Carrier WiFi

Case Study: McGill University

The idea to install a wireless LAN network on the McGill University campus came to Gary Bernstein, director of network and communications services at the Montreal school, after a student asked him if she could access "her stuff" [ed. note: ewww!] on a laptop without having to queue up to use the public Ethernet jacks installed in the libraries.

Initially, Bernstein's plan was to provide 802.11b wireless access for communal areas in the 14 libraries dotted around the campus. However, since the first rollout of access points last February, the project has grown in size and scope.

Currently, around 40 of the 125 buildings on campus have some form of wireless Internet access. To provide this degree of coverage, Bernstein and his crew have so far installed 175 access points. The entire setup has cost around $400,000 Canadian (US$263,141) to install.

Bernstein has chosen to use access points from Colubris Networks Inc. for the rollout. He has also installed eight of the firm's CN3500 access controllers, which allow him to set access rights for students on the network and "ring-fence" certain private access points so that only users with the right password get to use them.

The access controller also allows Bernstein to monitor traffic on the network. "The maximum number of users on a public access point we'll support is about 40," he says. Once a hotspot starts to get overcrowded, Bernstein estimates it takes about 10 days to install a new one to boost coverage in that area. He runs Ethernet cabling to the hotspots and usually installs them overhead using a false ceiling.

However, Bernstein says that it was mainly Colubris's willingness to work with him to implement a tough security system on the network that initially impressed him and motivated him to chose the company over other vendors.

All of the university's access points have the standard Wired Equivalent Privacy (WEP) encryption algorithm turned off (see this paper for details on why you might not want to rely on WEP if you're at all concerned about wireless security). Instead the McGill system uses VPN tunneling to allow students to access their "stuff" on the Internet and intranet.

However, in order to use this secure access method, a VPN dialer has to be activated on the laptop. Bernstein says on his first visit to Colubris's head office in Quebec, a little over a year ago, together they worked up an application that automated this process.

The first time a user tries to access the McGill WLAN network, the access controller intercepts the communication and downloads the custom application onto a user's laptop. The student is then asked to type in a user name and password. If the login is successful, the application activates the VPN dialer and the user is allowed to access the rest of the network. The whole process takes around 20 seconds.

There aren't a huge amount of students using the new wireless facilities yet. "What we're seeing is probably about 100 simultaneous users on the network," Bernstein says. However, he expects this to change this year as students choose to buy laptops rather than desktop machines, and more of those laptops come with wireless LAN radios installed.

Now they'll never have to leave the pub, eh?

— Dan Jones, Senior Editor, Unstrung
joset01 12/5/2012 | 12:43:48 AM
re: Case Study: McGill University Well Steve, I'm glad you asked me that. I would have to say no, this isn't a WLAN switch, because you can't switch capacity and you can't prioritize more of the available bandwidth for a particular user.

However, it does share some traffic monitoring and security features with these new wireless switches.

DJ Unstrung
Steve Saunders 12/5/2012 | 12:43:48 AM
re: Case Study: McGill University You say:

"He has also installed eight of the firm's CN3500 access controllers, which allow him to set access rights for students on the network and "ring-fence" certain private access points so that only users with the right password get to use them.
The access controller also allows Bernstein to monitor traffic on the network."

My question: is the CN3500 one of these "switches" you have been writing about recently?????

Steve Saunders 12/5/2012 | 12:43:46 AM
re: Case Study: McGill University thankee
ctrain64 12/5/2012 | 12:43:41 AM
re: Case Study: McGill University The Colubris CN3500 Access Controller is a rack mountable access controller capable of supporting up to 1024 simultaneous wireless users. Designed for use in the medium to large wireless environment such as large hotels, university campuses and airports, the CN3500 combined with its companion product, the CN300, represents the latest state-of-the-art technology.

Embedded customizable firewall, full router with RIP, complete user authentication and accounting using the on board RADIUS client, comprehensive management tools, customizable login pages, per session per user access lists and much more. The CN3500 is a complete, robust integrated solution for rapid deployment of large-scale wireless networks.
deepciscothroat 12/5/2012 | 12:43:31 AM
re: Case Study: McGill University Dan
since when are the message boards placements for company advertisements. We looked at these guys (who are desparately looking for funding) and decided we could do it ourselves
It's not a real router, its a low-end pc controller. The McGill story is 6 months old. What have they done for their investors lately
spc_myles_telos 12/5/2012 | 12:43:29 AM
re: Case Study: McGill University CW,

Your comments seem somewhat brash. I think the key vantage in colubris is not the router vs. pc controller story, but the architecture they have for security, and how they are differentiating themselves from other vendors/solutions.

Cisco is king, but if so, how come they didn't get the McGill deal? Obviously it's on Colubris' home turf, but it's a big packaged solution, not just WLAN for enterprise or whatever anymore... it's a campus wide solution.

Something that hasn't been that prevalent in the market-speak. Hotspots and enterprise LANs have been the hot items. This is a venture to embark on a larger scale deployment, which requires some architecture/scaleability concerns that seem to have been addressd.

Criticisms of WLAN have been that it's not scaleable and has weak security. Pretty good start I must say.

I've seen the cisco SAFE docs for wlan and etc... and i'm sure there are cisco campus solutions too... but WLAN is hot, case studies like this one give other campuses ideas for how they wish to deploy.
deepciscothroat 12/5/2012 | 12:43:21 AM
re: Case Study: McGill University Myles
I think the issue is that this little kluge was deployed at McGill (give me a break, a french canadian company wins mcgill) a long time ago is not really a case study at this juncture, but marketing bs

Shame all Colubris does is a little overlay appliance function. They are toast. Bluesocket is toast (we have some tasty plans for them, too!)

PASSWORDS? System has to recognize the users. Passwords are hackable and so 1990s

Why am I picking on Colubris?

1. I hate their name. It's stupod
2. Too close to Nortel.
3. Their message is tired. Look at the "Corporate Vision" on their website

"Total customer satisfaction is at the very core of all our business practices. Our goal is to deliver the best possible experience for all our customers, be they end-users, resellers, distributors, or business partners."

Toast. Roadkill. Over. A
and out of money
Sign In