Wireless LAN Communications Policy
- Related Documents: Wireless LAN Communications Procedure
- Owner: Computing and Communications Services (CCS)
- Approval Dates: June 2005, August 2007
I. Purpose
This policy prohibits access to Toronto Metropolitan University (the "University") networks via unsecured and interfering wireless communication methods. Only wireless systems that meet the criteria of this policy will be approved for connectivity to the University's networks.
II. Scope
This policy covers all wireless IEEE 802.11 communications devices (eg. personal computers, PDAs, etc.) connected to any of the University's internal networks. This includes any form of wireless communications device capable of transmitting packet data. Wireless devices and/or networks without any connectivity to University networks do not fall under the jurisdiction of this policy, providing they do not interfere with existing authorized wireless network operations.
III. Policy
Register Access Points (APs): All wireless Access Points/Base Stations connected to the TMUnet must be registered. These Access Points/Base Stations will be subject to periodic penetration tests and audits by CCS. Non-registered and non-compliant APs will be automatically disabled by the campus-wide wireless management system. The subnet on which the AP resides may be disconnected from the TMUnet should the problem persist.
Approved Technology: At minimum, APs should be able to perform the following:
1. 128-bit WEP encryption;
2. MAC address control.
IV. Encryption and Authentication
1. All traffic from wireless LAN devices must be encrypted;
2. All users on the wireless LAN must be authenticated.
To comply with this policy all wireless implementations:
1. Must maintain encryption of at least 128 bits;
2. Must support a hardware address that can be registered and tracked, ie. MAC address;
3. Must support and use strong user authentication which checks against an external database such as RADIUS, LDAP or something similar.
Interference Management: All equipment that operates intentionally or inadvertently in the wireless frequency spectrum must be carefully installed and configured to avoid interference between components of different network segments and other equipment. Consistent with ensuring the management of interference:
1. The installation, management, and use of all wireless communication networks shall be consistent with federal and provincial laws and regulations and with University policies.
2. The order of priority for resolving unregulated frequency spectrum use conflicts shall be according to the following priority list:
a. Life Safety
b. Curriculum
c. Administration
d. Research
e. Public access
f. Personal
V. Enforcement
1. Wireless implementations failing to pass penetration tests and audits will be denied connectivity to the TMUnet;
2. Unregistered APs will be automatically disabled or de-activated;
3. CCS will respond to reports of suspected devices causing interference and disturbing the campus network or the surrounding neighborhood. Where interference cannot be resolved, the use of wireless devices will be restricted.
VI. Jurisdiction
This policy falls under the jurisdiction of the Vice President, Administration and Finance. The application and interpretation of the policy, and its associated procedures, is the responsibility of the Director, Computing and Communications Services (CCS).