College WLANs put to the test

HANOVER, NEW HAMPSHIRE (10/31/2003) - Each freshman class at Dartmouth College is unique, but this year's crop has at least one thing in common with other classes across the country: a passion for wireless networks.

"No one wants to plug in anymore," says Brad Noblet, the school's director of technical services. About 90 percent of Dartmouth's freshmen arrived with wireless-enabled laptops.

Exploding wireless LAN traffic has been a grueling test for college network staffs this semester. Network infrastructures, security and management are all being stressed, and WLANs have become a prime vector for fast, and repeated, viral infections.

The new strains come as many schools are expanding WLAN coverage and embracing the next generation of the technology. Colleges are fleshing out access point infrastructures with security gateways from companies such as Bluesocket Inc. and Cranite Systems Inc., and with wireless "switches" from companies such as Aruba Wireless Networks Inc. and Symbol Technologies Inc.

They also are adding demanding new applications, such as wireless voice over IP.

Some schools are bringing the boost in WLAN traffic on themselves in the name of improving the quality of students' lives and education. For instance, American University in Washington, D.C., offered about 1,250 incoming freshman a special deal on built-in wireless notebooks from Dell Inc. and Hewlett-Packard Co.

"We have a much higher (WLAN) adoption rate now," says Carl Whitman, executive director of e-operations. He doesn't have a firm number but thinks the vast majority of freshmen showed up with wireless-enabled laptops. "Our help desk staff assisted several hundred students to set up their wireless configurations during the first two weeks of orientation," he says.

The school's faculty is going wireless, too. About 150 of 550 faculty members now have WLAN access and 200 more will be wireless by year-end, he says.

Meeting the challenge

All this makes WLAN management a greater challenge. Though campuses have been streamlining and automating student PC configurations for several years, WLAN client cards and software drivers add to the support burden.

One complicated aspect is that the standard software package for student and faculty laptops - called the image - has to be tested to make sure it works properly on both wired and wireless networks. At the U.S. Military Academy at West Point in New York, the number of man-hours involved in this testing has surged by about 40 percent compared with last year.

"Most of the problems (for the network staff) are related to the client machines, their WLAN cards and configurations," says Brian Maroldo, technical director in the Office of IT at New York Institute of Technology in Manhattan. "It's hard to publish a 'how-to' guide for our students when there are so many hardware and software choices out there, each with its own setups and problems."

The school's solution is closer cooperation between its network operations team and academic computing lab, which have identified set-up parameters and the most-common "gotchas" for a variety of WLAN adapter cards.

Viruses going around

The number of wireless users has led to a surge of viral infections. Dartmouth's help desk invests about 20 man-hours per day dealing with virus issues.

"The WLAN is a (virus) propagation mechanism," says Chris Misra, network analyst with the network systems and services group at the University of Massachusetts, Amherst. Student laptops are prone to infections, and the WLAN propagates them quickly even though the virus never makes it to the more easily protected wired network.

In an attempt to head off big virus problems, UMass has added Bluesocket's security gateway to its network, supplementing a VPN. One immediate benefit has been the ability to identify viruses in wireless packet headers.

"If I identify a virus in the student headers, I can shut off the student via Bluesocket," says Mike Dickson, a UMass network analyst. In September, the network staff shut off 2,500 computers, most of them for virus activity.

In the midst of this epidemic, college network managers are weighing stricter enforcement of WLAN rules for students. UMass today lets end users decide whether they want to download patches from a server.

"We've seen very little uptake on that option," Misra says. "(The viral activity) is fueling a discussion about whether to force patch updates by active scanning (of user laptops)."

On campuses where WLANs are widely deployed, instead of limited to a few hot spots such as libraries and student centers, soaring traffic loads are exposing weak points in the infrastructure.

The number of WLAN connections this fall at West Point overwhelmed the single policy server used for the campus' RADIUS authentication system. The military academy expected about 500 simultaneous users, peaking to 700. And that's what happened, but it stretched the third-party policy server to its breaking point. The stopgap solution has been to add more RAM to the server and install a second one. The academy now plans to put a policy server in each building, says Col. Don Welch, associate dean for information and educational technology.

At American University, WLAN use is so popular that students no longer bother to plug into the 100M bit/sec switched Ethernet ports in their dorm rooms. "They're getting less performance (by using the WLAN) than they should," Whitman says. "We want them to use a wired Ethernet jack in their rooms and wireless elsewhere."

At Dartmouth, because of the way Dynamic Host Configuration Protocol servers were configured for the wired network, the recent surge in WLAN use has sometimes exhausted available IP addresses. To minimize this problem, the college is starting to reorganize its 80 WLAN subnets into six virtual LANs. Each time end users move from one subnet to another, the session "breaks," and a new IP address is assigned to the client device, Noblet says.

College network architects say that so far WLAN throughput has been adequate for the HTTP requests, file transfers and e-mail that seems to constitute most wireless traffic on campuses.

But Dartmouth's Noblet warns that this could change quickly.

"Kids here don't watch TV or listen to the radio," he says. "They watch and listen to their (wireless) laptops. When I saw students opening windows for AOL Instant Messenger, e-mail and a movie on a DVD drive, and surfing to do homework, it made me realize, 'I can deliver a converged network.'"

Join the newsletter!

Error: Please check your email address.

More about AOLCOLGatewayHewlett-Packard AustraliaMessengerSECSymbol Technologies

Show Comments
[]