Design and document a secure wireless local area network (WLAN) authentication process.
Other than the Internet, probably no aspect of technology will have more impact on the classroom than the wireless local area network (WLAN), which may soon become as indispensable to the educational mission as chalkboards and textbooks. In the 21st century, technological literacy will be a primary determinant of whether a student succeeds or fails later in life. The ability to access and work with a wide range of information technology (IT) applications will be critical to ensuring this literacy. The benefits of a pervasive wireless fidelity (Wi-Fi) deployment in primary and secondary education include:
Infrastructure Flexibility: School districts’ learning technology needs can be as unpredictable as class sizes. A WLAN can be quickly rolled out virtually anywhere, without the need for extensive retrofitting of existing infrastructure.
Speed: Classroom productivity is measured in terms of how much can be taught in a short period. Students can access a WLAN-enabled learning environment in a matter of seconds, without special connections, transmission control protocol/Internet protocol (TCP/IP) changes, or a tangle of cables. Teachers can focus on teaching and students can focus on learning.
Resource Mobility: A WLAN allows technology-learning tools such as laptops to be moved to wherever students are, rather than vice-versa. This makes the concentration of mobile computing resources possible in a single classroom while maximizing hardware utilization and a return on the investment.
Deploying WLAN in the classroom can bring enormous benefits, but there are some unique challenges to this environment. For a start, school IT staff is often stretched thin by the support demands of large numbers of users, so the WLAN solution cannot require time-intensive configuration and administration. Schools also pose wireless coverage challenges because of the conflict between their sprawling layouts and the need to provide connectivity to multiple users in the confined area of a classroom. In addition, given the uncertainties of the school budget process, WLAN deployment costs must be kept low, leveraging existing infrastructure where possible, and offering advantages in terms of scale and price.
After reading the given information on the requirements of a school’s WLAN, your task for this assignment is to prepare a professional report. The report should focus on the following:
Identify the potential user groups and users of WLAN in a school environment.
Assess the WLAN for probable risks in a school environment.
Specify security requirements by user class or type.
Mock-up a simplified data classification plan.
List and justify particular applications and protocols that should be allowed on the WLAN.
Determine whether personal digital assistants (PDAs) should be allowed to access the WLAN.
Full Answer Section
-
- Staff
- Guests (Limited Access)
- WLAN Risks
- Unauthorized Access: Outsiders gaining access to the school network and its resources.
- Data breaches: Student information, lesson plans, or internal data breaches.
- Malware Infection: Viruses, worms, or spyware spreading through the network.
- Misuse: Inappropriate content access, bandwidth abuse, or cyberbullying.
- Security Requirements by User Class
- Students:
- Strong password management and enforcement.
- Content filtering to restrict inappropriate websites.
- Limited access to network resources (e.g., administrative areas).
- Teachers/Faculty:
- Secure access for lesson planning and educational resources.
- Ability to manage student devices and activities to an extent.
- Administrators/Staff:
- Full network access for management and administrative tasks.
- Multi-factor authentication for heightened security.
- Guests:
- Separate, limited-access network with internet access only.
- Mock-up Data Classification Plan
| Data Classification |
Description |
Access Level |
| Public |
General information, school website content |
Open access |
| Confidential |
Student records, grades, attendance |
Authorized personnel only |
| Highly Confidential |
Social security numbers, medical records |
Restricted access (administrators) |
drive_spreadsheetExport to Sheets
- Allowed Applications and Protocols
- Applications:
- Educational tools (learning management systems, research platforms)
- Communication tools (email, collaboration platforms)
- Productivity tools (word processing, spreadsheets)
- Secure web browsing (filtered for educational purposes)
- Learning management systems (LMS)
- Protocols:
- HTTPS (secure web browsing)
- SSH (secure remote access for authorized personnel)
- 802.1X (port-based network access control)
- DHCP (automatic IP address assignment)
- DNS (domain name resolution)
Justification: The allowed applications and protocols support learning activities, communication, and efficient school operations while prioritizing security.
- Personal Digital Assistants (PDAs) Access
Yes, PDAs should be allowed access to the WLAN with restrictions.
- Benefits:
- PDAs can be valuable learning tools for notetaking, research, and educational applications.
- Restrictions:
- Require registration and user authentication for PDAs.
- Implement content filtering similar to student devices.
- Limit network resource access based on user type.
- Conclusion
This secure WLAN design balances user needs with security concerns. By implementing user-based security policies, data classification, and appropriate application/protocol allowances, the school can create a safe and productive learning environment. Utilizing existing infrastructure where possible and considering future scalability ensures cost-effectiveness. Remember, this is a simplified model, and further customization might be necessary based on the specific needs of the school.
Sample Answer
Executive Summary
This report outlines a secure WLAN design for a school environment, considering user groups, potential risks, security requirements, data classification, application and protocol allowances, and Personal Digital Assistant (PDA) access. The solution prioritizes user needs, security, manageability, and cost-effectiveness for optimal learning experiences.
1. User Groups and Users
- Primary Users:
- Students (Elementary, Middle, High School)
- Teachers
- Faculty
- Secondary Users: