Last Modified: Wednesday, 01-Oct-2003 10:04:56 EDT

The CSB core provides wireless access in the core user area and adjacent areas. In addition, we permit individual labs to purchase wireless access points (WAPs) for their areas and connect them to the CSB network. These individual lab WAPs may be managed by the Core staff, or by the individual lab, subject to CSB policies.

This document restates and clarifies policies from previous CSB policy documents.

Policies common to all WAPs in the CSB network

• Must be configured as level-2 switches. IE, NAT must be disabled, and they must not use DHCP to give out network addresses.
• Must use and enforce 128-bit WEP encryption.

Policies for core-managed WAPs

• Equipment should be Apple airport. A more easily manged WAP may replace airports in the future. Other legacy equipment may be supported for a limited time.
• All WAPs will use the same ssid.
• All WAPs will use and enforce 128-bit WEP. They will all use the same WEP passphrase, which will be changed at the vernal and autumnal equinox.
• All WAPs will use MAC address filtering to restrict access to MACs registered as wireless in the CSB network database.

Policies for lab-managed WAPs

• Preferred equipment at this time is the Apple airport. A more easily manged WAP may replace airports as the preferred platform in the future. Other WAPs are permitted, providing they meet the other requirements. Legacy equipment not meeting other requirements will be permitted for a limited time.
• WAPs must be registered by core staff in the CSB network database.
• WEP passphrases must be changed at least semi-anually.
• Core staff must be given a record of the WAP's administrative password WEP passphrase. and the WAP's administrator.
• It is strongly advised that MAC address filtering be used to restrict access. This suggestion may well become a requirement by March 1, 2004.

Last Modified: Wednesday, 01-Oct-2003 10:04:56 EDT