I. Title

  1. Name: Policy on Deployment, Operation, and Registration Requirements for Wireless Access Points on PennNet

  2. Number: 20010910-wirelessreg

  3. Author(s): J. Bauer (SEAS), J. Edwards (ISC), M. Wehrle (ISC), J. Yates (SAS)

  4. Status: [ ] proposed [ ] under review [X] approved [ ] rejected [ ] obsolete

  5. Date proposed: 2001-03-21

  6. Date revised: 2001-05-16, 2006-04-20

  7. Date approved: 2001-09-10, 2006-08-14

  8. Effective date: 2001-09-10, 2006-10-03



II. Authority and Responsibility

Information Systems and Computing's Networking & Telecommunications organization is responsible for the operation of Wireless-PennNet (Penn's wireless data networks) and has the authority and responsibility to specify requirements for any devices connecting to PennNet that can be used to extend network connectivity. This authority extends to devices that could adversely impact the operation of ISC N&T registered network-connected devices.

III. Executive Summary

This policy specifies the requirements and limitations for the operation of Wireless Access Points (APs) and related wireless LAN infrastructure on PennNet. It also provides related "best practice" recommendations on how to do so without impacting other network users.

IV. Purpose
The purpose of this policy is to specify the requirements and limitations for wireless LAN operation on PennNet. While wireless LANs can provide a very efficient and convenient way to maintain access and provide some limited user mobility, their use under certain circumstances can cause significant problems (see VI. Risk of Non-compliance).

V. Definitions

Access Point or AP
A device that provides radio signal connectivity for wireless LAN clients and a wired-network connection, bridging the wireless and wireline networks.

Wireless Client
A network node using wireless radio signalling to reach a network through an association with a wireless AP.

Center Frequency or Channel
The specific frequency range at which a given AP and its wireless clients operates within the larger frequency range used by wireless Local Area Networks.

Wireless PennNet
Wireless service that is installed and operated by ISC Networking and Telecommunications

School/Center or Department Supported Wireless Network
A wireless network that is installed and operated by a School/Center or department and connects to PennNet. These wireless networks tend to be much larger, and their coverage can range from an office area to an entire building or complex of buildings. The design and installation of these networks are those that are jointly approved, and in some cases installed  by ISC Networking & Telecommunications.

Wireless LAN
A locally supported wireless LAN consisting of at least one AP that is installed and operated by Penn faculty, staff, consultant, contractor, or student. These wireless LANs are not necessarily supported by a School/Center or Department LSP.

VI. Risk of Non-compliance

IEEE standard 802.11 networks operate using unlicensed wireless spectrum. Given that, only a very small number of wireless APs can be in active operation within a given geographic area without creating performance-degrading interference for each other. Even given limited deployment, it is important to have the AP frequency settings configured in a non-interfering way. For this reason, coordination among those wanting to operate wireless LAN APs is essential.Improper configuration of wireless access points can cause significant networking problems for other users of PennNet, and it can cause interference with other wireless devices. This can make troubleshooting the network more difficult and time consuming, and thus could have financial implications to the user or department.

VII. Scope

This policy applies to any device acting as a wireless AP on PennNet and/or in any University of Pennsylvania campus building or open area.

