savvy support staff. Macalester has further placed
wireless access points in one academic building, where the tech staff are experimenting with
wireless using some of the professional laptops. This past year, an investment in at one
"COWs" (Classrooms On Wheels) took place. This is a wireless access point, projector and
multiple wireless laptops stored on a cart, located in an academic building and available for
use by interested faculty on a first-come first-served basis.
If the COW model succeeds, the long-term future will involve purchasing more such units--
ideally, one for every academic building--and installing wireless access points in larger lecture
13
halls and in residence halls. Since the current Ethernet network already wires all on-campus
residence rooms at a ratio of one port per pillow, and all classroom spaces to at least two
active jacks (frequently more, at 100bT speeds), it is expected that the most useful direction
for wireless expansion will be in the "smart" presentation classrooms and large communal
areas of campus buildings, especially residence halls. For example, public computer labs
may become facilities where the computers are portables with 'comfortable' furniture, rather
than rows of desktops on straight tables….
Beyond that, Macalester would hope that wireless might offer advantages in networking some
older facilities whose construction does not easily permit us to run "standard" cable-based
Ethernet networking. Long-term, there is an expectation that wireless access for PDAs will be
developed.
What equipment and standards were chosen for your campus network?
Early on, the 802.11b standard was selected and 3COM's AirConnect wireless access points.
Since Macalester is a mixed-platform institution, Macalester purchased Apple iBook laptops
with Apple AirPort cards, as well as Hewlett-Packard OmniBook XE3 laptops with 3COM
AirConnect wireless cards. The Apples had no problem communicating with the AirConnect
access points. The main problem was that the AirConnect cards' antennae protruded from the
PCMCIA slots on the HP laptops, and frequently were sheared off by users' dropping them.
The second time around, when the program was expanded, the PC’s were changed to Dell
Latitude laptops with Dell's built-in wireless.
D. Lessons Learned
Experiences from the UST “peer” institutions, ACTC schools, Minnesota schools
and early adopters have been provided through their web sites. During planning
and implementation of mobile computing, UST will want to consider these insights:
• Implement several pilots. One of the key lessons learned has been
the importance of coordination of frequencies used within a given area.
The ability of the radio waves to penetrate walls that make them ideal for
large area network use create overlapping areas among the networks and
equipment where conflicts and interference occur. For example, wireless
computer mice and other accessories in areas of the Fine Arts and
Architecture buildings are inoperable due to RF interference from other 2.4
GHz equipment. Similar problems have occurred with wireless
microphones, and controls in adjacent rooms in buildings throughout the
campus. The need for careful planning and coordination of equipment and
14
frequencies is one of the most important lessons learned from the pilot
projects.
• Buena Vista, CMU both learned that site surveys (whether the
access points are adequate) are a critical part of phasing in the
implementation, as well as overbuilding the network. Battery life is also an
important element to consider when planning.
• Plan a Pilot Year to purge bugs when stakeholders will still tolerate
imperfections.
Focus on the reason for wireless and getting the most bang for the buck
• Successful implementations focus on a main goal, that is, why are we
doing this? The University of St Thomas will want to select the most
important reason why wireless is important.
• Students will be the largest users. Dartmouth revealed that wireless was
used more in the residence halls than anywhere else. With wireless
access across campus, more students will bring laptops to campus. On a
UST peer institution campus, an English student was given access to the
School of Music’s digital recording studio and, with the help of technically
capable students, made a recording of a song he wrote using software on
the notebook. He burned a CD and got some great radio play ….and
launched a music career. A history major received an international award
nomination for instructional design on her learning program that was
created for an environmental science professor. A geology student got a
great job offer from a mining company when they discovered her new
application of mapping oil deposits using a graphic arts software program
that saved them thousands of dollars. Meanwhile, test scores on physics
exams went up marginally after implementing an expensive and carefully
planned technology assisted learning environment.
• If students and their needs are the primary focus for wireless, one
university recommends conducting a study of the student population and
their use of mobile computing and the impact on their learning and
potential job upon graduation. They have some good baseline research
that began with an all-campus survey issued to students that has revealed
some interesting changes in perspective about the impact of technology on
learning. There was, in hindsight, much more interesting baseline data
that should have been gathered.
