|
Dartmouth is in the midst of a project to switch both its wired and wireless network to require authentication. This is in response to a security assessment done by an outside firm indicating that one of our largest security holes is the ability for anyone to use our network. It also allows us to become a "private network" under the terms of the Communications Assistance for Law Enforcement Act (CALEA).
Changes were implemented to the wireless infrastructure in August 2007. The unsecure Kiewit Wireless network was turned off in February of 2008. Information about these changes is available via the Press Release and Frequently Asked Questions.
Changes to the wired network will be implemented in the coming months. Additional information about these changes will be posted on this page when it becomes available.
Currently, Dartmouth has several different types of networks and authentication methods:
- Open - Unauthenticated and unencrypted.(e.g., the Ethernet network, and the Dartmouth Library Public and Dartmouth Public wireless networks).
- Authenticated:
- Wireless 802.1x - Client certificate stored on an eToken or on the computer, encrypted (Dartmouth Secure wireless network).
- Wired 802.1x - Client certificate stored on an eToken or on the computer, unencrypted or encrypted.
- VPN - User name and password, client certificates stored on an eToken, encrypted.
The changes are being made so that most of the network connections made by Dartmouth community members will be authenticated, and the data traveling across the network will be encrypted.
|
