Presentation is loading. Please wait.

Presentation is loading. Please wait.

Alison Davis and Peter Kurtz Port Based Network Authentication in a Lab Environment QUESTNet 2000.

Published byAngelina Terry Modified over 9 years ago

Similar presentations

Presentation on theme: "Alison Davis and Peter Kurtz Port Based Network Authentication in a Lab Environment QUESTNet 2000."— Presentation transcript:

1 Alison Davis and Peter Kurtz Port Based Network Authentication in a Lab Environment QUESTNet 2000

2 Alison Davis and Peter Kurtz Contents Introduction Overview of QUT’s network Technical part of the LAS Project Support part of the LAS Project

3 Alison Davis and Peter Kurtz Introduction Laptop Access Project started in 1999 Provide Laptop Access in QUT Labs Faster and better access Demand for student labs Economic considerations

4 Alison Davis and Peter Kurtz Overview of the QUT Network Potential of 34,000 users - 30K students 4K staff. 6000 x PCs / Workstations 90 Central Servers, 30 x Faculty Servers 2 x WAN ATM Switches 3 x Legacy Routers, 4 x ATM Router Engines 46 x ATM Switches 189 x Ethernet Switches 370 x Ethernet Hubs 48 x Terminal Servers 600 x Digital / Analog Modems

5 Alison Davis and Peter Kurtz Kelvin Grove Campus 34Mbps Mt Cootha QUT Wide Area Network (Voice/Data) - May 2000 Gardens Point Campus Carseldine Campus 4 x 2Mbps 155Mbps Margaret St Offices 64k UQ 34Mbps PABX AARNET DIALIN ACCESS 6 x 2Mbps 2 x 2Mbps 2Mbps ATM Switch Legacy Router Merivale St PSTN / ISDN Peel St KG Offices (4) Switch 2Mbps Radio Link 2Mbps Radio Links GU 34Mbps USQ Adelaide St 34Mbps

6 Alison Davis and Peter Kurtz Network Projects 2000 Installing Accellar router switches into the core of data network. VoIP trials Carseldine WAN upgrade to155Mbps Microwave Links reused for redundancy

7 Alison Davis and Peter Kurtz QUT Wide Area Network (Voice/Data) - Future Mt Cootha Gardens Point Campus Carseldine Campus Kelvin Grove Campus GU 34Mbps 155Mbps 34Mbps 6Mbps 12Mbps ATM Switch Legacy Router AARNET UQ

8 Alison Davis and Peter Kurtz Current Networking Issues High Availability and High Bandwidth  Integrating voice over the data network Network Performance  Wire speed routing  IP only backbone Network Security  Breach Monitoring within the LAN  Secure Management LAN  Leaf node (port based) authentication

9 Alison Davis and Peter Kurtz Laptop Access Project Requirements Easy to use authenticated laptop access  Given technical and financial constraints. Network Authentication  Use QUT Access username, password. Network Access and Performance  Same as in a standard public access lab. Before Authentication  Network access must be completely restricted, including other unauthenticated ports.

10 Alison Davis and Peter Kurtz Possible Client End Solutions Laptop to switch authentication using:  1. Microsoft(NetBIOS) or NetWare Client  2. Browser or telnet Client  3. Extensible Authentication Protocol - EAP Laptop to server authentication  Microsoft or Browser client  Server requests port movement from default VLAN to the authenticated VLAN

11 Alison Davis and Peter Kurtz Network Authentication Process Laptop/PC Default Port Virtual LAN Authenticated Virtual LAN Central Dynamic Address Allocation Server (DHCP) Network Gateway (Router) Alcatel Ethernet Switch Central Authentication Server (RADIUS) Internal Web and Telnet Server 1 2 3

12 Alison Davis and Peter Kurtz IP, Gateway Address Primary DNS Secondary DNS - Switch IP Network Authentication Process - Detail DHCP Request Central DCHP Server DHCP Reply 1 2 Switch Internal Web & Telnet Server DNS [QUTAccess ] DNS [Switch IP Addr] Username, Password Auth Successful Central RADIUS Server Front End for Oracle DB ORACLE Database Stores: QUT Access Username Password

13 Alison Davis and Peter Kurtz Current Solution Specifications ISC DHCP Server Ver 2.0  Internet Software Consortium - www.isc.org RADIUS Server Radiator  Open Systems Consultants - www.open.com.au Oracle Database ver 8 with perl DBI ALCATEL Switches  Omnistack 4024,5024, Omniswitch router OSR  Current software 4.1.2 GA  Standard Telnet, Netscape, IE 4,5  Win95,98,NT,Win2000, MacOS, Linux

14 Alison Davis and Peter Kurtz Radius Log Processor - snapshot

15 Alison Davis and Peter Kurtz Alcatel Solution Switch authentication reliability  software, hardware problems Vendor support was good Scalability is Costly

16 Alison Davis and Peter Kurtz Future Direction QUT authentication backend change  Directory Service replaces oracle db  User profile detail VLAN  LDAP replace RADIUS Goals for switch vendors  Authentication before DHCP  A solution for Operations Systems apart from Win2K  A solution for all L2 Access - Ethernet & Wireless

17 Alison Davis and Peter Kurtz From the technical detail to the bigger picture….. Technical Support Usage Cost effectiveness