15
accomplish and measure, are efforts aimed to improve student life through
the mobile computing program. Enhanced communications for students
and alumni, access to multimedia development facilities, administrative
services to make tasks more convenient – these all have an undeniable
positive impact on students and are relatively easy to accomplish
compared to educational transformation.
Vendor selection
• A multi-vendor solution is possible, but difficult. If multiple vendors
are selected, ensure that the two vendors can co-exist. For example, one
university implemented both a Cisco and Avaya solution. Even though
each of these solutions met the 802.11b standard the individual PC
wireless network cards would not work with the other vendors access
points. If at all possible, select one vendor.
• Don’t accept the first bid from a vendor: the market is competitive,
and vendors will improve their bids. Develop strategic partnerships rather
than just buying from vendors. Choose a partner for the long haul.
Access Points
• The importance of careful consideration when initially placing access
points, the importance of monitoring the locations and of querying users to
determine whether access points should be relocated.
16
The number and type of walls (concrete or drywall) makes a difference and
the site survey will ensure your assumptions will work.
• Dartmouth has more than 500 Access Points. It’s an art form to figure out
where to place them, and decide how to adjust their signal strengths–it
doesn’t work well to simply turn all of them up to 100 percent because they
will interact with each other. There is always a lot of tweaking regarding
placement and adjustment of APs. There is a lot of trial and error in the
process. One of the ways this was done, was to have teams of students go
around and plug an AP into the nearest network jack, with a long wire to
the AP, and actually test out 2 or 3 various locations.
• In designing for coverage, CMU planned to space the access points as far
apart as possible, minimizing cost. On the other hand, they knew that one
must avoid coverage gaps, areas where no service will be available to
users. In designing the Wireless Andrew network, CMU found that rules of
thumb are inadequate. Rather, each building design must be based on
careful and exhaustive signal strength measurements. This is particularly
challenging because a building is a three-dimensional space, and an
access point located on one floor of the building provides signal coverage
to adjacent floors of the same building. CMU developed detailed
procedures for conducting these measurements and for locating access
points in a way that maximizes the spacing between access points but also
minimizes coverage overlap between access points.
17
Management and Support Resources can be Overwhelming
• Getting laptops to students is only 10% of the challenge; decisions
about, and implementation of, policies, training, support, networking,
exposure, and motivation remain ahead.
18
Notebook programs
Seton Hall and the University of Dayton have implemented notebook
programs to support their wireless programs where all students as incoming
freshmen are required to purchase a specific computer. Purchase,
maintenance and support are handled by Seton Hall, whereas, the University
of Dayton contracts all services outside. Seton Hall has found the notebook
program to exceed their initial cost expectations. Each student at Seton Hall
is required to check their notebook in at the beginning of each semester for
support. Marquette University has a pilot laptop program operating in the
library.
• Security
Everyone would agree that a wireless network is not as secure as a wired one, but
opinions about how to handle this reality tend to fall into two camps.
One approach is to buy added levels of security for the network. Extra security can mean
using special data encryption layers, or adding authentication software and requiring
users to log on with a username and password. This can make the network safer, but it
can also be expensive.
Another approach is to look at the wireless network as a public service similar to campus
courtesy phones, and allow anyone with a laptop and a NIC to access the internet without
needing a username and password. In the same way a visitor can pick up a courtesy
phone and get a dial tone, visitors might use their own computers (or computers borrowed
from a college) to get "IP Tone" and access the web. The cost of this service can be
almost negligible. Some campuses, airports, hotels, and coffee shops already offer this
courtesy.
19
substantially cheaper than the cost for wired ones. The cost of the wireless network
hardware will depend on how many access points are needed to achieve a given level of
coverage, performance needs, and the brand of equipment chosen.
It will also depend on which expenses are farmed out to students or footed by the college.
For example, some institutions purchase $100,000 - $200,000 worth of laptops for use in
the classroom and/or to be "checked out" in the library. Other campuses have laptop
policies that ensure that all students own their own computers, and pay for the installation
of wireless cards themselves. To get an idea of specific implementation costs for
particular projects, see the case studies for:
• Macalester College
(http://www.macalester.edu/infoplan/archived/bandwidth.html and
http://www.nitle.org/wireless/macalester.php)
• Seton Hall (http://technology.shu.edu/)
• University of Dayton (http://www.udayton.edu/~notebook/Orientation
%20Document.htm and http://www.udayton.edu/~pres/pdf/ormpdf/IT.pdf)
• Minnesota State University
(http://www.lib.mankato.msus.edu/lib/laptops.html).
