On 2 and 3 July, Ukrainian NREN URAN Association completed connections of the first two institutions to eduroam (global Wi-Fi roaming) using the newly release eduroam managed IdP service. What is this service and who can benefit from it?
What is eduroam?
eduroam is secure Wi-Fi access designed for the international research and education community and accessible in over 100 countries worldwide. It allows researchers, staff and students to connect to the internet in thousands of locations securely and for free.
For the eduroam service to work in any organization, it needs a set of software and hardware. It is necessary to produce passwords and logins, i.e. act as an identity provider, IdP. This Identity Provider maintains the records necessary for users to access eduroam. The institution must maintain its own database plus have a software server (RADIUS server) that will perform the authorization.
“For small institutions, this might be too complicated,” says Yevhenii Preobrazhenskyi, Executive Director of the URAN Association. “First, the technical staff must have special knowledge and skills, which means that it must be trained; secondly, IT specialists should spend additional time on database maintenance; thirdly, it takes time and money to purchase a server and set up the software. And all these efforts – in order to create a database of only fifty/one hundred users, sometimes even less. Until recently, due to such restrictions, small research and educational institutions of Ukraine did not dare to connect to eduroam”.
eduroam managed IdP, a perfect solution for small institutions
To facilitate participation in eduroam for small organizations, GÉANT has developed a service called eduroam managed IdP. Through participation in the EaPConnect project, the URAN Association can offer such a connection to its customers.
Yevhenii Preobrazhenskyi explains:
“In fact, this is a kind of web portal where you can open an access page for a small institution. On this page, it will enter information about itself and begin to create a database of its users, and those users will be able to log in to the eduroam. No need to buy and configure a RADIUS server. The only restriction is no more than 200 users per organization.”
eduroam managed IdP does not provide the eduroam hotspot in the institutions, but its employees will still be able to use eduroam wherever there are such hotspots. When the institution decides to install an eduroam hotspot, then we can link the hotspot hardware to our central server, and the institution will be able to connect eduroam users. That is exactly what happened in the case of the Mykolaiv Observatory”.
First connections in Ukraine
On July 3, Yevhenii congratulated his team on the fact that two first Ukrainian organizations were connected to the eduroam by the managed IdP service. It is the Institute of Magnetism of the National Academy of Sciences of Ukraine, with a team of 56 researchers, and the Mykolaiv Observatory, with a team of 20 researchers. In addition, one eduroam hotspot has been set up and launched on the territory of the observatory, and it is displayed on the global map. This means that staff from the Institute and Observatory can connect to eduroam anywhere in the world and visiting researchers will also now be able to use eduroam while they are on site.
Even if your research and educational institution have a staff of just a few people and you do not have the money and human resources to deploy a RADIUS server and maintain a user database, you can still provide your employees with secure access to global Wi-Fi roaming. You just need to contact the URAN Association’ experts, and they will advise you in detail and answer all your questions. Feel free to call or write to the technical department.