Education roaming Secure Wireless Service for Research and Education.

Slides:



Advertisements
Similar presentations
Joining eduroam Wireless Roaming for Education and Research.
Advertisements

Connect. Communicate. Collaborate eduroam: a managed European service Miroslav Milinović, Srce, Zagreb, Croatia eduroam SA, GÉANT2 NORDUnet 2008, Espoo,
Options for integrating the JANET Roaming Service (JRS) and Shibboleth Tim Chown University of Southampton (UK) JISC Access Management.
Connect. Communicate. Collaborate eduroam: towards a managed European service Miroslav Milinović, Srce, Zagreb, Croatia eduroam SA, GÉANT2 Wi-Fi Workshop,
Speaker Name, Title Windows 8 Pro: For Small Business.
McAfee One Time Password
Terena Mobility Taskforce update Klaas Wierenga SURFnet.
Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June Licia Florio.
Building Mobile Apps in the Cloud – Comparing Approaches.
TF Mobility Group 22nd September A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.
Europe Latin America Collaborative e ‑ Infrastructure for Research Activities A Model for Federated Services Brook Schofield, TERENA ● Sofia, Bulgaria.
Philippe Hanset ANYROAM LLC
Copyright JNT Association 2006 The JANET Roaming Service.
Fòmasyon Itilizatè Ayiti Office 365 Fòmasyon. Why the Change? Partners in Health's new hosted Microsoft Office 365 solution allows users to access their.
Wireless and Switch Security NETS David Mitchell.
EduRoam ESA workshop 17 December 2004 Utrecht.
Eduroam – Roam In a Day Louis Twomey, HEAnet Limited HEAnet Conference th November, 2006.
High-quality Internet for higher education and research Federated network access with Klaas Wierenga SURFnet Ljubljana, April.
High-quality Internet for higher education and research eduroam EuroCAMP, Porto, November 9, 2005
Deliverable H: the interoperability testbed design Klaas Wierenga SURFnet.
Swansea: When eduroam doesn't fit By Gareth Ayres Gregynog Colloquium Conf 2011.
1 SharePoint Momentum 17K+ Customers, 100M Licenses Leader in Gartner ® Magic Quadrants, Forrester Wave TM Continued Platform and Application Innovation.
Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers Vendors.
Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy Universal Access to Campus IT Resources Managed LAN portsFlexible.
Wireless LANs A Case Study of Baylor University’s Wireless Network Copyright Bob Hartland 2002 This work is the intellectual property of the author. Permission.
Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)
PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.
L a r y s s a J a c k i e &. Founded in 2003, DocuSign is committed to transforming the way people like you work, live and connect by providing the freedom.
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.
Your storage on the ground; Your files in the cloud.
Wireless ambitions Frans Panken I2 Spring meeting 24 april 2012.
EduRoam Australia Project Experience in location independent wireless networking with international collaboration with TERENA EduRoam Project 19 th APAN.
AARNet Copyright 2010 Network Operations The eduroam project group
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
Eduroam Louis Twomey HEAnet Library Services Day 20 th November 2014.
RIPE69 – MAT-WG – Wednesday, 5 November 2014 Brook Schofield, GÉANT Association eduroam: The Value of WLAN measurements for the R&E.
High-quality Internet for higher education and research Paul Dekkers April 4th, Turkey.
Michal Procházka, Jan Oppolzer CESNET.
A Practical Guide for Joining EduRoam EuroCAMP Torino A Practical Guide for Joining EduRoam 4 March 2005 Version 1.6.
Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.
PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.
Alessandro Cardoso Microsoft MVP | Readify National Manager |
Eduroam.us Operational Experiment Kevin Miller Duke University Andy Rosenzweig Merit Network ESCC/Internet2 Joint.
Connect. Communicate. Collaborate TERENA Networking Conference, 7 june 2005 Eduroam: past, present, and future.
Workshop roaming services: eduroam / govroam
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
Authentication and Authorisation in eduroam Klaas Wierenga, AA Workshop TNC Lyngby, 20th May 2007.
Govroam Belnet – 19/11/2015 Els Lemmens, Belnet Federation Manager Nicolas Loriau, Belnet Technical Advisor.
19 May 2003 © The JNT Association Terena Technical Advisory Council Terena Mobility Task Force
1 Connecting to a Database Server. 2 We all have accounts, with a single database each, on a Microsoft SQL Server on the USF network: allman.forest.usf.edu.
Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal.
BYOD Technical workshop Simon Bright - E2BN Philip Pearce – E2BN.
ORNL Site Report ESCC July 15, 2013 Susan Hicks David Wantland.
Enterprise | education | public printing locations PrinterOn Cloud Printing Platform.
Enterprise | education | public printing locations PrinterOn for Manufacturing.
OneDrive for Home. Office 365 and OneDrive: Services available to staff for home use.
Enterprise | education | public printing locations PrinterOn for Hospitality.
What Are the Different Platforms for Enterprise Mobility Solutions?
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
PrinterOn Mobile Printing Platform
10 Years of eduroam (from an idea to a product)
How to Set Up and Use Your Filimin Long Distance Touch Lamp
CenturyLink® Business Wi-Fi
RIM Blackberry at SAP Key Benefits / Survey Results April 2004 SAP IT Enterprise Telecommunication Services.
TF-Mobility update TF-EMC2, Barcelona 9 September 2005.
Getting Started.
Getting Started.
A Glimpse Into a Few Current Tech Projects
Presentation transcript:

education roaming Secure Wireless Service for Research and Education

What is eduroam? 2 eduroam is a global wireless roaming network, based on: – WPA2 & 802.1X (network access control) – RADIUS (infrastructure to transport credentials) – Trust fabric (RADIUS hierarchy and policy) – No web splash screen portal or shared passwords Started in the TERENA Task Force “Mobility” eduroam = education roaming

