Skip to main content
  • Related Documents: Wireless LAN Communications Policy
  • Approval Dates:  June 2005, August 2007
  • Approved by:  Vice President, Administration and Finance
  • Jurisdiction:  Vice President, Administration and Finance, Computing and Communications Services (CCS)

Purpose

This policy prohibits access to Ryerson University networks via unsecured and interfering wireless communication methods.  Only wireless systems that meet the criteria of this policy will be approved for connectivity to Ryerson University’s networks.

Scope

This policy covers all wireless IEEE 802.11 communications devices (eg. personal computers, PDAs, etc.) connected to any of Ryerson University’s internal networks.  This includes any form of wireless communications device capable of transmitting packet data.  Wireless devices and/or networks without any connectivity to Ryerson University’s networks do not fall under the jurisdiction of this policy, providing they do not interfere with existing authorized wireless network operations.

Policy

Register Access Points (APs):  All wireless Access Points/Base Stations connected to the RIN (Ryerson Information Network) must be registered.  These Access Points/Base Stations will be subject to periodic penetration tests and audits by CCS.  Non-registered and non-compliant APs will be automatically disabled by the campus-wide wireless management system.  The subnet on which the AP resides may be disconnected from the RIN should the problem persist.

Approved Technology:  At minimum, APs should be able to perform the following:

1.   128-bit WEP encryption;

2.   MAC address control.

Encryption and Authentication

1.   All traffic from wireless LAN devices must be encrypted;

2.   All users on the wireless LAN must be authenticated.

To comply with this policy all wireless implementations:

1.   Must maintain encryption of at least 128 bits;

2.   Must support a hardware address that can be registered and tracked, ie. MAC address;

3.   Must support and use strong user authentication which checks against an external database such as RADIUS, LDAP or something similar.

Interference Management:  All equipment that operates intentionally or inadvertently in the wireless frequency spectrum must be carefully installed and configured to avoid interference between components of different network segments and other equipment. Consistent with ensuring the management of interference:

1.         The installation, management, and use of all wireless communication networks shall be consistent with federal and provincial laws and regulations and with Ryerson University policy.

2.         The order of priority for resolving unregulated frequency spectrum use conflicts shall be according to the following priority list:

  • Life Safety
  • Curriculum
  • Administration
  • Research
  • Public access
  • Personal

 

Enforcement

1.         Wireless implementations failing to pass penetration tests and audits will be denied connectivity to the RIN;

2.         Unregistered APs will be automatically disabled or de-activated;

3.         CCS will respond to reports of suspected devices causing interference and disturbing the campus network or the surrounding neighborhood. Where interference cannot be resolved, the use of wireless devices will be restricted.

Jurisdiction

This policy falls under the jurisdiction of the Vice President, Administration and Finance.  The application and interpretation of the policy, and its associated procedures, is the responsibility of the Director, Computing and Communications Services (CCS).