|
Dartmouth is in the midst of a project to switch both its wired and wireless
network to require authentication. We will maintain separate wireless networks
for people who want to connect to the Internet, but who do not want to or who
cannot authenticate, or for people who are working in the libraries who need
access to Library resources and are not members of the Dartmouth community, so
do not have any credentials with which to authenticate.
This is in response to a
security assessment done by an outside firm indicating that one of our
largest security holes is the ability for anyone to use our network. It also
allows us to become a "private network" under the terms of the Communications Assistance for Law Enforcement Act
(CALEA).
Changes were implemented to the wireless infrastructure in August 2007.
Information about these changes is available via the Press
Release and
Frequently Asked Questions.
Changes to the wired network will be implemented in the coming months.
Additional information about these changes will be posted on this page when it
becomes available.
Currently, Dartmouth has several different types of networks and
authentication methods:
- Open - Unauthenticated and unencrypted.(e.g., the Ethernet network, and the
Dartmouth Library Public and Dartmouth Public wireless
networks).
- Authenticated:
-
Wireless 802.1x - Client certificate stored on an eToken or on the
computer, encrypted (Dartmouth Secure wireless network).
-
Wired 802.1x - Client certificate stored on an eToken or on the computer,
unencrypted or encrypted.
-
VPN - User name and password, client certificates stored on an eToken or on
the computer, encrypted.
The changes are being made so that most of the network connections made by
Dartmouth community members will be authenticated, and the data traveling
across the network will be encrypted.
|
