Only authorized wireless networks are
A wireless network must not be operated without the knowledge and
permission of the unit in which it operates. Rogue access points compromise
security and interfere with normal operations.
The SSID OWL, or any prefix or suffix on that
identifier may only be used according to a naming scheme released by OUCS, and
the OWL family of SSIDs will be used only to provide standardised OWL
This is in order to ensure users can configure their clients in any part of
the Collegiate University, and receive an equivalent service wherever else
that SSID is in use.
The SSID eduroam, or any prefix or suffix on
that identifier, may not be used except for the purposes of the international
It is a requirement of the University's participation in the Eduroam
Federation that we undertake to protect the use of the eduroam SSID
All wireless networks must be registered with OUCS
by the local IT support staff
A database of all established networks, and who is responsible for them,
will assist in maintaining control of the network and when considering and
advising upon the installation of further networks.
The wireless network must be separated from any
other University connected network
This is a basic security procedure. If it is part of a unit's main network,
then anyone who connects to that access point will become part of that
User authorization is required before network
access is allowed
This is self explanatory, and exists to support the University and Janet IT
Strong data encryption must be used
Wireless network traffic is readily available for anyone to see, even if
they have not associated with an access point. Encryption is necessary to
ensure that data, such as passwords, cannot be seen.
Hosts offering services that compromise security
shall not be permitted
Examples of this include proxy, relay, DHCP, routing services etc. This
refers to client operations, not system provided facilities.
All associations must be recorded
In the event of abuse of the connection, for whatever reason, it is vital
that the user concerned can be identified.
Up: Contents Previous: 2. Regulations - Terminology Next: 4. Recommendations