X
Home & Office

Open source key to Victorian schools

Victoria's Department of Education and Training is continuing to develop in-house server software it built on top of open-source tools to bring its state-wide wireless network to life. Loris Meadows The software -- dubbed EduPaSS -- was developed as part of the state's AU$6 million Wireless Networks for Schools (WiNS) initiative which last year saw over 1,700 Victorian schools given high-speed wireless access on their campuses.
Written by Renai LeMay, Contributor
Victoria's Department of Education and Training is continuing to develop in-house server software it built on top of open-source tools to bring its state-wide wireless network to life.

      Loris Meadows
Loris Meadows
The software -- dubbed EduPaSS -- was developed as part of the state's AU$6 million Wireless Networks for Schools (WiNS) initiative which last year saw over 1,700 Victorian schools given high-speed wireless access on their campuses.

One EduPASS server sits in each of those schools, controlling student and staff access to network and Internet services.

"EduPaSS version 2 is currently waiting for approval, it's all documented and designed. And this time around we've had more time to design and document," the department's head of ICT security Loris Meadows told a Sydney conference yesterday.

EduPaSS is built upon "best of breed" open source software, according to Meadows, including the Smoothwall Linux Distribution, FreeRADIUS, OpenSSL and a custom Linux kernel based on Red Hat.

"Microsoft weren't very impressed," she told the audience.

The software has proved its worth since WiNS went live last year. "Since June 1st 2005, we've had 17.5 million successful authentications," said Meadows.

Version 2 of the software will add advanced features like Quality of Service (QoS) for bandwidth management, the Wi-Fi Protected Access version 2 (WPA2) sercurity mechanism, and in-line intrusion detection.

"We'll be using FTWall to prevent peer to peer sharing such as Kazaa, Gnutella and Napster," said Meadows. In addition, the department has already implemented "a central view of all EduPaSS servers".

Meadows said the department would not be contributing any code back to the open source community for security reasons, but said white papers would be made publicly available in an effort to share lessons learnt.

A custom open source solution was chosen, according to Meadows, because "there was no third-party solution" to meet the department's needs.

In general, the WiNS project was an outstanding success, according to the ICT security manager, but had not been without its hiccups.

For example, she outlined how the department had persuaded hardware vendor Cisco to modify its wireless access points (WAPs) during the manufacturing process.

The change was needed to ensure the WAPs could not be reset to factory default settings. Network hardware commonly comes with a discreet button providing this function.

Meadows said her department had asked Cisco to disable this "God" button due to security concerns.

She also said ordering such a large number of WAPs -- approximately 10,000 -- was not easy. "Cisco didn't have [that many] sitting on their shelves," she said.

The vendor's hardware was chosen for its superior coverage and roaming ability, according to Meadows.

She concluded that 99 percent of state schools now had wireless under the program, with some 15 schools not yet fully cabled.

Editorial standards