VIII. Statement of policy

  1. Any individual wishing to set up a new wireless LAN must first determine if wireless service already exists in the area to be covered. This includes consulting with ISC's registered access point database and performing site surveys. Interoperability of the intended installation and any existing wireless infrastructure must be addressed among the affected groups.
  2. Anyone that wants to then proceed with installing a wireless LAN must complete a registration form at http://www.upenn.edu/computing/pennnet/AP for the proposed number of APs. This form must be reviewed by ISC Networking & Telecommunications before any wireless AP's can be installed. ISC Networking & Telecommunications reserves the right to disallow the registration and operation of an AP if it would result in a conflict with another AP or networking device serving the same area.
  3. All AP registrations must be validated annually. ISC Networking and Telecommunications will send a report of registered AP's by contact name, to the responsible parties, at the begining of each fiscal year.
  4. Existing APs that are part of a wireless LAN will have to be disconnected from PennNet and may need to be shut down or reconfigured at a later date, if/when Wireless PennNet or a School/Center or Department Supported Wireless network is to be installed in the same area or proximity
  5. Requests to install new wireless LANs in buildings that already have Wireless PennNet or a School/Center or Department Supported Wireless network service may be denied.
  6. AP devices acting as DHCP servers must comply with the Policy on the Operation of DHCP Servers on PennNet at http://www.net.isc.upenn.edu/policy/approved/20000530-dhcpserver.html
  7. All IP addresses handed out by an AP must be registered in accordance with the Policy on the use of PennNet IP address space at http://www.net.isc.upenn.edu/policy/approved/20000124-ipaddress.html
  8. AP devices acting as routing devices must comply with the Policy on the Operation of Routing Devices on PennNet at http://www.net.isc.upenn.edu/policy/approved/20030310-routing.html
  9. All private wireless LANs must comply with the Policy on Requirements for Authenticated Access at Public Jacks, Kiosks, Wireless Networks, and Lab Computers on PennNet at http://www.net.isc.upenn.edu/policy/approved/20010910-netauth.html
IX. Recommendations and Best Practices

The following related practices are strongly recommended by ISC Networking & Telecommunications.

  1. Check with your School or Center computing director before planning a wireless LAN. Plans may already exist for broader building-wide wireless LAN initiatives.
  2. Careful planning of wireless LANs, including use of a formal site survey process, can significantly reduce later frequency conflicts and network performance problems. ISC Networking & Telecommunications can provide assistance in wireless LAN site surveys upon request.
  3. LAN Administrators should consult the Wireless PennNet Home Page at http://www.upenn.edu/computing/wireless/. Pay particular attention to the Known Issues bullet at http://www.upenn.edu/computing/wireless/faq/known.html inside FAQ Section.
  4. Wireless LAN "center frequencies" should be chosen such as to avoid frequency overlap. The use of only channels 1, 6, and 11 in 802.11 and 802.11b/g wireless LANs can help to avoid overlap.
  5. Wireless APs should be configured as bridging devices with DHCP services disabled. Configuring wireless APs as routing devices should be avoided as this can make troubleshooting and technical support more difficult and time consuming.
  6. In cases where access points have variable radio power levels, the minimal power level that provides the intended coverage should be chosen so as to limit interference with other devices operating in that frequency range.
  7. Users or departments that operate a private wireless LAN should periodically scan their building or area to ensure that there are no rogue access points.

X. Compliance

A. Verification: Unregistered or misconfigured APs discovered as a result of monitoring will be tracked and the owner notified.

B. Notification: Notification shall be made to the LSP and/or server administrator for the area whenever possible and practical.

C. Remedy: Remedy will normally be the removal of the access point (AP) from the network until such time as it can be brought into compliance. ISC Networking & Telecommunications will offer assistance to the LSP for the area in bringing AP configuration and registration into compliance.

D. Financial Implications: Charges may be assessed for time spent by ISC Networking & Telecommunications in troubleshooting problems attributable to a non-compliant or misconfigured AP. Please see the Policy on Troubleshooting Charges for Violations of PennNet Policies for information on additional fees that may be assessed to cover the costs incurred in troubleshooting related to violations of this policy.

E. Responsibility: Responsibility for remedy lies with those responsible for the AP and/or the local area network. In the vast majority of cases, the area LSP will have involvement in the implementation of the remedy.

F. Time Frame: AP registration requests that fall within policy compliance can be granted within 2 business days. Requests that involve appeals to this policy can take substantially longer. Non-compliant APs must be remedied immediately to reduce risk of networking failures for other network users. Confirmation of AP validation period should be within 45 days after the report gets sent to the LSP and/or server administrator. No responses after 45 days will be considered non-compliant.

G. Enforcement: Please see the Policy on Computer Disconnection from PennNet at http://www.upenn.edu/computing/policy/disconnect.html.

H. Appeals: Please see the Appeals section of the Policy on Computer Disconnection from PennNet at http://www.upenn.edu/computing/policy/disconnect.html.

XI. References