• Speed
A wireless network will not be as fast as a wired one. For the convenience of mobility,
you pay in the amount of time it takes to send and receive information. This
sometimes makes sharing large digital video, audio, and image files over a wireless
network cumbersome, though not necessarily impossibly so. Data transfer speeds are
measured in megabits per second (Mbps), and the comparison between a wired
Ethernet (a local area network) and a wireless network looks like this:
Wired Common Ethernet = 10 Mbps
Fast Ethernet = up to 100 Mbps
Gigabit Ethernet = 1000 Mbps
Wireless 802.11b = 11 Mbps
802.11a = up to 54 Mbps,
but usually 6, 12, or 24 Mbps
802.11g = up to 54 Mbps over short distances
It increases spontaneity. It allows people to communicate and make changes and ask
questions even more on the fly than they could before. There is not a lot of live teaching
use with wireless. Where the greatest use takes place is outside the classroom as people
20
do their work and as they communicate with each other. It frees people up. Wireless
computing will cause a change in the social culture of the University. The university will
want to be aware that this change will occur.
21
II. What are the wireless standards?
A. Introduction
This section of the paper discusses the 802.11 family of technologies and how
they compare. It also addresses the history, current status, and future of the
security issues faced with these technologies. It concludes with some
recommendations for the UST campus deployment.
Secondly, it describes network hardware and software and student network cards
that are compatible with the 802.11 family and advantages and disadvantages of
each.
Recently, two other family members were added, 802.11a and 802.11g. 802.11a
offers communication on 5.0 GHz, which is a less crowded communication
frequency than the 2.4 GHz found in 802.11b. Many devices operate on 2.4 GHz,
including cordless phones, baby monitors, wireless web cameras, and microwave
ovens, leading to interference concerns. In practice, this seldom creates a
significant problem due to the robustness of the protocol. 802.11a also offers
significantly more non-interfering channels (12 compared to 3), and more
throughput (54 Mbps compared to 11 Mbps) which can allow for more densely
packed access points which in turn could serve more users. In practice, the
actual throughputs are smaller (4-6 Mbps for 802.11b and 15-20Mbps for
802.11a). Finally, the distances for 802.11a are smaller than 802.11b (75 ft
compared to 150 feet). Table 1 highlights the key technology differences.
There is one important caveat with 802.11g. While it does provide backward
compatibility with 802.11b, most access points will provide only 802.11b data
rates when there is a mixture of 802.11b and 802.11g clients using that access
point, which is the likely scenario in a campus environment.
22
Usable 4-6 Mbps 15-20 Mbps 15-20 Mbps 15-20 Mbps
throughput
20-60 feet
Max Indoor 150 feet 75 feet 150 feet A: 75 feet
Range B: 150 feet
Signal DSSS OFDM OFDM OFDM
Modulation
Technology
Compatibility G None Backward to A: None
B B: G
Max Users/AP 32 64 64 128
Number Non- 3 12 (might 3 16
Overlapping move to 24)
Channels
Most Popular Homes, Offices, Homes, Homes, Offices,
Deployments offices Enterprises Offices, Enterprises,
(mature, (higher Enterprises Home Media
inexpensive) throughput (greater Servers (greater
and larger throughput throughput, and
channels and compatibility)
support more compatibility)
concurrent
users
Deployed in Yes No No No
Hotspots?
The original 802.11b specification provided encryption capability for both privacy
and authentication with a facility called WEP (Wired Equivalent Privacy). In this
scheme, the access point and each client share a cryptographic key (at least 40
bits long, preferably 104 bits long). This key must be kept secret. In addition, the
23
access point and client must share a network name, or SSID, in order to connect.
This SSID, unlike the WEP key, is not a secret and is broadcast in the clear.
Using WEP is the first step toward security of a wireless network. Unfortunately,
approximately half of all wireless networks do not turn on this option, which
exposes their network to significant security risk.
