Tip:
Highlight text to annotate it
X
Hello there.
So let's start this Hangout about Campus Wi-Fi in MENA.
So I'm Hisham Yehia.
I'm from the infrastructure and access team.
We try to bring more people online in the Middle East and
north Africa.
And this will be done by reducing access barriers and
making the internet relevant and affordable for people.
So basically, we have several initiatives and projects in
MENA, with a main focus on universities and higher
education, in general.
So we believe that internet connectivity
is no longer a luxury.
And it allow students and professors to access
information, share knowledge, and create an environment that
makes learning more meaningful.
So campus Wi-Fi is one of these initiatives.
Let me start by showing you some of the main internet
access challenges inside the campus.
So the accessibility, which means we need to have access
the internet.
It can be wireless access or wired access.
So sometimes in universities, we have labs with desktop
computers, where we can have access to the internet.
But wireless access is more relevant, because now we have
smartphones and laptops.
The availability is about having an always on
connectivity, which means any time you would like to go to
the internet, make some web browsing, or use Google Apps
to send email, we would like to be always on and to have
the connectivity all the time.
Also quality of service, QoS, is one of the major important
aspects of campus internet access.
Because sometimes we do have access points or wireless
coverage inside the campus, but with a poor quality of
service so that it can be impossible
even to send an email.
And finally, security is important--
security and confidentiality of the information in order to
send emails and save documents on the cloud without any
security issues.
Now let's have look at the campus
internet access framework.
So when we talk with IT admins of universities and faculties
in the Middle East and North Africa, sometimes wireless
connectivity is just perceived as deploying access points and
that's all.
In fact, there are four important aspects for any
internet access connectivity inside the campus.
The first one is the last mile aspects, which means the
wireless coverage or the wired connectivity bandwidth
management and quality of service and security.
The second aspect is the back holding.
So back holding is the connectivity between the
different campuses and the different buildings.
So what you can see is that usually the IP connectivity or
the internet connectivity is provided to one building in a
university, and then all of the buildings will be
connected to this central location where we have the
internet gateway or the main router.
So it is important to have a good back holding, or
inter-sites, inter-campus network to support the traffic
that will be generated by the different campuses or
different buildings.
Also operations and maintenance is one important
aspect here.
What happens if one access point or the main router in
the central IT location is down?
So we need to have an IT help desk with a ticketing system,
in order to escalate any major problem.
Also IT admins have to deploy network monitoring tools to
make sure that all the devices are working properly.
The final aspect is the optimization.
This is a continuous task done by the IT admins to optimize
the current infrastructure of the
internet inside the campus.
So in the access and infrastructure team, we have
different projects to cover these four main aspects.
And now I will talk about the campus Wi-Fi that will cover
more of the last mile aspects of the
internet access framework.
So basically, this is the campus Wi-Fi.
We have the access points that can be deployed.
This is the back end or the access controller.
So the access controller will provide several functions
important to authenticate the users and also to authorize
the users to use specific services inside the campus.
So this access controller is basically a firewall that will
filter all of the traffic.
The users will connect to the access points with an open
SSID, without any encryption.
The access controller will intercept the traffic.
And the user will be redirected to a captive portal
to enter his user name and password.
And once the user is authenticated, he will be able
to have full connectivity to the internet.
So this is the first function, which is the firewall.
Now we have a triple A. A triple A is an authentication,
authorization, and accounting server.
So here, we would like to authenticate the users and
give access to the internet to the students and the staff of
the faculty, and that's for everyone.
So that's why you have an integration between this
access controller and Google OAuth API.
So the idea is to have what we call a federated
authentication.
So instead of having one username and password to have
access to the internet, and then having a second login and
password to connect to the mailbox and Google Apps, you
can have only one login and password, which
is the Google Identity--
the Google Apps account--
to access all of the services that will be provided by the
faculty or the university.
Also, we have the GHCP to provide dynamic IP addresses
to the terminals and the captive portal, of course, to
use your Google Apps login and password to connect.
And finally, a web caching--
so the web caching is mainly a server that will download the
most popular websites and videos in order
to serve the users.
So this, the web caching will basically optimize the web
traffic by caching the most popular contents on the access
controller.
So these are the main features supported by campus Wi-Fi--
federated authentication and single sign on.
So using your Google Apps identity, you'll be able to
access the internet, your mailbox, and all of the
services provided by the university.
This is radio-agnostic, which means that the access
controller can be deployed with any type of access points
from any manufacturer.
And we have the traffic shading capabilities, which
means the IT admin will be able to make some policies to
give priority to the most important traffic.
So now let me share with you a video about campus Wi-Fi.
So basically, you will be able to access the Wi-Fi access
points without any encryption or username or password.
When you try to log in or to browse on the internet, you
will be redirected to a captive portal.
You will be prompted to enter your username and password,
which is the Google identity.
[ELECTRONIC MUSIC]
And then you will have access to the internet using your
Google identity.
[ELECTRONIC MUSIC]
So this is how the IT admin of the faculty or the university
will be able to authenticate and authorize this.
So now we will launch a pilot in one of the universities in
the region.
It's the University of Marrakesh.
The pilot will be-- we start deployment
by end of this year.
We have all of the subcontractors and the system
integrator on site in Marrakesh, ready for
deployment.
We will evaluate the pilot during the next two months.
And we would like-- would be happy to--
support other universities to deploy the
same kind of solution.
So if you think that in your university or faculty there's
a potential to deploy this kind of solution, don't
hesitate to contact me.
And we will be in touch with the IT admin of the university
to see how can we deploy this kind of solution in your
university.
Thank you.