"You want to prevent devices with their own access portals or hotspots from trying to get online"
No more limits for IoT at UvA and HvA thanks to iotroam
Internet of things (IoT) is here to stay. More and more devices need internet access via Wi-Fi to function. They also notice this at the University of Amsterdam (UvA) and Amsterdam University of Applied Sciences (HvA). When SURF made a pilot for iotroam available, they grabbed it with both hands.
Solving an acute problem
The pilot solved an acute problem for them. Because by no means all IoT devices can be easily connected to eduroam (a simple and secure way to access the institution's fixed and wireless network), SURF launched a pilot with a central platform where institution users can easily register their devices and manage those data. The UvA/HvA used iotroam in the pilot phase.
Fitness equipment linked to own group
"It started with fitness machines from the USC, the university's sports centre, which had installed its own equipment because we could not facilitate them," explains Gertjan Scharloo, who worked as IT consultant at the UvA/HvA at the time. "The introduction of iotroam was interesting for us because it allows the MAC addresses of the fitness machines to use our own Wi-Fi network. On iotroam's platform, we created a group for all the fitness devices. This allows us to connect them to a separate network, an isolated environment where the contacts themselves can register and manage the equipment. This way, we immediately know who is our point of contact in case of incidents."
Hundreds of AEDs on wifi
"After this flying start, a request came in from the facilities department of the HvA/UvA. Automatic external defibrillators (AEDs) were to be installed in all buildings. AEDs contact the cloud once in a while to report the battery status. That signal can be sent via Wi-Fi or GSM. Scharloo: "Wi-Fi was chosen because otherwise a GSM subscription would have to be taken out for all devices. With that, hundreds of devices immediately came on iotroam, which was in pilot with us at the time."
Interest in iotroam increases
Because of corona, many more devices were added in a short time. These included CO2 meters and aerosol sensors, which monitor the air quality in the premises. In addition, Scharloo sees teachers increasingly working with robots and circuit boards. As a result, interest in iotroam is increasing. If it were up to Scharloo, iotroam would become an official service within the HvA/UvA as soon as possible. For that to happen, however, something still needs to be done. "The need is there, but we want iotroam to be more robust and controllable. Some fine-tuning is needed, especially in terms of security."
From customisation to standard product
The fact that more and more devices within educational institutions need internet access is leading to creative and sometimes confusing solutions. Scharloo says: "Now you see devices trying to get online with their own access portals or hotspots, outside the infrastructure you manage yourself. And that's exactly what you want to avoid as an institution."
"No matter what kind of equipment you work with, you can always connect"
Scharloo advises other higher education institutions to take stock of what faculties are up against. "Where eduroam does not suffice, customisation is often applied. SURF can help to introduce a standard product with iotroam, which you can use immediately. It is linked to SURFconext and you can log in federally with existing credentials. You can also immediately use the web portal, which allows you to register all devices and bring them securely online."
According to Scharloo, the big advantage of iotroam is its flexibility. He uses iotroam in addition to eduroam. "The strength of iotroam is that it is vendor-neutral. No matter what kind of equipment you work with, you can always connect."
In the future, he would like to see iotroam more advanced. "Similar vendor-specific products offer more features, such as fingerprinting. Different types of devices are automatically recognised and categorised. With iotroam, we can manually put devices into groups ourselves, for example based on the type of operator system or features that need extra security. But it would be even better if that happens automatically."