Brigham Young University Hawaii Campus wants to implement a campus wide secure wireless network. In their existing system there are some network security flaws such as rouge access point (Easily accessible open network), anyone can access and capture important information of users. We have been hired by the BYU-HAWAII to design and install a wireless network solution for the university.
User type-Students, Faculty and staff
Problems in Existing system
Open network (no authentication and authorization):easily accessible by outsider or by any guest user. Anyone can access users (students, faculty)’s important information easily. No monitoring of ...view middle of the document...
The security and privacy of students’ records is extremely important. Therefore we want to employs firewalls, data encryption and email protection as a means of protecting confidential student information.
In the proposed network two floors of each building will be connected with multi layer switch which is further connected to the access points, results to be cost effective due to use of multi layer switch instead of single switch for each floor .considering xirrus in the coming future will be even more better for the campus network as that will replace the excess access points.
The communication between the three buildings can be maintained by two methods either the leasing of Dark Fibre for Private Network from one of the ISP. This service provides optical Fibre as point to point connection between both premises but it’s not the cost effective.
Another option would be to install WiMAX Directional Antenna’s on top of both buildings giving clear Line Of Sight between them.
The line-of-sight service, where a fixed dish antenna points straight at the WiMAX tower from a rooftop or pole, the line-of-sight connection is stronger and more stable, so it's able to send a lot of data with fewer errors. Line-of-sight transmissions use higher frequencies, with ranges reaching a possible 66 GHz. At higher frequencies, there is less interference and lots more bandwidth.
Proposed design with Additional High-End Equipments
In this proposed design we have added Gateway / Access controller for centralized management control and configuration and RADIUS server for advanced security.
Also for scalability additional Access Points are installed in each floor which can be dynamically controlled from the Gateway in order to increase Network size at the time of saturation.
Access Gateway and Controller is easy to deploy and simple to administer. Access Gateway appliances can be used to manage the network for with complex design. The Access Gateway Management configures the settings such as internal network, IP address, subnet mask, default gateway IP address, and Domain Name System (DNS) address. Gateway administers can perform operations, such as the authentication, authorization, network resources, logon points, Smart-Groups, address pools, and device profiles to configure endpoint policies.
RADIUS is a client/server protocol. The RADIUS client is typically a NAS and the RADIUS server is usually a daemon process running on a UNIX or Windows NT machine. The client passes user information to designated RADIUS servers and acts on the response that is returned. RADIUS servers receive user connection requests, authenticate the user, and then return the configuration information necessary for the client to deliver service to the user. A RADIUS server can act as a proxy client to other RADIUS servers or other kinds of authentication servers.
Each Floor in BYU Hawaii campus comprises of 4 lecture rooms and 4 lab room having 60...