Wireless Network Infrastructure

• Updated: December 2009
• Primary Contact : Brian Dahlin

University employees, students, and guests will have shared access to wireless network resources to support the University’s mission of teaching, research, and outreach.

Anyone who wishes to connect to the University’s authoritative campus network with a laptop or other wireless device must use wireless network infrastructure devices that are owned by and centrally managed by the University to ensure integrity, security, and availability for appropriate educational and business activities.

Any wireless network device that would extend the University network, and is not managed by the authoritative campus network, will be considered a rogue device, and will be subject to detection and immediate removal from the network. These devices include but are not limited to wireless controllers, access points (APs), and servers that manage the system. Wireless APs advertise the services they provide with a name programmed into the device called a Service Set Identifier (SSID). Wireless network names that are centrally managed may not be used or operated by users or units. Authorized users of the University network are responsible for knowing and adhering to user rights and responsibilities as defined in Administrative Policy: Acceptable Use of Information Technology Resources. Users who grant access to University's wireless network must make their guests aware of the User Rights and Responsibilities and the University's expectation they will follow them.

Exceptions:

The Office of Information Technology may make exceptions to this policy.

The purpose of this policy is:

• To ensure compliance with current local, state, and federal regulations regarding data security, roaming, voice, and potential future wireless services attached to the University's wireless network;
• To provide a centrally managed campus infrastructure which is pervasive, serves the common good, and in compliance with industry standards such as Payment Card Industry (PCI) rules and the Health Insurance Portability and Accountability Act (HIPAA);
• To preserve the wireless network's installation, maintenance, and operational integrity and standards.

• Wireless Network Use: Twin Cities and Rochester Campuses; Extension Services Sites and Research Outreach Centers

There are no forms associated with this policy.

Access Point (AP)

A wireless edge device connected to the University network through a data connection. Wireless users connect to the AP by selecting the University SSID, which is provided by the device.

Authoritative Campus Network

The centrally managed authoritative campus networks are operated by four units:

• The Office of Information Technology (OIT) operates the centrally managed authoritative network for:
  • Extension Services
  • Research Outreach Centers
  • Rochester
  • Twin Cities
• Technical Support Services (TSS) operates the centrally managed authoritative network for:
  • Crookston
• Information Technology Systems and Services (ITSS) operates the centrally managed authoritative network for:
  • Duluth
• Computing Services (CS) operates the centrally managed authoritative network for:
  • Morris

Authorized User

Any student, staff, faculty, alumni, sponsored affiliate, unit or other individual who has an association with the University that grants them access to University information technology resources.

Controller (wireless)

A wireless network device which is connected to the University’s network infrastructure and can manage wireless traffic and access.

Departmental Service Gateway Representatives

People who have been authorized by their department head, and trained by OIT, to use OIT’s Service Gateway application to manage voice and data services.

Rogue

A wireless network device that spoofs or interferes with the day to day legitimate operation of central wireless services. For example, a rogue AP could mimic central services by falsely advertising a central SSID in order to lure end users onto the spoofed service and to obtain sensitive data such as passwords.

Server

A multi-user computer, which provides some service for other computers connected to it via a network. The most common examples are file servers, web servers, mail servers, and database servers. Wireless servers apply configurations to both APs and controllers, as well as approximate Radio Frequency (RF) for planning where to deploy additional wireless devices.

Service Set Identifier (SSID)

Wireless APs advertise the services they provide with a name programmed into the device called an SSID. For example, “UofM,” “UofM Secure,” and “UofM Guest” are SSIDs on the Twin Cities and Rochester campuses as well as Extension Sites and Research Outreach Centers.

Wireless Network Devices

The University's wireless network is composed of components, which include but are not limited to controllers, access points, and servers that manage the system.

Authorized Users of the University wireless network

Adhere to the User's Rights and Responsibilities of Administrative Policy: Acceptable Use of Information Technology Resources.

Departments and Colleges on the Twin Cities and Rochester Campuses

Work with OIT to replace any rogue wireless access points.

OIT - Networking and Telecommunications Group

Identify and mitigate rogue access points.

Students

Disconnect any existing rogue wireless access points.

There are no appendices associated with this policy.

Wireless Network Infrastructure FAQ

• Administrative Policy: Acceptable Use of Information Technology Resources

Effective:

December 2009