Assignment title: Information
BN303
Wireless Networks and Security
Assignment 2
Trimester 2, 2016
Assignment 2- Case Study: Group Assignment with individual component. Marks will be
based on Individual Contributions.
Report submission due: Tuesday 26th September, 2016, 17.00 pm i.e. Week
10 in the specified submission link on Moodle
Viva Voce (Oral Test) (Mandatory) and
Demonstration (For BONUS marks): Week 11 and 12 during lab (in the extremely
unlikely case of the group receiving full marks for the assignment their bonus marks will
be null so that the maximum total marks of this Assignment remains at 50.)
Total Maximum Marks = 50 (20% of total assessment)
Contributions made by Each Group Member MUST be clearly specified in Report
Purpose of the assessment:
The purpose of this assignment is to exercise and develop skills required to design secure
wireless networks, addressing the need of clients. In this assessment, students will be able to
Apply their knowledge of wireless networking technologies.
Apply their knowledge of wireless security solutions.
Decide and choose among competing technologies andproducts
Description of the assessment:
1. Background
802.1x based Wireless network for authentication and
authorisation at Vancouver State University (VSU), Canada.
The 4000 students and 400 faculty and staff at Vancouver State University (VSU) live and
learn in one of the most beautiful places on earth i.e.Vancouver, BC in Canada. What is not
always so pretty, especially for the university's small IT team, is the deployment of new
campus-wide technology projects.
Our IT team constantly assesses the latest technology to help protect the campus network and
its 4,400 users. With the goal of continuously improving network security, we sought to add
greater authentication and authorization to campus resources through the deployment
of 802.1X access control. The challenge was finding the right solutions to best facilitate
ease of deployment and limit disruption of service to our users.
A key driver for this security upgrade was the fact that VSU's open wireless network could
easily be accessed by anyone on or near the campus. Our CTO, John O'conor, challenged the
IT team to find a solution that worked with our existing infrastructure and was cost effective.BN303 Wireless Networks and Security Page 2 of 6
The idea was to terminate the evil wishes of any potential hackers.
In addition to the obvious hazards of having anyone and any machine connect to the network,
another big issue was being able to capture important information about the wireless users
accessing the campus network. Previously, the team had no way of knowing who was on the
network, or how the network was being utilized. For example, it is important to identify
users who might be doing something inappropriate using network resources. All VSU,
Vancouver students are required to sign an honor code of conduct. If someone violates a
conduct policy, such as downloading inappropriate material, the IT team needed a way to
identify the student as required by the Honor Code Office. With no way to identify users,
reporting violators was next to impossible.
To address these issues, the team wanted to first secure the wireless network, with the longterm goal being to authenticate users on the wired network as well. They decided the best
way to do this was to deploy 802.1X authentication, which is the IEEE Standard for portbased Network Access Control. This would provide a more secure authentication mechanism
for approved users and devices attempting to connect to the network.
Since VSU–Vancouver's network is made up of a mixture of 240 access points from Cisco
and Xirrus, a key best practice for the 802.1X capability to function properly was to select a
new authentication solution that worked in this multi-vendor environment.
The objective of this assignment is to implement 802.1 x authentication for VSU's wireless
network.
Best practices for deploying 802.1X should start with a well thought out plan that
includes, but is not limited to, the following considerations:
o Do your wireless and wired networking devices support 802.1X?
o Will you have the ability to use your existing identity stores?
o The AAA/NAC platform should support multi-vendor environments
The solution should include a way to easily configure 802.1X variables in
a variety of user devices (Windows, Mac OS, Linux)
Creating and testing policies should be easy to use and streamline
processes
The AAA/NAC platform should support a variety of user and device
authentication methods
Visibility and troubleshooting tools should be included
The AAA/NAC platform should provide guest access management and
multiple sponsor roles
Find a vendor that shares in your goals
2. Requirements
Design the network as specified in the above scenario from scratch. You have to submit a
group report and specify each individual group member's contribution on the front page.
You should address the following tasks in your report:
For this assignment, you need to complete the following tasks:
one:
Design the wireless network of VSU according to given specification in the given case
study (In this design you will plan a design for the network and frame that using softwareBN303 Wireless Networks and Security Page 3 of 6
with configuration details. Diagrams can be designed using MS Visio or any other available
network design software).
Two:
Detail all the security requirements for wireless network of VSU-Vancouver stated in the
case study.
three:
Expand further on 802.1x authentication mechanism required wireless network of VSU
Report, step by step procedure of implementing 802.1x for VSU wireless network.
All parts
Use the prepared report and implement 802.1x for demonstration. The implementation
should be appropriate for VSU wireless network. (For demo only you can just use one
access point so that a client can connect to the wireless network using 802.x).
Write a report that includes the following sections: executive summary, introduction, work of
Group members 1 and 2, plan of your implementation along with figure, your
recommendations and conclusions.
BONUS MARKS (at week 12 lab):
As a group implement
To get BONUS marks you have to demonstrate your proposed setup for RADIUS
server based authentication.
