About SUNY Potsdam's Wireless Network

SUNY Potsdam's wireless network is now online. This document attempts to explain how wireless works at SUNY Potsdam. We have made every effort to ensure that access is easy and robust without completely compromising security. Our wireless solution involves authenticating users so we can ensure that only SUNY Potsdam students, faculty, and staff are able to connect.

NOTE: You will see references to "ViperNet", as that was our internal development name for this service, since it was originally based on a VPN solution. ViperNet is our wireless network.

The diagram below shows the conceptual abstract of the ViperNet system. Wireless Access Points (WAPs) and/or hard ports are placed in the ViperNet Virtual LAN (VLAN). Devices and computers attached to this network cannot "do" anything other than talk to other computers in the VLAN, including the ViperNet Registration Server. This machine is also a router. Users must authenticate to the server in order to be allowed to cross the router boundary and "do" what they want: Have access to the campus LAN, as well as the Internet. This diagram shows the router as link between the "Wireless" VLAN and "the world":

The ViperNet appliance is also a DHCP server (to dole out "bogus" IP addresses and DNS server/gateway information), as well as a DNS server that simply resolves all DNS requests to itself. It's also running a web server. All a user has to do is fire up a web browser and go to any webpage (one generally is requested when they start their browser) and they will be forced to see the registration page. From that page, they have access to all of the information they need to access the Internet. As an added benefit, we can control who has functional use of our wireless network- preventing intrusions and unwanted users from gaining access to network and Internetwork resources.

The diagram below outlines the "steps" involved for a wireless computer to gain access to the greater network.

The ViperNet system runs on Linux, uses Open Source software and in-house developed middle-ware. Currently, the ViperNet appliance is a 1U rackmount w/ 2 Intel Xeon Processor running at 1.4Ghz. The system is trivially clustered for either redundancy, scalability, or both. In field tests, available bandwidth ran out long before the processors, memory, and other I/O systems were too heavily taxed.