As long as the device has a browser there shouldn't be any reason to outright white list (as in allowing the device via a MAC address filter). I avoid MAC filtering whenever possible since it's so easy to spoof.
NAC makes it fairly simple to setup different access based on OS detection. We don't currently require Apple (Although we do offer the OS X agent as an option) or Linux users to use the NAC agent, but we do require authentication via the NAC web login. iPad/iPhone/iPod Touch/Android devices all login via the web login. Most of the new tablets will be Android based, plus some Windows and WebOS. I don't see why any of those will be an issue. We do use specific MAC filtering for our Gaming network since the Game Consoles won't launch a browser until after they have successfully connected to Xbox Live/Playstaytion Network. I'm sure it wouldn't be too difficult to allow that traffic in the unauthenticated role, but I haven't had time to test it. We have a formal registration process for users requesting this type of access. I won't consider doing MAC wildcard white listing since that would make it extremely easy to spoof your way past NAC. _____________________________ Rob Biddle Network Systems Engineer / Administrator College of Mount St. Joseph From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Chris Zeigler Sent: Thursday, January 13, 2011 12:27 PM To: [email protected] Subject: 80 New Tablets CES was saying 80 new tablets should be out this year alone. As it stands at this time on our campus, we're simply whitelisting any students that come in with iPads and iPhones, but we haven't really seen any other devices. I'm curious to know what everybody else will be doing for tablets, gaming systems, etc. Chris Zeigler System Administrator Mary Baldwin College Staunton, VA 24401 540-887-7362 [email protected]<mailto:[email protected]>