Some solutions exist to further control access to the wireless network. For
example, some access points allow a list of MAC (hardware) addresses of
wireless network cards that describe authorized users. So, new users must
register their cards before they are allowed to connect. Unfortunately, these MAC
addresses can be wirelessly sniffed, and then attackers can modify their
hardware to use that same MAC address, and pose as an authorized user.
In addition to the problem of users not turning WEP on, WEP itself is
cryptographically flawed. These flaws have enabled software tools to break a
WEP key by listening to encrypted data. It takes about 500Mbytes to 1GByte of
traffic in order to accomplish this with freely available software that runs on
standard hardware. Once an attacker has the WEP key, they can not only
decrypt future traffic that uses that key, but also decrypt any old traffic that they
have stored that used that key as well.
So, for sensitive information, it is important to treat any wireless links as if they
were insecure. End-to-end cryptography can provide a layer of protection on top
of all the communication links, and is currently the best protection from the WEP
issues. Examples of these technologies include VPNs (Virtual Private Networks),
and SSL (Secure Socket Layer), SSH (Secure Shell). So, for example, a user
that connects to Amazon and enters credit card information is protected because
they use the SSL protocol (the browser lock), and this encrypts the information
from the user's computer to Amazon's server, and is therefore secure over any
wireless (or other) links. VPNs can similarly secure all traffic from a user's
computer to a corporate or campus server. With VPN technology, WEP can be
disabled, eliminating the key management issue.
The industry has responded to the security issues with a plethora of proprietary
solutions, which typically require special client wireless cards, specific client
operating systems, authentication servers, and special access points. Examples
include some of the Cisco LEAP and 802.1X solutions.
The real solution is to fix the standards. The IEEE has responded with 802.11i,
which addresses the security issues in two phases. This standard is not
expected to finalize until 2Q04. In the first phase (TKIP), a firmware upgrade
could be applied to existing hardware to improve the security. The wireless
industry has defined a Wireless Protected Access certification for products that
implement this upgrade. While this ensures that new hardware has the improved
security capability, vendors are probably not motivated to provide this upgrade for
legacy products. And, many access points have to be configured to the "least
common denominator" for security, which in a mixed campus environment will be
24
WEP, not TKIP, for a long time to come. The second phase requires new
wireless network hardware as well.
In addition, rogue access points, which are purchased by users and plugged into
a network without the permission or knowledge of the IT team, can pose a
significant security exposure. There are internal and external tools that can help
detect the presence of these access points, but user education can help reduce
the problem at little cost.
There are a host of other wireless network security best practices, including
obscure SSIDs, disabling SSID broadcasts, physical AP security, optimized
antenna coverage, SNMP password management, static IP address assignment
with disabled DHCP, and separate DMZs for wireless networks. Some of these
are probably not feasible in a campus environment.
25
Most UST students are likely to have one of two configurations of wireless
connectivity. In one case, they may own a laptop with built-in 802.11b capability,
especially with the growing presence of Intel's Centrino technology which is
integrated into the motherboard. Or, they are likely to have a retail product
purchased at Best Buy or CompUSA, which is typically Linksys, D-Link, or
Netgear. Buffalo is a vendor with strong overseas presence just making inroads
into the US market, also aiming at the retail consumer market. The Cisco
products are rarely found on consumer/student systems, but they tend to have
the best reception capabilities, and have advanced security features not found in
the consumer products.
So, UST should expect the bulk of student systems are 802.11b capable with
consumer-grade hardware, with growing 802.11g presence in coming years. If a
student does not currently have wireless support, it can be added for about $40
by purchasing an adapter card from one of the many retail sources.
E. UST Recommendations
802.11b is currently the technology of choice by most users, primarily due to cost.
The next technology wave will be dominated by 802.11g. So, if UST is
purchasing new access points, it is worth investing in the 802.11g technology if
the investment costs over 802.11b are not too great. But, with most access
points, if there is even one user that is using an 802.11b card, all users will
experience the lower 802.11b throughput, so there may not be an immediate
benefit. There is probably not a near-term scenario where 802.11a is
appropriate.
