eduroam for universities, research institutes, schools…
A single solution for all your mobile connectivity needs
Why do we need eduroam?
With research teams and students becoming ever more mobile, the need to provide visitors with secure access to Wi-Fi can cause large administrative headaches.
Resources must be allocated either to providing and supporting temporary accounts on a person by person basis (which is extremely expensive on a large campus), or to creating and managing guest accounts. Even if changed daily, these guest accounts can cause audit issues, as many simultaneous users share the same account making it difficult to track any inappropriate web use.
What are the benefits of eduroam to institutions?
The cost of implementing and maintaining eduroam is modest.
The service results in significant cost savings through reduced IT department workload:
- eduroam provides a single solution that accommodates all the mobile connectivity requirements of an institution – supporting local users connecting to the local network, visitors connecting to the local network and local users connecting to other participating networks.
- eduroam removes the need to supply temporary accounts to visiting users, so reducing the administrative and support burden imposed by the ever-growing movement of students and researchers between institutions and countries.
- Because visiting students, staff and researchers use their eduroam ‘home’ credentials to access Wi-Fi services on campus, they have a quick, easy and secure way to get online without campus IT support, so the campus IT team can focus on managing essential services for everyone. The secure login system means that passwords are kept private at all times and visiting staff can be allocated to a separate VLAN to keep traffic isolated.
New opportunities
With eduroam, your campus becomes a more attractive venue for meetings and conferences, as it allows participants to access the network without assistance, and without tying up your facilities.
By connecting to eduroam you provide your researchers, staff and students with access to thousands of participating hotspots world-wide when they are travelling either in your country or globally.
For more information on eduroam on campus visit the eduroam wiki.
How does eduroam work?
The technology
eduroam is based on 802.1X* and a linked hierarchy of RADIUS servers containing users’ data (usernames and passwords). Participating institutions must have operating RADIUS infrastructure and agree to the terms of use. eduroam can be set up in three easy steps:
- Set up a RADIUS server connected to your institutional identity server (LDAP).
- Connect your access points to your RADIUS server.
- Federate your RADIUS server.
The RADIUS hierarchy forwards user credentials securely to the users’ home institutions, where they are verified and validated.
To protect the privacy of the traffic from the user’s device over the wireless network, the latest up-to-date data encryption standards are used.
The user’s home institution is responsible for maintaining and monitoring user information, even when the user is at a guest campus. Thus, this data is not shared with other connected institutions.
*802.1X is an IEEE Standard for port-based Network Access Control and provides an authentication mechanism to devices wishing to attach to a LAN (local area network) or Wireless LAN.
eduroam CAT
The eduroam Configuration Assistant Tool (CAT) as been developed to help organisations offering their users eduroam access. The tool is customised to support your campus’s individual configuration and implements this across a variety of platforms.
CAT protects your users against rogue Wi-Fi hotspots accessing usernames and passwords. CAT greatly reduces the manpower required to implement eduroam and provides a better service both for you and your users.
CAT allows you to:
- login using federated access;
- upload server certificates, helpdesk contacts, institution information, eduroam settings etc.;
- choose to deeplink/embed CAT in your online information or send your users direct to CAT, where they can install and activate correctly-configured eduroam software on their own devices, saving you time;
- use a suite of tools to monitor and manage your campus eduroam service.
Contact your national-level Roaming Operator to authorise your use of CAT.
To find out more about CAT click here.