The purpose of this policy is to define policy for connecting to the Fifth Judicial District Department of Correctional Service (District) network through wireless networking. These standards are designed to minimize the potential exposure of the District from damages which may result from unauthorized use of District resources. Damages include the loss of sensitive or confidential data, intellectual property, damage to public image, damage to critical District internal systems, etc.
This policy applies to all District employees, contractors, vendors and agents with a District -owned or personally-owned computer or workstation used to connect to the District network.
With the Institute of Electrical and Electronics Engineers (IEEE) ratification of the 802.11b standard for wireless networking in 1999 and the subsequent proliferation of interoperable, affordable products that support that standard, wireless LAN technology (WLAN) has established itself as an important complement to the traditional wired data network because of the mobility they provide. 802.11b WLAN technology is also beneficial for gaining network access in locations that are difficult, expensive, or inconvenient to wire. Examples include outdoor areas, conference rooms, rooms with solid walls (to avoid running cables in unattractive surface-mounted conduit), structures with asbestos, and historical buildings with strict regulations governing modifications. Despite these advantages, 802.11b WLANs have their limitations. For example, they are an order of magnitude slower than wired LANs. Despite claims of 11 Megabits per second (Mbps) of bandwidth, the practical limit is about 5 Mbps -- and that's shared among all people using that Access Point. Consequently, it is not hard for one person to monopolize the bandwidth of an Access Point and kill the performance for the other people using it. Compare that to a typical wired, switched network connection on the District campus that is dedicated to one computer and operates at 100 Mbps in full duplex (i.e., you get nearly the full 100 Mbps in both directions -- incoming and outgoing data traffic). WLANs are also inherently insecure. Tools are readily available to capture data packets from the airwaves and thereby "snoop" on someone else's communications. Consequently, wireless users must take extra precautions and adhere to standards to ensure secure communications over a WLAN.
Use of non-District owned Wireless Access Points for network access, including Remote Access, is not permitted at any time.
Installation and Management
Radio Signal Interference
802.11b: An IEEE standard for wireless data networking rated at 11 Megabits per second throughput operating in the FCC unlicensed 2.4 GHz Industrial/Scientific/Medical (ISM) band and using Direct Sequence Spread Spectrum (DSSS) technology to transmit the signal. The range of the signal indoors is up to 150 feet at 11 Mbps (300 feet diameter), or 800 feet outdoors. The range and strength of the signal are reduced significantly as it passes through walls, floors, and other physical structures.
802.11a: An IEEE wireless network standard currently under development that increases the bandwidth to 54 Mbps per Access Point, but decreases the range of the signal to about 35 feet indoors. It operates in the 5 GHz unlicensed National Information Infrastructure (U-NII) frequency range.
Access Point: A hardware device that serves as a communications "hub" for wireless clients and provides a connection to the wired LAN.
Bluetooth: An IEEE wireless networking standard (802.15.2) operating in the 2.4-GHz frequency band designed for lower power and shorter range (less than 30 feet) than 802.11b, hence its label as a "personal area network" wireless technology (WPAN). It's designed to replace cables that connect devices, such as a Personal Digital Assistant (PDA) to a desktop computer, rather than functioning as an extension to a wired network like 802.11 wireless networks. Bluetooth uses a spread spectrum, frequency hopping, full-duplex signal at up to 1600 hops/sec.
SSID: The "Service Set Identifier" may be used as a relatively insecure security key for a WLAN, somewhat like a password. If the SSID is set in the Access Point, then only client wireless cards configured with the same SSID may connect to that Access Point.
WEP "Wired Equivalent Privacy" that provides limited security to a wireless connection by encrypting all data transmitted between the computer and the Access Point. At this time, 40-bit and 128-bit WEP is available on most vendors’ Access Points, and District supports both.
Wireless PC Card: Hardware device in a client computer (most often a card that fits in a Personal Computer Memory Card International Association (PCMCIA) Type II slot in a notebook computer) that communicates with an Access Point via radio signals (i.e., without wires). Also known as "wireless client adapter".
WLAN: "Wireless Local Area Network". The term often used for a wireless network within a limited area consisting of one or more wireless Access Points that provide network connectivity to computers equipped with wireless capability (usually a notebook computer with a wireless PC card). In essence, a WLAN provides the functionality of a wired LAN without the physical constraints of the wire.
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.