By Maureen Wanja,Systems Administrator ,KENET

Introduction
Kenya Education Network (KENET) is a national research and education network that promotes the use of information telecommunications technology (ICT) in teaching, learning and research in higher education institutions in Kenya. KENET aims to interconnect all the universities, tertiary and research institutions in Kenya by setting up a cost effective and sustainable private network with high speed access to the global Internet. KENET also facilitates electronic communication among students and faculties in member institutions, share learning and teaching resources by collaboration in research and development of educational content.

Kenya Education Network under the Kenya transparency and communications infrastructure project (KTCIP) phase 2 lot 3 project was able to implement a total of sixty two access points in ten universities across Kenya and with partial funding from Google and Kenya Education Network was able to implement in nine more universities a total of thirty-one access points. This makes a total of nineteen Universities and a total of ninety-three access points.

Objectives
There has been a trend with most universities in Kenya who are now opting to automate their services through use of enterprise resource planning (ERP). Thus the students will be able to do services like online registration, check online timetable, check grades on-line and many other services. Most of the universities are opting to also put up lecture notes and continuous assessment tests (CATs) online for ease of access. Thus the students need to be able to access these resources. Not all the universities have enough computers in the computer labs for students to access. Yet again the computer labs are only accessible during limited times of the day.

The projects aimed to increase connectivity to the students and enable them access University resources even after business hours. More and more universities allow students to bring their personal computers to the campus network and some like Jomo Kenyatta University of Agriculture and Technology (JKUAT) are looking to make it a requirement that each student joining the University has a laptop.

The ninety-three access points may seem like a small number of access points, however most Kenyan Universities have a poor or nonexistent wireless network and the access points that were setup went a long way in extending the coverage.

The other objective of the project was to implement eduroam.

What is eduroam?
eduroam, education roaming (www.eduroam.org ) is the secure, world-wide roaming access service developed for the international research and education community. eduroam allows students, researchers and staff from participating institutions to obtain internet connectivity across campus and when visiting other participating institutions by simply opening their laptop.

To get more information on where to find eduroam in Kenya, kindly visit www.eduroam.ac.ke.

Project overview
The two projects underwent a tendering process under strict KENET procurement process. The winning bids were selected and awarded to Dimension Data Kenya and Circuit Business Systems Kenya.

The access points implemented were lightweight access points. These are access points that rely on a controller for management. Some Universities had Cisco access points while others had HP access points implemented. KENET also provided some uninterruptible power supply (UPS) and servers to the Universities where needed.

Challenges
LAN design
The wireless local area network (LAN) was setup as an extension of the LAN at the universities and relied on the campus backbone so as to extend access to the students/ faculty at the various locations. Some of the campus networks do not have a proper design and would just be a basic flat LAN and would not scale properly.

One of the requirements for setup of the wireless was that the wireless local area network (WLAN) to be on its own virtual local area network (VLAN). Yet in some of the universities they had a flat network, lacked intelligent switches and could not implement VLANS.

There was also lack of poor documentation of the existing LAN and WLAN at the Universities that delayed implementation.

Some universities lacked proper internet protocol (IP) address management and allocation policies. One university even had a /24 address block assigned to the WLAN. This would not scale well and they had to re-evaluate the IP address management and allocation policies at some of the universities.

Electrical power
Some of the universities are located in areas where the mains power supply is not constant and would experience frequent power outages. The universities have invested in a diesel generator, however the generator would not serve the entire campus and some of the access points and active devices would not be powered.

Lack of clean power for the access points and network equipment was highly lacking in most of the universities. The universities need to invest in centralized UPS systems for example on a per building basis. Powering the network devices and access points directly to the mains power supply put the devices at risk of being damaged by power surges. At some of the universities, UPS’s were installed so as to prevent damage of the equipment.

It was also noted at some of the locations where the universities had a high population of students gathering to use the wireless network lacked electrical sockets so as for them to keep recharging their laptops and other portable devices. This meant the students could not work continuously and would need to keep recharging the wireless devices at a separate location, mostly halls of residence.

WLAN policies
Most of the universities lack well defined policies on the usage of the frequency spectrum within and around the campus. Some universities have allowed commercial providers to set-up wireless devices within the campus and are using the free license band. The commercial devices cause interference to the campus WLAN devices. A well-defined usage of the frequency spectrum would avoid the interference of the campus WLAN.

Due to lack of proper wireless coverage at the university, one would find that the students would setup an access point and join it to the LAN. This is a high security threat as the students could join a network that is highly restricted. The university should enforce port security on the switches preventing students/ malicious persons from setting up rogue access points.

Technical Capacity
The universities lacked skilled technical capacity that was capable of managing and administering both the wired and wireless network. Some universities had the LAN designed and implemented by external contractors, however once the contractor left site, the technical team could not administer it fully. This proved a challenge for some of the network administrators to even create a VLAN or Dynamic Host Configuration Protocol (DHCP) range to be used for the wireless LAN.

Wireless Security
Moving the campus WLAN to eduroam was a challenge as the universities either lacked a compatible database or the database was not up to date. There were instances that the university would have the faculty on registered on the database like Active Directory but not the students.

In some universities they did not have a database of the students/faculty thus had to setup a MySQL database that the network engineers could populate using the details of the students and faculty. This was setup on the server that was delivered and installed at the university as part of the project. This was quite essential so as to fully implement eduroam at the University.

Bandwidth management and Optimization
Most of the universities do not buy enough bandwidth for the campus and also lack any form of bandwidth management. Thus some Universities opted to switch off the wireless LAN as they figured how to do some form of bandwidth management. Some of the Universities decided to limit the amount of bandwidth on the wireless and others opted to block some sites and services. We at KENET decided to conduct a training so as to enable the Universities to have the skills to manage the devices and also do BMO policies on their network.

Training
Cisco Certified Network Associate (CCNA) Wireless training was conducted on July 29 to August 2, 2013. This was a vendor specific training to enable the network administrators manage the wireless devices.

KENET also conducted a Campus WLAN and BMO Training from August 11 to August 24, 2013. This was to enable the Network Administrators at the University gain skills on how to effectively manage the campus bandwidth.

Leave a Reply