Wireless Connection Policy
The Local Area Network (LAN) at Colorado College has become a powerful tool that supports teaching and learning, research, and the administrative processes of the college. The Information Technology Services (ITS) staff has designed this critical information resource to be as robust and reliable as possible given that it must operate in the relatively open environment of a college campus. Increasingly, devices are being sold commercially that can be connected to the CC LAN to provide enhanced network services for users, i.e., wireless access points, connection sharing devices, and servers. In order to provide the highest level of service to all students, faculty, and staff, and to do everything possible to ensure the security of the CC LAN, ITS has developed some additional policies (see below) that pertain to these devices. This document should be considered an addendum to the Colorado College Pathfinder, addressing IT network specific issues.
Wireless Access Points
Colorado College has recently redesigned and enhanced its entire wired network. During the summer of 2007, we have also revamped the wireless network infrastructure based on the IEEE 802.11a, b, and g wireless LAN standards, operating in the 2.4 (b, g) and 5(a) GHz bands. In order to maintain network integrity, security, and reliability, ITS is the central authority for implementing and maintaining the CC wireless network, and will maintain the highest standards for wireless implementations throughout the campus. To accomplish this task, the following policies will be applied:
- All indoor wireless access points will be Aruba 65, with mandatory WPA2 protocol, AES encryption, and PEAP authentication against the central campus user directory.
- All other makes and models of access points are prohibited on the Colorado College campus.
- Network address translation (NAT) routing is prohibited on all access points.
- Wireless Network Interface Cards (NICs) may not be configured to serve as an access point.
- All access points will be installed and maintained by ITS
- Violations of the above policies, or any other IT policies as outlined in the Pathfinder with regard to networking, may result in termination of network privileges.
Connection Sharing Devices
Connection sharing devices (such as routers, switches and hubs) with NAT are prohibited from the CC LAN
Servers are allowed on the Colorado College campus network, with the exception of Dynamic Host Configuration Protocol (DHCP) servers. ITS provides central DHCP services for the entire campus. Rogue DHCP servers can interfere with ITS DHCP services and this can, in turn, negatively impact all client computers on the network. Individuals or departments are responsible for maintaining the security and integrity of their server systems. For security purposes, all individual servers will only be accessible from the Colorado College LAN.
If you have comments on these policies, please forward them to the Information Technology Policy Board at ITPB@ColoradoCollege.edu.