UCLA Wireless Networking Standards and Guidelines

UCLA Wireless Networking Standards

I. Introduction

This document updates and revises the technical standards established at the conclusion of the UCLA Wireless Pilot contained in the document dated February 12, 2004 (http://www.cts.ucla.edu/support/publications/wireless_standards.pdf). These standards apply to both the UCLA Unified Public Network (UPN), which covers and is maintained by numerous units on campus, and to the various “private” wireless networks operated and maintained by a variety of individuals and groups on campus. The fundamental purpose of these standards is to ensure a uniform experience of UPN users across the UCLA campus. Those responsible for setting up UPN associated wireless networks, whether as new installations or modifications of existing installations, should use these standards to guide them. Additional documentation providing some step-by-step instructions for setting up a UPN associated wireless network will be/is available at (URL).

The UCLA Wireless Standards Board (WSB) will revise these standards periodically as wireless technology develops, and as UCLA organizational and operational infrastructures on campus evolve. The revised standards will be reviewed by the UCLA Common Systems Group (CSG) and published on the CSG website.

While the following standards apply to all wireless implementations operated by any organization, entity, or individual on campus, it is well understood that in a diverse academic environment such as UCLA it is critical that standards such as these do not preclude implementations important to the scholarly mission of the university. Consequently, the WSB is available to review any wireless implementations that do not conform to these standards, and may grant exemptions to the standards in cases judged not likely to pose any significant problem for the UPN or other potentially affected wireless networks. To reach the WSB, please email

For simplicity and linguistic clarity, the WSB has restricted the language indicating the requirement level of each standard to the following terms: “required” (equivalent to RFC 2119 terms “Must,” “Shall,” or “Required”), “prohibited” (RFC 2119 terms “Must not” or “Shall Not”), “recommended” (RFC 2119 terms “Should” or “Recommended”), and “allowed” (RFC 2119 terms “May” or “Optional”). For ease of review, the standards are organized below into three general categories: general code compliance, access point specifications, and operational practices, with the requirement level listed for each standard. Some discussion of each of the standards follows the listing below.

II. General Code Compliance

UPN / Private
1. Equipment to meet all applicable rules and regulations of controlling regulatory agencies (FCC, PUC, etc.) / Required / Required
2. Antenna installations to comply with University environmental health, building and fire codes as well as ANSI C95.1-1991 / Required / Required
3. Power to Access Points to comply with fire and safety codes (NFPA, CBC, CEC) / Required / Required
4. Compliance with the UC Electronic Communications Policy / Required / Required

III. Access Point Specifications

UPN / Private
5. 802.11b support (Wi-Fi certified) / Required / Recommended
6. 802.11g support (Wi-Fi certified) / Recommended / Recommended
7. Access Points support Power over Ethernet (IEEE 802.3af, TR 41.3.4) / Recommended / Recommended
8. Antennas to be located at perimeter of coverage area pointing into coverage area / Recommended / Recommended
9. 802.11b (and 802.11g if it is used) 2.4 GHz ISM band channels: 1, 6, 11 only / Required / Required
10. Radio power levels to be adjusted to minimum necessary to cover desired area / Recommended / Recommended

IV. Operational Practices

UPN / Private
11. Site Survey to be conducted prior to or during installation / Recommended / Recommended
12. Registration of Access Points (APs) in "Wireless Network Registry" / Required / Required
13. All users and devices to be authenticated / Required / Required
14. Central campus or local server to be used for user-based authentication / Required / Recommended
15. All data to be encrypted / Required** / Recommended
16. UPN Access Control List or functional (vendor) equivalent to be used / Required / Recommended
17. IP addresses to be assigned via DHCP / Required / Recommended
18. Corresponding forward and reverse DNS entries for each DHCP address (does not have to be dynamic, just need a forward and reverse name for each address) / Required / Recommended
19. Use of splash screen (captive portal) upon connection to wireless network / Recommended** / Recommended
20. Use of Access Point-based encryption or authentication / Prohibited / Allowed
21. Broadcast of SSID / Required
(UCLAWLAN) / Prohibited
22. Interference with UPN Network / Prohibited / Prohibited

** NOTE: Beginning sometime around March, 2005, the requirement for encryption for the UPN will be removed, and the use of a splash screen (captive portal) for the UPN will be required (as opposed to recommended). This shift will make the UPN more easily used by the UCLA community and reduce the support issues associated with VPN clients. Those unit implementing wireless before March, 2005, are encouraged to configure their network to the future standards.

V. Discussion of Standards

Following are brief summaries of the issues considered by the WSB in arriving at the standards.

1. The necessity for compliance with local, state, and federal regulations governing wireless was accepted without debate.

2. The necessity for compliance with university and ANSI codes applicable to wireless antenna installation was accepted without debate.