With the state of wireless security, and in consideration of the diverse client
hardware in a campus environment, it is probably best to use a VPN to secure the
wireless link. Most other solutions have hardware and/or software requirements
that are not likely to be easily met from this diverse client base. In the future, as
the 802.11i solutions become more prevalent, the VPN requirement can go away,
but this will probably take years to accomplish. For current purchases, UST
should require WPA certification.
Also, UST may need technology to control the bandwidth available per user. It is
possible (and probable) that some users will set up wireless music and video
servers that will consume substantial bandwidth that will be unavailable to others.
Wireless Gateway products are available to help with this.
Finally, user education for faculty, staff, and students, must take place. This
should cover setup and operation, security procedures and limitations, and the
dangers of using unauthorized equipment such as access points in the network.
26
III. Design of UST wireless campus access points
A. Introduction
Where should wireless access points be implemented on the University of St.
Thomas campus?
The library is currently implementing wireless access points as are several rooms
throughout campus. Beyond this, a next phase that is consistent with how other
universities have implemented wireless, would be to implement wireless in
student common areas such as student study areas, lounges and resource
centers. This would enable communities of students to conveniently work in
study/lounge areas on projects with other students while having access to the
UST network and the internet. Beyond this, implementation in select conference
areas/faculty/staff meeting spaces and auditoriums for use by faculty and
students may be warranted. Growth of the number of access points will need to
be monitored based on results from tests and experience with interference and
security.
B. Recommendations
Based on experiences from other universities, advice from current research
articles written on the topic and experts in the field, any deployment of wireless at
the University of St Thomas will not be without difficulty. Wired stations will never
go away due to issues including: cost, security, and reliability. Deployment of
wireless should be phased in over many years with an evaluation component built
in after each phase so that lessons learned can be implemented.
Decisions about where to put access points on campus will require careful testing
and the following should be considered:
Readily available maps of wireless coverage areas with an indication of signal
strength and interference will aid the user in determining where coverage will be
suitable.
27
• Other university wireless programs show some concern about the
11MBPS speeds. Some careful thought should be given to the 54 MBPS
speeds as a goal, with the 11 MBPS speeds as interim.
28
III.AirSpace requirements, policies, implementation, education,
support and other initiatives to be considered to support a
wireless network
A. Introduction
Implementing a wireless network isn’t as easy as plugging in a network cable and
configuring an access point. Yes, with all the planning you may have an excellent
wireless network, but if the users it was intended for do not know how to use it,
it’s useless.
29
able to provide direct assistance for configuration and installation as well as
troubleshooting.
Banned - Because the use of the service or technology may result in a loss of
service to others, it will not be allowed on the campus network. Although we will
attempt to explain the reasons for banning services or technologies, we will not
disclose information that would help users with malicious intentions.
Generally most schools, as well as most wireless network operators, suggest one
type of wireless card to buy for incoming freshman, as well as any student
wanting to get access with their laptop. Wireless Andrew suggests Agere
Systems ORiNOCO. This is no doubt because their access points are from
ORiNOCO. Due to the fact that most students don’t know which one to buy, it is
suggested that a standard be set to which type of card to get. This has many
benefits such as support, testing, and pricing. This was further discussed in a
prior section.
The need for differing access levels for faculty or students does not really exist in
the wireless world, you either have access or you don’t.
The Operating Specifications will mostly lie within the wireless card’s
manufacturer. They establish standards that computers must meet to
successfully operate a wireless card. This seems like a logical reference point,
because wireless at UST would not require anything above those requirements.
30
E. Availability of the network
Network Availability is mostly based on budget. Essentially the more money
available, the more access points can be purchased. More access points mean a
higher availability to the network. The OSF Library is the first logical area for a
wireless network. The network would be available for all students and staff twenty
four hours a day and seven days a week.
F. Bandwidth Guidelines
Guidelines for bandwidth over wireless will be similar to those over most wired
systems. The guidelines may be a little tighter because wireless networks
experience a smaller amount of throughput than the average wired network.
Guidelines are put in place so all users have the ability to use the network to its
fullest without hindering another users ability. Wireless Andrew has compiled a good
explanation of possible guidelines:
Demand for outbound bandwidth (the amount of data that can be transmitted over
the link at any given time) exceeds the quantity purchased by the University and
traffic is noticeably congested during peak usage periods. Computing Services has
developed these guidelines to help to ensure that all users are able to obtain their fair
share of this limited resource.
