Docstoc

practical-guide-for-joining-EduRoam

Document Sample
practical-guide-for-joining-EduRoam Powered By Docstoc
					A Practical Guide for Joining EduRoam




                                         EuroCAMP Torino
                   A Practical Guide for Joining EduRoam
                               chris.myers@grangenet.net
                                             4 March 2005
                                                Version 1.6
Contents

• What’s this EduRoam thing?
• Is there a community?
• What is in it for me?
• Local NREN EduRoam portal.
• Team Requirements.
• Local Wireless Implementation.
• Radius implementation.
• Layer 8.
  What’s this EduRoam thing?
• EduRoam is a Federated Authentication Trust Framework

• For wireless networks

• Which allows roving researchers to login

• With their standard user name and password

• To wireless networks at participating organizations

• Around the world

• To access resources at their home or local institution.
Contents

• What’s this EduRoam thing?
• Is there a community?
• What is in it for me?
• Local NREN EduRoam portal.
• Team Requirements.
• Local Wireless Implementation.
• Radius implementation.
• Layer 8.
Is there a community?
        Global Participants EduRoam




Dec 2004 There are over 350 participating institutions
     Is there a community?
Developing a local community.
• Performed extensive PR campaign.
• Concept presentations to RNO’s
      – Technical
      – Management levels.
• Web presents established.
• Target meetings with critical path
  organizations.
• Email and news release campaign.
• Track release propagation via web
  trends.
• Presentations at conferences and
  meetings.
             Camp Delegates declare YES! to Interest in EduRoam trials at The Australian Middleware Camp 2004.
Contents

• What’s this EduRoam thing?
• Is there a community?
• What is in it for me?
• Local NREN EduRoam portal.
• Team Requirements.
• Local Wireless Implementation.
• Radius implementation.
• Layer 8.
   What is in it for me?
Users
    – On demand network access.
       •   Mobility
       •   Coverage
       •   Security
       •   Performance
       •   user-friendly environment
    – The ability to work on collaborative e-science projects.
    – Reduced costs due to VoIP calls using SIP or H323 over
      wireless.
    – The ability to use your own laptop computer and PDA’s
    – A reduction in productivity loss in visiting other institutions.
  What is in it for me?
NRENs
  –A value add services.
  –The encourage and support of collaborative
   environments.
  –Support for network access for guests.
  –Answer user demand for coverage, security
   and performance.
   –Solution for Inter University Conferences. (with
    safe wireless)
  What is in it for me?
Turn key solution for


   –A local authentication framework.

   –A global authentication framework.

   –A interconnect policy framework to base other
    systems on.
Contents

• What’s this EduRoam thing?
• Is there a community?
• What is in it for me?
• Local NREN EduRoam portal.
• Team Requirements.
• Local Wireless Implementation.
• Radius implementation.
• Layer 8.
Local NREN EduRoam Portal.
      Local NREN EduRoam Portal.

Elements of a portal

•Local information
   •Services
   •Participants
   •Policies
   •Technology

•International links
   •Information for roaming

•Mail lists
   •How to contact Groups
     Local NREN EduRoam Portal.



Data Mining

   •Who’s interested.

   •Where are they from.

   •Are you hitting your targets
Local NREN EduRoam Portal.




  •Did any one read the news release
     •Put links in your news release (this helps)

  •How can I exploit this information
    Local NREN EduRoam Portal.

Feed Back and help.

•Feed back is important.
   •for the program.
   •for the NREN.
   •for the Institute.
   •For the user.
                                             WIKI forum page
•Use detailed user guides on portal
•Put in links to the WIKI forum.
•The user that can help themselves don’t call. 
Contents

• What’s this EduRoam thing?
• Is there a community?
• What is in it for me?
• Local NREN EduRoam portal.
• Team Requirements.
• Local Wireless Implementation.
• Radius implementation.
• Layer 8.
  Team Requirements
What people are required for EduRoam
   –The wireless people
      • Basic wireless administration skills.
   –The directory people
      • Average Radius administrative skills.
   –The security people.
      • Average firewall/ACL skills
   –The desktop support.
      • Basic to Average skills

• Its not about the technology that’s easy.
  Team Requirements
What the people require from EduRoam
  –Trust.
      • Policy.
      • Reactive, collaborative, community.
      • Policy.
   –For the NREN press the flesh.