3. Guideline for Report Submission and Viva Voce (Oral Test)– Assignment Two(2):
Your assignment should be completed according to the General Guidelines for Presentation of
Academic Work. Your report should explain the followings points in detail:
A cover page, identifying student (name and number), teaching staff, and assignment.
The assignment must use 12 point font size minimum and at least single line spacing
with appropriate section headings.
Reference sources must be cited in the text of the report, and listed appropriately at the
end in a reference list(Follow IEEE).
It should follow standard of academic report guidelines.
The written report should between 6-15 pages in length, with each student contributing
at least five pages regarding their role and findings.
Provide an overview of the design.
Model of wireless network devices and software you require to implement 802.1x.
Describe the significance/justification of wireless network devices and security
requirements used for this design.
Refer to marking criteria for specific components to be included.
In addition to your report, you are required to appear for a Viva Voce (Oral Test) to your tutor.
In this part:BN303 Wireless Networks and Security Page 4 of 6
4. Further instructions:
4.1 Do not PLAGIARISE! Use your own words and design. Use citation and referencing
following IEEE-style to acknowledge the sources you have used in your report forideas.
4.2 Make sure to properly reference any diagrams/graphics, unless you have createdit!
Assessment
Components
Description of the section
Report Presentation Table of contents, figures, references, the minutes and other
appendices
Current network
structure
Description & Diagrams showing the current network (wired and
wireless) of VSU-Vancouver
Security requirements
and justification
Identify all required security requirements and justify those using
logical arguments.
Equipment's Detailed descriptions of major equipments and technologies
Detail of 802.1x
implementation process
( step by step)
List and explain 802.1x implementation process for wireless
network of VSU-Vancouver
Demonstration of
802.1x implementation
A wireless client should be able to connect via 802.1x authentication.
Oral Test Clarity of students involvement and understanding of the project
Poor writing Inadequate structure, careless & untidy presentation
Plagiarism Type of plagiarism
- Copy from other student
- Copy from internet source/textbook
- Copy from other sources
Extensions: Approval of extension requests, that were accompanied by supporting
documentation, must be received by the student in writing before 3 working days from the due
date else penalties may apply for late submission without an approved extension.
Penalties: Academic misconduct such as cheating and plagiarism may incur penalties ranging
from a reduced result to program exclusion.
5. Marking Rubric: Total marks for report: 36. Marks are allocated asfollows:
Marking for Assignment 2 (group report) Total Marks= 50BN303 Wireless Networks and Security Page 5 of 6
Student Names & IDs:
Submission Due: …./…../2016
Date Submitted:.…/…../ 2016
Marker's Name: Mark
Achieved
in report:
/50
HD
80-100%
DI
70-79%
CR
60-69%
P
50-59%
Fail
<50%
Report
Presentation
/8
Table of contents
with appropriate
section numbers,
figures, references
and other
appendices
Table of contents
with appropriate
section numbers,
figures, references
Table of contents
with section
numbers, figures,
references
Table of
contents
and
reference
s
No proper
table of
contents,
figures,
references
Current The diagram The diagram The diagram The The diagram
network included all system included most included system diagram did not
infrastructure components and system components and included included
interconnecting the components and interconnecting all important
devices, with proper interconnecting the devices, with system system
/12 labelling of network the devices, with proper labelling compone components
equipments. proper labelling of of network nts with .
network equipments. proper
equipments. labelling
of
network
equipme
nts.
Equipment's, Detailed Detailed Detailed Detailed some
Security descriptions and descriptions and descriptions and descriptio descriptions
requirements very well supported well supported supported ns and only.
and arguments. arguments. arguments. some
justification supportin
/12 g
argument
s.
802.1x Detailed Some detail Brief descriptions Very brief Incomplete
implementing descriptions and descriptions and and complete descriptio steps.
steps complete steps. complete steps. steps. ns and
/12 complete
steps.
Oral Test Student has very Student has good Student has clear Student Student is
good and clear and clear understanding has confused
understanding about understanding about the activity understa about the
the activity about the activity performed in the nding activity
/6 performed in the
project.
performed in the
project.
project. about the
activity
performed in
the project.
performe
d in the
project.
BONUS The implementation The The The The
marks for is very well suited implementation is implementation is impleme implementati
for VSU-Vancouver well suited for suited for VSU- ntation is on is very
Demonstratio
n
wireless network.
The authentication
should be well
VSU-Vancouver
wireless network.
The authentication
Vancouver
wireless network.
The
suited for
VSUVancouv
well suited
for VSUVancouver
/10 appropriate to
support business
should be
appropriate to
authentication
should support
er
wireless
wireless
network.
need of VSU- support business business need of network. The
Vancouver. need of VSU- VSU-Vancouver. The authenticatiBN303 Wireless Networks and Security Page 6 of 6
Vancouver. authentic
ation
Inadequa
te to
Support
business
need of
VSUVancouv
er.
on should
be well
appropriate
to support
business
need of
VSUVancouver.
Poor writing Inadequate structure, careless & untidy presentation -20
Plagiarism Type of plagiarism
- Copy from other student
- Copy from internet source/textbook
- Copy from other sources
-50