Two (2) options explored …and rejected 3 Open WiFi + VPN – Route traffic back to your home organisation via VPN Benefit that “internet” traffic was from the home institution – Access Control is problematic You don’t really know who is using it (just that they have a VPN) Web Redirect – Popular at airports, cafés and hotels – No “over the air” security

What is wrong with this page? 4 Airport Portal Pop-up – Who runs it? – Can you trust it? – What do they need (vs want) to know about you? Is this run by a 16 year old on her laptop?

The solution: eduroam 5 Trust based on national policy Security based on 802.1X/RADIUS VLAN assignment to separate users RADIUS server University ABC RADIUS server University 123 Roaming Operator Central RADIUS Proxy server WiFi Access Point User DB Visitor VLAN Student VLAN Employee VLAN data signaling

Where is eduroam? 6 eduroam Pilot :-(

…in the Eastern Partnership region 7 eduroam Pilot :-( Deployments – Belarus – Moldova – Azerbaijan – Armenia Needed – Ukraine – Georgia

Continual growth… 8 69 territories – 45 territories in Europe (wanting 4 more) – 9 territories in Asia (5 pilots in progress) – 2 territories in North America – 4 territories in Africa (5 pilot planned) – 8 territories in Latin America (3 pilots planned) – 1 territory in the Gulf States (3 pilot, more planned) 5000 locations, >1000 institutions WigleNet Crowd Sourced Access Point Stats – May 2012#27 – 0.108% - 70,561 – Sept 2012#23 – 0.116% - 88,135 – Nov 2012#22 – 0.112% - 97,127 – April 2014 #19 – 0.157% - 206,122 – 4 th in list of operators behind BT, SFR and Ziggo

Growth requires Governance 9 Global eduroam Governance Committee – Created in 2011 to provide a “voice” for all regions World-wide representation – Europe (3), Asia (2), North America (2), Latin America (2), Africa (2) – Created the “Compliance Statement” Signatories – Europe (1), Asia (9), North America (2), Latin America (8), Africa (4), Gulf (1)

eduroam Benefits 10 Builds on your existing campus wifi – Not new equipment – just new configuration Use home – Only 1 campus wifi network for all! No guest accounts – Helpdesk + identity verification is expensive Improved support services in development – Global improvements benefit your campus

eduroam Deployment Anti-Patterns 11 I need to know who accesses my network – Causes Loss of Control Evil People Use eduroam – You can still monitor usage and block individuals Country X doesn’t have eduroam – 69 countries now – 16 pilots My staff and students don’t go anywhere – You’ll be surprised what your students get up to!

eduroam in the future… 14 Ready for Hotspot 2.0, Next Generation Hotspot (NGH) and Wi-Fi Passpoint™ – Ready since 2003! – Support a wider range of roaming partners – Nothing is simpler than doing nothing! Mobile/Cellular industry adopting this approach – Public/Private Partnership Opportunities for Research and Education.

eduroam Companion 15

eduroam Companion 16 Also on Android Additional features – Heat maps – Twitter/Facebook

Why a configuration assistant tool? 17 Solve the user confusion problem – Institutional flexibility causes a documentation problem… …installation is the hardest part.

Why a configuration assistant tool? 18 Available EAP-Types patibility.html

Why a configuration assistant tool? 19 Institution choose Authentication Type – PEAP-MSCHAPv2 popular for Microsoft Platforms – TTLS-PAP popular for sites with encrypted LDAP – TTLS-* is only supported in Wi-Fi Passpoint Multiple Device Platforms – MacOS X and iOS devices (iPod, iPhone, iPad) – Microsoft Windows – Android Phone and Tablets – Other laptops/phones/tablets less popular (but need support) and new devices appear…

How do I join eduroam? 20 Set up a RADIUS server at your campus that… – Authenticates your own users FreeRADIUS or Microsoft NPShttp://freeradius.org/ – Adds WPA2-Enterprise to your wireless network – Proxies guest users’ requests to your roaming operator (and on to international infrastructure) Connect to your federation RADIUS server managed by your Roaming Operator Promote eduroam to your users

eduroam & Eastern Partnership 21 Pilot – Server Infrastructure Supported by Cloud Hosting (or your own Roaming Operator) – Connected to the World Wide Roaming Infrastructure Interest – Who’s interested? Future – Precursor to future Federated Identity Systems

eduroam Infrastructure 22 WiFi Access Points, a RADIUS Server and a user database for sites. RADIUS proxy for Federation Level RADIUS RADIUS server University ABC RADIUS server University 123 Roaming Operator Central RADIUS Proxy server WiFi Access Point User DB Visitor VLAN Student VLAN Employee VLAN

Brook Schofield

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.