18 Alison Davis and Peter Kurtz What other universities are doing User services list March 2000 University of Melbourne CAUDIT list June 2000 Information from 23 universities

19 Alison Davis and Peter Kurtz Institutional Responses Most universities are at least considering laptop access for students (17/23) à 9 yes à 8 Soon/very small à 6 no Demand has been much lower than expected Many see wireless as the future direction

20 Alison Davis and Peter Kurtz QUT laptop access areas Law Library. September 1999 Graduate School of Business teaching facilities. Semester 1 2000 Gardens Point Library. June-July 2000 Student superlab – 350 ports – October 2000

21 Alison Davis and Peter Kurtz Law library usage statistics

22 Alison Davis and Peter Kurtz Law Library usage statistics (cont)

23 Alison Davis and Peter Kurtz Law library usage statistics (cont) 21 students successfully used the service 9 students only used it on one day 1 student used it on 23 days Maximum of 5 users on any one day Usage slowly increasing

24 Alison Davis and Peter Kurtz Support issues Hired laptops (preconfigured) Only connect at QUT laptops (configure once) Modem + QUT connection laptops (minor adjustments) Work laptops. Major adjustments. Hire network cards or USB connectors

25 Alison Davis and Peter Kurtz Promotion Signage Official launch Position Competition Feedback

26 Alison Davis and Peter Kurtz

27 What we’ve learnt Support Demand - convenience Promotion Equity Laptop Security Technical - hardware and management

28 Alison Davis and Peter Kurtz Likely future Wireless Client software will be inbuilt Interchangable with desktops Establish cost effectiveness Benchmark student access to the university network

Download ppt "Alison Davis and Peter Kurtz Port Based Network Authentication in a Lab Environment QUESTNet 2000."

Similar presentations

Back Office Support System(BOSS) of High Speed Internet Service Myeong Hwan Park 2003. 10. 2.

Back Office Support System(BOSS) of High Speed Internet Service Myeong Hwan Park
SUNNYSLOPE SCHOOL PROJECT BY SWG ENGINEERING Group Members CINDY CINDY STEVE STEVE GALLO GALLO York Technical College Cisco Networking ACADEMY.

SUNNYSLOPE SCHOOL PROJECT BY SWG ENGINEERING Group Members CINDY CINDY STEVE STEVE GALLO GALLO York Technical College Cisco Networking ACADEMY.
Module CSY3021 Network Planning and Programming RD-CSY3021-08/09 1.

Module CSY3021 Network Planning and Programming RD-CSY /09 1.
BTT 101 / 2O1 Lesson 10 Dundas Valley Secondary Mr. Young.

BTT 101 / 2O1 Lesson 10 Dundas Valley Secondary Mr. Young.
The Nomadic Network Providing Secure, Scalable and Manageable Roaming, Remote and Wireless Data Services Josh Howlett & Nick Skelton Information Services,

The Nomadic Network Providing Secure, Scalable and Manageable Roaming, Remote and Wireless Data Services Josh Howlett & Nick Skelton Information Services,
Network Access and 802.1X Klaas Wierenga SURFnet

Network Access and 802.1X Klaas Wierenga SURFnet
E-commerce and Information Technology in Hospitality and Tourism Chapter 3 Connecting to the World Copyright 2004 by Zongqing Zhou, PhD Niagara University.

E-commerce and Information Technology in Hospitality and Tourism Chapter 3 Connecting to the World Copyright 2004 by Zongqing Zhou, PhD Niagara University.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Computers © 2005 Prentice-Hall, Inc.Slide 1. Computers Chapter 6 Networks and Networking © 2005 Prentice-Hall, Inc.Slide 2.

Computers © 2005 Prentice-Hall, Inc.Slide 1. Computers Chapter 6 Networks and Networking © 2005 Prentice-Hall, Inc.Slide 2.
Wi-Fi Structures.

Wi-Fi Structures.
Lesson 14 – DESIGNING A NETWORK. Assessing Network needs Meeting Network needs OVERVIEW.

Lesson 14 – DESIGNING A NETWORK. Assessing Network needs Meeting Network needs OVERVIEW.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Data Networking Fundamentals Unit 7 7/2/2015 1 Modified by: Brierley.

Data Networking Fundamentals Unit 7 7/2/ Modified by: Brierley.
INTRODUCTION TO COMPUTER NETWORKS Navpreet Singh Computer Centre Indian Institute of Technology Kanpur Kanpur INDIA (Ph : 2597371,

INTRODUCTION TO COMPUTER NETWORKS Navpreet Singh Computer Centre Indian Institute of Technology Kanpur Kanpur INDIA (Ph : ,
Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.

Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.
1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.

1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.
Andrew Fuqua 3/4/2015 LTEC 4550. A network HUB is a device that is used to link multiple devices over a network. The HUB is not a great choice when shopping.

Andrew Fuqua 3/4/2015 LTEC A network HUB is a device that is used to link multiple devices over a network. The HUB is not a great choice when shopping.
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
1 Chapter 7 - Networking Fundamentals Computer network: – Two or more computers connected together Each is a Node (other nodes: printers, network devices,

1 Chapter 7 - Networking Fundamentals Computer network: – Two or more computers connected together Each is a Node (other nodes: printers, network devices,
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs

Similar presentations

Ads by Google