3. The necessity for compliance with fire and safety codes for power to Access Points was accepted without debate.

4. The necessity for compliance with the UC Electronic Communications Policy was accepted without debate.

5. 802.11b certification is ‘required’ for Access Points to be part of the UPN, since “b” is the de-facto implementation on campus, and certification would ensure some level of interoperability. As the uses of wireless in Private networks can only be guessed at, the WSB believes that support for 802.11b is ‘recommended’, though not always necessary. (Because 802.11a Access Points have almost no presence on campus, and are generally regarded as a technology which is now more or less obsolete, the WSB chose not to consider them.)

6. 802.11g certification is ‘recommended’ since it is beginning to be implemented, it is rare to find Access Points without ‘g’ capability, and yet it would be a burden to require those who have an investment in 802.11b Access Points to replace them.

7. Power over Ethernet is ‘recommended’ since it allows placing Access Points in unobtrusive spaces, such as dropped ceilings.

8. Perimeter location of antennas is ‘recommended’ to minimize the likelihood of interference; however, it is understood that the complexity of arranging Access Points in buildings may necessitate placement away from perimeter locations.

9. Use of channels 1, 6, and 11 for UPN Access Points is ‘required’ to minimize interference. Use of these channels by Private networks is recommended for the same reason, although the WSB recognizes that there may be instances in which other channels might be appropriate for some installations, as long as they do not interfere with the UPN.

10. Use of minimum power levels is ‘recommended’ to minimize the likelihood of interference, both for UPN and Private Access Points. It is recognized that local conditions may vary enough that power levels might need to be set higher than one would like in order to ensure reliable connections at the edge of coverage.

11. Conduct of a site survey at some time during the installation of wireless Access Points is ‘recommended’ for both UPN and Private networks, since much of the information acquired will be needed for registration in the Wireless Access registry (see Standard 11). A thorough survey will also help minimize costs by finding optimal locations for Access Points.

12. Registration of Access Points is ‘required’ for both UPN and Private networks in order to ensure rapid identification of the location and the source of support of Access Points. Additional information about the APs will help troubleshooting in the event of reported problems.

13. Authentication of users is ‘required’ for both the UPN and Private networks in order to minimize possible abuses of wireless resources on campus.

14. A central (CTS) or local server is ‘required’ for authentication for the UPN and ‘recommended’ for Private networks.

15. Encryption is ‘required’ for the UPN network and ‘recommended’ for Private networks in order to minimize the capturing of data. **

16. Use of the UPN Access Control List or some other vendor’s functional equivalent is required for the UPN, and ‘recommended’ for Private networks in order to minimize unauthorized access. The ACL may be obtained from CTS.

17. Use of DHCP to assign IP addresses is ‘required’ for the UPN, as it is a defacto norm. It is ‘recommended’ for Private networks as well, though the WSB understands that some wireless implementations might have reasons for not using DHCP.

18. Use of forward and reverse DNS entries for each address is ‘required’ for the UPN to enable Internet communication without interruptions that can occur if both forward and reverse entries are not available. This is ‘recommended’ for Private networks, but the WSB understands that some wireless implementations might have reasons for not implementing forward and reverse DNS entries.

19. Use of a splash screen upon connection to the UPN or a Private network is ‘recommended.’ The splash screen should contain information that helps users know which wireless network they are connected to, how to connect to the campus (or other) VPN, the location of the access point through which they are connected (if possible), and phone number(s) and or location for the help desk supporting the local Access Point. **

20. Use of Access Point-based encryption or authentication (e.g., WEP, WPA, LEAP, etc.) for Access Points associated with the UPN is ‘prohibited,’ since these will interfere with the authentication/encryption provided by CTS or the local UPN provider (see Standards 13, 14, and 15, above). For Private networks, Access Point-based authentication/encryption is ‘allowed.’ The WSB recognizes that a local Private wireless network may accomplish a basic level of security through AP-based services and features, which may serve local or temporary purposes.

21. Broadcast of the UPN SSID (Service Set Identifier) is ‘required’ for the UPN, in order for all users on campus to be able to easily and unambiguously identify the UPN. Private networks are ‘prohibited’ from broadcasting any SSID; it is expected that Private network providers will inform their users how to connect to the network.

22. For both members of the UPN and Private networks, it is ‘prohibited’ to interfere with the UPN. It is a fundamental assumption that the UPN takes precedence in matters of wireless communication on campus. This principle is the basis for resolving any conflicts that may arise between implementations of wireless, whether Private or part of the UPN.

Wireless Standards Board Subcommittee on Technical Standards

Alan Wood (Arts & Architecture)

Babak Saberi (Life Sciences)

Bill Akers (GSE&IS)

Daniel Tran (SSC)

Eric Crane (AGSM)

Greg Kitch (SEAS)

Huy Chung (Student Affairs)

John Haghighi (Humanities)

Ken Davis (External Affairs)

Kent Tom (Medical Center)

Mark H. Bower (CTS)

Marsha Smith (ATS)

Max Kopelevich (Physical Sciences)

Michael Nguyen (College of L & S)

Mike Van Norman (CTS)

Nitesh Bondale (CTS)

Peter Kovaric (GSE&IS)

Tom Phelan (SSC)

Victor Mendez (SPSSR)

UCLA Wireless Standards Board November 17, 2004

Page 1 of 8