Deployment and Use of Wireless Data Networks
Office of the CIO
The Ohio State University
January 25, 2006
The Ohio State University maintains and operates the OSUNet (formerly called SONNET) campus-wide wired data network to support the university's instruction, research, and outreach missions. This network connects all campus facilities through a high-speed backbone and also provides worldwide Internet and Intenet2 connectivity. Wireless network technologies increasingly play an important role in complementing the wired network. They bring important benefits in convenience, flexibility, ubiquitous access, deployment, setup time, and sometimes cost. This technology is relatively new so standards, products and vendors change rapidly along with features and functionality.
Most commonly used wireless data network equipment operates within non-licensed portions of the radio frequency spectrum. These areas of the frequency spectrum are a finite resource shared by all users. Especially in confined and highly populated areas such as the university campus, incompatible uses and resultant service degradation are likely complications.
University units deploying wireless access points should be aware that while the Federal Communications Commission (FCC) establishes regulations for use of the unlicensed radio frequency spectrum, it does not license or control the use of these frequencies. Therefore other devices that legitimately use these frequencies may disrupt wireless data network communications. Similarly, wireless data network use may disrupt other legitimate uses of these frequencies. For example, the frequencies used in the 802.11b wireless data standard are in the unlicensed 2.4 GHz Industrial, Scientific and Medical (ISM) band. Devices legitimately using this and other unlicensed bands include cordless telephones, microwave ovens, sprinkler systems, traffic signals, and others. When deploying wireless services for enterprise-wide and mission-critical use and support, interference in these frequency bands must be anticipated and dealt with through careful engineering to ensure service quality and reliability.
In addition, unmanaged and unauthenticated wireless data network access poses significant campus network security, integrity, and reliability risks. Such access also brings risks to mission-critical university services and data and potential university liability risks. University owned or operated wireless devices and devices connected to university infrastructure services such as power or OSUNet must be carefully managed to ensure the integrity of the university wireless infrastructure service.
To help ensure equitable and optimal university wireless data network service and to help best serve the university mission, the Chief Information Officer (CIO) will be responsible for managing, authorizing, and coordinating the connection of unlicensed wireless data devices to OSUNet. The CIO will also exercise authority over the deployment and use of university owned or operated unlicensed wireless devices and unlicensed devices connected to university provided infrastructure services.
This policy applies to the deployment and operation of university owned or operated unlicensed wireless devices and other unlicensed devices connected to university infrastructure services on the campus of the Ohio State University. The policy also applies to university academic and administrative units operating and using such equipment and devices. The Office of Information Technology (OIT) is responsible for administering and enforcing this policy on behalf of the CIO.
The deployment and use of university owned or operated unlicensed wireless devices and other unlicensed devices connected to university infrastructure on the Ohio State University campus is subject to the following:
- All use of wireless access points and devices must comply with applicable laws, regulations, and university policies including FCC regulations and the university's Policy on Responsible Use of University Computing Resources.
- Wireless network access deployment and operation should be consistent with the strategies, directions, and initiatives of the university's Academic Plan and PlanIT Strategic Information Technology Plan.
- University academic and administrative units are responsible and accountable for the operation of university owned or other unlicensed wireless devices connected to university infrastructure services within their physical or administrative areas of responsibility. Only devices compatible with operation of the university's OSU Wireless network may be operated by university units on the university campus.
- Deployment and use of wireless network access points connected to university infrastructure services must be approved by the university academic or administrative unit responsible for the area where the access points are located.
- University academic and administrative units may implement additional policies within their physical or administrative areas of responsibility. Such policies should be available on unit web sites and may strengthen or extend but not weaken this policy’s provisions.
- All wireless network access points connected to university infrastructure on the campus of the Ohio State University must be registered with OIT. The registration process requires information including the responsible university unit as well as technical and operational information about the access point. For full details and to register an access point visit the online registration form.
- As with wired OSUNet access, access through wireless access points must be automatically logged. Logs should be maintained for at least 30 days and should include at least the identity of the user or equivalent information, the date and time of access, and the IP address assigned for the session.
- An unlicensed wireless device deployed and used in a legitimate and compliant manner by a university unit may not be compatible with another unit's legitimate use of an unlicensed wireless device. Operation and use might also be incompatible with the university's OSU Wireless data network. In these cases, OIT telecommunications staff will assist university units with engineering efforts necessary to resolve the issues and will work to negotiate acceptable compromise arrangements. If a compromise cannot be reached, the OIT Senior Director of Operations and Infrastructure will specify a resolution with highest priority given to health and safety and the integrity and reliability of the university's OSU Wireless data network.
- In so far as practicable, all wireless access points operated on the Ohio State University campus must comply with the technical standards and naming conventions specified in the OIT Technical Standards and Operational Requirements for Wireless Data Networks. OIT's Senior Director of Operations and Infrastructure must approve exceptions to this requirement.
OIT telecommunications or CIO security staff will notify a university unit operating a wireless access point that does not appear to be compliant with this policy so that it may be brought into compliance. Wireless access points not brought into compliance may be denied OSUNet access. Telecommunications or security staff may report noncompliant wireless network access points not connected to OSUNet through the CIO to the operating unit's higher management with recommendations for corrective measures.
In addition, telecommunications or security staff may report otherwise legitimate non-data unlicensed wireless devices operated in a manner not compatible with the university's OSU Wireless data network to the CIO and the operating unit's higher management with recommendations for corrective measures.
In a perceived emergency situation, OIT telecommunications or CIO security staff may take immediate steps, including denial of OSUNet access, to ensure the integrity of the university data network and systems, safeguard the health and safety of university community members and property, or protect the university from liability.
All decisions, notifications, or measures taken under this policy may be appealed to the CIO through the CIO Office Director of Information Technology Policy and Services. Appeals should be submitted by e-mail to ITPolicy@osu.edu.
Policy Version 1.0
Approved by the President's Cabinet on January 25, 2006
For More Information
Submit comments, questions, and suggestions to ITPolicy@osu.edu using the ITPolicy web form.