• Its all about the People.
Contents

• What’s this EduRoam thing?
• Is there a community?
• What is in it for me?
• Local NREN EduRoam portal.
• Team Requirements.
• Local Wireless Implementation.
• Radius implementation.
• Layer 8.
    Local Wireless Implementation
802.1x Tools
• SecureW2 Alfa & Ariss
  SecureW2 for Windows platforms is the cost
  effective and most robust client solution for
  deploying 802.1X networks. The SecureW2 Client
  enables EAP-TTLS using the standard Microsoft
  IEEE 802.1X Client currently available for Windows
  2000, Windows XP and Pocket PC 2003.

• Now open source
    Local Wireless Implementation
      Cisco 1200 Series Access Point setup for EduRoam

• Under Security, Encryption
  Manager.
• Select VLAN in drop down box
  under Set Encryption Mode and
  Key for VLAN.
• Select Cipher in Encryption
  Modes.
• Select TKIP in Cipher drop
  down box.
• Clear Encryption keys.
• Select Encryption key 2.
     Local Wireless Implementation

• Under Security, SSID Manager.
• Select eduroam SSID.
• Under Authentication Settings,
  Methods Accepted.
• Select open Authentication with EAP
  in the drop box.
• Select Network EAP.
• Under Authentication Settings, Server
  Properties.
• Select Customize.
• Under Priority 1 select your RADIUS
  servers address.
Contents

• What’s this EduRoam thing?
• Is there a community?
• What is in it for me?
• Local NREN EduRoam portal.
• Team Requirements.
• Local Wireless Implementation.
• Radius implementation.
• Layer 8.
  Radius Implementation
• Create National radius server.
• Federate to international server.
   –Good service selling point.
• Create institutional Radius services.
• Create test accounts.
   –On all sites


• Radius Tools
   –Free RADIUS - A most excellent free radius server
   Radius Implementation
• Deliver cookie cuts. (AUS example)
    – config for end user to connect to national server

    – realm DEFAULT {
    –      type = radius
    –      authhost      = 203.22.212.134:1812
    –      accthost      = 203.22.212.134:1813
    –      secret       = XXXXXXXXXXXX
    –      nostrip
    –}

    – client 203.22.212.134 {
    –       shortname     = national-au-eduroam1
    –       secret     = XXXXXXXXXX
    –}
Radius Implementation
Radius Implementation
Radius Implementation
Contents

• What’s this EduRoam thing?
• Is there a community?
• What is in it for me?
• Local NREN EduRoam portal.
• Team Requirements.
• Local Wireless Implementation.
• Radius implementation.
• Layer 8.
  Layer 8
Layer 8
   –Can be your friend.
     • They want the service.
     • They can see the business drivers.
     • Will divert resources to the project.

   –Can be your enemy.
     • They Can have unrealistic expectations.
     • The work policy triggers lawyers.
     • Lawyer means money and long documents.
  Layer 8
Know your Landscape
   –What is out there.
   –What does the community want.
   –Can you meet there requirements.
   –Can you control expectation.
   –Can you deliver the service.
   –Were can you go for help
Layer 8

An EduRoam deployment requires six deliverables;
   –Inter University Access Policy.
   –Acceptable use Policy.
   –Interconnected Trusted Wireless Federation.
   –Security Framework Model.
   –EduRoam branded Web Portal.
   –Inter continental Global Federation.
Layer 8

• Minimum Service levels. (AUS)
   –EduRoam SSID broadcasted.
     • (if technically possible on AP).
   –802.1x WPA TKIP EAP-TTLS
   –http, https & VPN pass though permitted.
   –Radius Server.
   –EduRoam portal at site.

        Security is locally enforced.
  So you are in control of your environment.
EduRoam Links

          International links
                  http://www.eduroam.org
          http://www.eduroam.nl/en/index.shtml
                http://www.eduroam.edu.au
    http://www.terena.nl/tech/task-forces/tf-mobility/
    http://www.ja.net/development/aa/lin/index.html

             email enquiries
                 join@eduroam.org
           gwg-eduroam@eduroam.edu.au
           apan-eduroam@eduroam.edu.au
             enquiries@eduroam.edu.au
EuroCAMP 2005


             Thankyou

      Please Join the EduRoam



      http://www.grangenet.net

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:3
posted:4/20/2010
language:English
pages:36