OIT to initiate wireless authentication soon
Justin Tardiff | Wednesday, November 2, 2005
The Office of Information Technologies (OIT) will soon require students, faculty and staff who want to access Nomad, the University’s wireless Internet network, to provide their Notre Dame user name and password in order to log on.
“It’s one of a series of steps that we’re taking to help secure Notre Dame computer resources better. It helps to ensure that only authorized Notre Dame users are accessing our network,” Katie Rose, project leader at OIT, said Tuesday.
Without wireless authentication, Rose said it is very easy for an unauthorized person to access the University network.
The problem with this is “they’re using resources the University has designated for faculty, staff and students. This can cause excessive traffic that can impact authorized users,” she said.
In spite of having extensively prepared for the Notre Dame community to start using this service, the OIT discovered a problem with the system a few days after it began on Oct. 19.
OIT quickly shut down the service, and on Oct. 24, OIT posted the following message to its Web site: “The requirement to authenticate to connect to the Nomad wireless network has been temporarily rescinded while OIT engineers work with a software vendor to correct performance-related issues.”
“There are a variety of applications on a person’s computer that try to connect to the network,” Rose said. “Some are generating so much traffic trying to talk to the server, hitting the authentication service so frequently and so hard, that the server couldn’t handle it.”
Rose said an error arose that OIT had not found after nine months of testing.
“We obviously couldn’t keep it in place while people were denied access, so we rolled it back,” Rose said.
Rose said she did not know when the patch from Roving Planet, the company that provides the “software and architecture service” to fix the problem would be put in place, and she did not know when the authentication service would start again.
OIT has been setting up the authentication service for over a year, she said.
“We’ve been running it in a pilot mode since January of this year. We’ve done a lot of testing and work to ensure that we could provide anyone an easy way to access the network while still requiring them to authenticate.”
When the program begins again, there will be two ways for students to sign into the service. One way is to “open up a Web browser and sign in with a user name and password,” Rose said. The other way is for students to “set up a connection to connect in the background,” she said, so students don’t have to put their user name and password in every time.
Rose said this connection is called an 802.1x and is “a standard that is used for authenticating network connections. It is a little more involved to set up, but ends up being a little more user friendly.”
OIT needed to gain approval from the University administration to set up the authentication system, Rose said.
“Our [Chief Information Officer] and Chief Technology Officer work with a variety of officials in the University to keep them up to date on a variety of projects that we’re working on,” she said.
Several other universities around the country also have wireless authentication. Among these are Baylor University, the University of Iowa and Texas Tech.