The primary area of concern at this time is the outbound traffic over the commodity
link. Outbound traffic is the result of two types of activity:
The second of these is the most common cause of high outbound use of the network
link. There are many services by which users at other points on the internet access
and retrieve data from machines at Carnegie Mellon. These include, but are not
limited to, the following:
• Web servers
• Peer-to-Peer file sharing
• FTP servers
• Multiplayer Gaming and game servers
Many of these services are provided within the overall research and educational goals
of the university. Even so, those providing services must do so in a way that does not
consume an unfair percentage of the available network bandwidth and, thus, deny
other users of their fair share.
Most of these guidelines will be up to the users to regulate. Certain ports and
services can be blocked or given a smaller piece of the bandwidth with wireless
similar to a wired network.
31
G. A laptop project that should be separated from the wireless project.
The market is moving at a rate that there is a gradual shift in computer
purchases from desktop to laptop, and wireless equipment is readily available.
Just look at any Best Buy advertisement. The laptop issue can be a
boondoggle. In other words, other universities have found the support costs and
time for laptop disbursement and maintenance has been overwhelming. This
should be a careful and thoughtful decision.
32
V. Bibliography
Websites
Conway, J. (1997, May). Educational technology's effect on models of
instruction. Retrieved April 30, 2003, from
http://copland.udel.edu/~jconway/EDST666.htm
Augsburg College
http://falstaff.augsburg.edu:8080/it/IT_WEBSITE/news/news.html
Buena Vista University
ebvyou.bvu.edu/about.htm
tltc.bvu.edu/ebvyou/CIT2000/eBvyou_overview.ppt
Carnegie Mellon University
www.cmu.edu/computing/wireless/wirelesshistory.html
College of St Catherine’s
http://www.stkate.edu/library/circ/laptops.html
Duquesne University
http://www.cts.duq.edu/content_pages/staff/e_network/e_netw_wireless.html
Fordham University
http://www.fordham.edu/wireless
Hamline University
http://www.hamline.edu/communications/center03_28_03.html
Loyola University Chicago
http://www.luc.edu/infotech/wireless/
www.luc.edu/infotech/wireless/install.html
http://www.luc.edu/publications/loyolaworld/010523LW/mainArticle5.htm
Macalester College
http://www.macalester.edu/infoplan/archived/bandwidth.html
http://www.nitle.org/wireless/macalester.php
Marquette University
www.marquette.edu/library/services/laptophelp.html
Minnesota State University
http://www.lib.mankato.msus.edu/lib/laptops.html
http://www.mankato.msus.edu/mavnet/plan.doc
Seton Hall University
http://technology.shu.edu
St. Louis University
http://www.slu.edu/readstory/newslink/2389
St John’s- St Benedict’s
http://www.csbsju.edu/itservices/wireless.htm
University of Dayton
http://www.udayton.edu/~notebook/Orientation%20Document.htm
http://www.udayton.edu/~pres/pdf/ormpdf/IT.pdf
University of Minnesota
http://www1.umn.edu/wireless/
University of San Diego
http://www.sandiego.edu/diversity/slrplan.html
33
DESIGN PROCESS from SITES at University of Illinois:
The University of Illinois is large enough to have a Network Design Office.
http://www.cites.uiuc.edu/commtech/ndo.html
A flowchart of how a university department can design and install a wireless site.
http://www.cites.uiuc.edu/wireless/admin/wirelessflowchart.jpg. This chart appears below:
34
Books
Since UST may employ CISCO equipment, the following book would be most useful.
CMU is a larger institution that is an early adopter and leader in the wireless networking
arena and began their wireless network back in 1994. It is known for its advanced
information technology leadership, and wireless is a part of it.
“Wireless Andrew” is the name of their wireless network, which supports 2200 users on
an average day.
• http://www.cmu.edu/computing/wireless/
• See also: Carnegie Mellon Researchers Can Help Build Reliable "Wi-Fi" Wireless
Networks at http://www.cmu.edu/cmnews/020411/020411_wifi.html
35