At a Glance
 
Central Software
CityVoD - CSC Forum Archive
Software List on CSC Student LAN

Location and Floor Plan of the CSC Teaching Studio Areas
Opening Hours of the CSC
Systems Maintenance Schedule
List of Blocked Network Cards / IP Addresses
List of CSC Representatives
List of Departmental Network Administrators
Staff Computer Courses
Sitemap
 
CSC e-Forms
 
Submit CSC Work Req.
Req. for Printing
Req. for Dump / Restore
Teaching Studio Booking / Cancellation
Email Alias Application
Apply for a New Domain Name
Remove an Existing Domain Name
Modify the Hosting of an Existing Domain Name
 
Useful Links
 
OCIO Home
IT Information for Students
IT Information for Staff
IT Information for Alumni
 
Got any questions, comments or suggestions? Contact the editors at ccnetcom@cityu.edu.hk
Issue 44 - June 2005
Wireless LAN Upgraded to Better Serve the Campus Community
By S.K. Tsui

CityU has been offering the Wireless LAN (WLAN) service since 1997. The population of registered WLAN clients has increased more than ten folds from less than 200 at the beginning to more than 3000 clients now.

WLAN technology is changing rapidly and new standards are emerging in the market. Products with higher speed and rigid security are becoming affordable. As our WLAN is already 7 years old, it is about time to replace the old WLAN system with a new one in order to provide more bandwidth and better performance in a more secure way for the benefit of our users.

The Project

The project was started in June 2005 and expected to take several months to complete. The intelligent wireless LAN switching solution from Aruba has been employed to replace the old Vernier Authentication Server and low speed Orinoco Access Points (APs). Initially 400 new APs will be installed to provide a wider coverage than the previous 250 APs by extending to areas such as laboratories within departments.

Our first phase of the implementation will include all existing areas and we expect to complete the set up of the new WLAN and replacement of APs before Semester A of 2005/06. Existing authentication methods (Web and VPN logon) that we are familiar with are still available in the new system. Users may notice that a new login page is displayed when their PCs are attached to the new system.

As the migration period will take quite long, we shall try our best to keep the transition as smooth as possible to avoid any service interruption. If you encounter any difficulties in using the WLAN service during the upgrade period, please contact our CSC Help Desk or write to ccwlan@cityu.edu.hk for our action.

Advantages of the New System

  1. Better speed and flexibility

    The old system supports only IEEE802.11b (11Mb throughput) while the new system conforms to all IEEE 802.11a (54 Mb), b (11Mb) and g (54 Mb) standards. This provides our users with a broader choice of WLAN products from various manufacturers.

  2. Improved Network Security and Privacy

    1. Wireless Firewall and Intrusion Protection

      The nature of wireless networks makes them attractive to intruders or hackers. The latter may want to gain free access to the campus network, steal data or even disrupt wireless communication. Such activities can be achieved by using simple tools. Two common intrusions and how our new system can deal with them are described below:

      1. Gain free access to the campus network and/or steal data through Rouge AP

        Rouge AP is defined as those APs not registered in our central WLAN system. Hence we don't have any control over these APs and do not know where and what they are used for. Rouge AP may be APs set up by our staff, students or even intruders/hackers.

        If any of our clients attaches to the rouge AP that belongs to a hacker, all the traffic will go through the rouge AP and the intruder can capture sensitive data such as user names and passwords.

        Though they may not be intentionally offering open access wireless connections to the public, our staff or students may bring their own APs and connect them to the campus network without enabling any security mechanism. Thus, intruders may use different probe tools to scan for these unsecured Rouge APs to enable them to gain free access to the campus network without going through any authentication process.

        Fortunately, the new system is capable of detecting rouge AP and has options to dissociate clients attached to it. This can safeguard our WLAN users from leaking their information to unknown parties and protect our network from unauthorized access.

      2. Disrupt wireless communication

        Intruders may use different tools to perform Denial of Service Attacks (DoS) to the APs or the control system to disrupt wireless communications.

        In this respect, the new system employs a number of techniques to detect and prevent such wireless attacks.

    2. Rigid authentication and encryption methods

      Other than the VPN logon method provided in the current WLAN service, the new system offers more rigid authentication and encryption methods such as WPA and WPA2 to enhance network security and privacy, making the hackers even harder to decrypt the contents of the data sending over the air.

  3. Centralized and Intelligent AP Management Provide Better Performance and Availability

    The new system utilizes a central control unit to manage and control all the APs installed. The control unit will keep monitoring the status of each AP and controls the transmission power and frequency channel of individual AP to minimize interferences from each other. Moreover, if any AP fails to work, the control unit will instruct the adjacent APs to increase their transmission power to take up the coverage automatically.

  4. Voice over IP (VoIP) and Video Support

    The new system has many built-in features to support VoIP and video applications. However, as these applications are very time-sensitive, it will take us some time to properly configure all equipment involved, to study their limitations, and to iron out various timing issues on different devices before a large-scale deployment can be made.

Conclusion

The WLAN service in CityU aims to provide a convenient and secure means to our staff and students for mobile computing. The Computing Services Centre will continue to keep enhancing the service by accommodating the latest technology and provide our users with the best solution.

References

http://www.arubanetworks.com/ (Aruba Wireless Networks)

Also in this issue...
Information Services Strategic Plan 2005-2010
Illegal Use of Copyrighted Materials
Enhancements of the Central Student Computing Facilities
Online CSC Student Guide 2005

Useful Glossary in the Wireless World



 

Current & Back Issues
 
 
Search Articles
 
 
FAQs
 
Microsoft Windows10
Microsoft Windows 7
Office 365 ProPlus
Microsoft Office 2013
Microsoft Office 2010
中文支援常見問題
Internet Explorer 11
Internet Explorer 9
Email Services
Confidential Email
Wireless LAN
Virtual Desktop Service (VDS)
USB Flash Drive
Mirroring360
CityU SMS (for Department)
CityU SMS (for Staff & Student)
iPad (iOS 5.x)
Wiping a Mobile Device
Wiping Mass Storage Device
Handling Handheld Smart Devices for Service Maintenance, Recycling Use, and Disposal
Staff Account Renewal
Changing Local Administrator Password
McAfee Endpoint Security
Full Scan of Your Computer for Concealed Computer Virus
Anti-spyware
Computer Warranty Scheme Software Copyright Declaration and Compliance Observation
 
Technical Guides
 
AV Facilities User Guide
Connecting to Wireless LAN (WiFi)
VPN Connection Setup Guide BitLocker To Go User Guide
 
Copyright© Computing Services Centre, City University of Hong Kong. Best viewed in 1024x768 with IE. Javascript enabled. Last modified on Friday December 28 2018 .