SV: [WIRELESS-LAN] Cisco ISE?

[Anders Nilsson]

Anyone using the client onboarding feature in ISE and if so what is your 
experience?


Cheers
Anders Nilsson
Umeå University
Sweden

Från: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] För Joe Roth
Skickat: den 7 november 2012 03:19
Till: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Ämne: Re: [WIRELESS-LAN] Cisco ISE?

We are running Cisco ISE for wireless only, it was implemented over the summer. 
We are currently at version 1.1.0.665 with an upgrade to 1.1.2 planned for 
early next week.

We are using it to support both a WPA2/PEAP SSID, as well as a mac 
authenticated "gaming" SSID. We are not using the supplicant, endpoint 
compliance, SGA or guest pieces.

If you want anything more specific feel free to send some questions my way.

On Tue, Nov 6, 2012 at 2:08 PM, Lee H Badman 
mailto:lhbad...@syr.edu>> wrote:
Is anyone yet using Cisco ISE? To what degree of feature set?

Thanks,

Lee

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.



--
Joe Roth
Networking Group
Binghamton University
Ph. 607-777-7528
Fax 607-777-4009
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Cisco ISE?

[Joe Roth]

We are running Cisco ISE for wireless only, it was implemented over the
summer. We are currently at version 1.1.0.665 with an upgrade to 1.1.2
planned for early next week.

We are using it to support both a WPA2/PEAP SSID, as well as a mac
authenticated "gaming" SSID. We are not using the supplicant, endpoint
compliance, SGA or guest pieces.

If you want anything more specific feel free to send some questions my way.


On Tue, Nov 6, 2012 at 2:08 PM, Lee H Badman  wrote:

> Is anyone yet using Cisco ISE? To what degree of feature set?
>
> Thanks,
>
> Lee
>
> Lee H. Badman
> Network Architect/Wireless TME
> ITS, Syracuse University
> 315.443.3003
>
> **
> Participation and subscription information for this EDUCAUSE Constituent
> Group discussion list can be found at http://www.educause.edu/groups/.
>



-- 
Joe Roth
Networking Group
Binghamton University
Ph. 607-777-7528
Fax 607-777-4009

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

FW: [mdnsext] BoF today, minuter taker and Jabber relay needed

[Johnson, Neil M]

For those interested in the Apple Bonjour/Airplay issues, Sorry for the short 
notice, but if you are interested in participating in the development  of 
mdnsext (Extensions to Bonjour protocols). Information is below.

Live audio is available and hopefully there will be jabber (XMPP) chat session. 
See the links in the forwarded message.

These are technical discussions about extensions to mDNS (Bonjour) protocols to 
allow for cross-subnet discovery of Bonjour devices.


-Neil

--
Neil Johnson
Network Engineer
The University of Iowa
Phone: 319 384-0938
Fax: 319 335-2951
Mobile: 319 540-2081
E-Mail: neil-john...@uiowa.edu


From: Tim Chown mailto:t...@ecs.soton.ac.uk>>
Date: Tuesday, November 6, 2012 9:11 AM
To: "mdns...@ietf.org" 
mailto:mdns...@ietf.org>>
Subject: [mdnsext] BoF today, minuter taker and Jabber relay needed

Hi,

The mdnsext BoF is today at 15:20 US Eastern Time. The agenda is below.
Slides are available here: 
https://datatracker.ietf.org/meeting/85/materials.html.
Remote participation details are here: 
http://www.ietf.org/meeting/85/remote-participation.html

Thomas and I will need someone to take minutes, and a Jabber relay - volunteers 
welcome!

Tim

Agenda: https://datatracker.ietf.org/meeting/85/agenda/mdnsext/

Extensions of the Bonjour Protocol Suite (mdnsext) BoF

TUESDAY, November 6, 2012
1520-1650 Afternoon Session II

Grand Ballroom C

=  *

* Administravia (10 mins)
  Note Well
  Agenda bashing
  (Chairs)

* Goals of the BoF (10 mins)
  NB. RFC5434, Section 1
  (Chairs)

* Use cases for Bonjour in routed networks (15 mins)
  (Stuart Cheshire)

* Requirements (25 mins)
  draft-lynn-mdnsext-requirements-00
  (Kerry Lynn)

* Open discussion (20 mins)
  Charter bashing

* Questions and Conclusion (10 mins)
  Next steps towards a WG?



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

___
mdnsext mailing list
mdns...@ietf.org
https://www.ietf.org/mailman/listinfo/mdnsext

Cisco ISE?

[Lee H Badman]

Is anyone yet using Cisco ISE? To what degree of feature set?

Thanks,

Lee

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] See you at Educause...(Denver, CO)

[Colleen Szymanik]

Yes, we deal with robotic devices not having support for 802.1x as well, but 
also the lower end video and ereaders, like Nooks and Roku (there's a $50 
version that is wireless only and the lower Kindle version - not fire).  We use 
EAP-TTLS and the Nooks took out the certificate support (since our bookstore is 
B&N, it doesn't help matters).

We haven't heard of too many complaints about the lack of 802.1x support for 
printers (I think students have decided it's not worth supplying their entire 
floor color ink cartridges these days).  And Wii hasn't been an issue (we 
haven't supported data rates lower than 11 for years - we tell them to plug in 
their Wii and most gaming consoles).  

At this point, we need to figure out better long term strategies for these 
types of devices, which is why I was trying to see if it could be added to the 
discussion.  With the advent of refreshing wireless hardware for new standards 
like 802.11ac and the next generation, I want to get us to a point where we 
able to have good options moving forward.

Given all that, I wanted to assess where others were with location based 
services.  We have everything setup here to maintain the same IP address as you 
roam across campus.  We are looking to see if we can start to tie that into 
building resources like location based printing.  Also, we had IPv6 enabled for 
all of our wireless networks but the L3 mobility piece wasn't ready yet, so we 
are waiting for some other fixes.  I would love to hear a measurement of where 
others are with IPv6 support.  

  
-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Frank Sweetser
Sent: Tuesday, November 06, 2012 6:42 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] See you at Educause...(Denver, CO)

One other related category that we've run into a few times is research 
equipment, most notably robotics.  I just recently dealt with a brand new, 
state of the art $200k robot that only supports PSK - no 802.1x support at all.

While they're not that dissimilar from the consumer grade devices (in the above 
robot, I suspect it's wireless was in fact provided by a consumer grade belkin 
adapter), the "critical academic research" classification and the amount of 
research money behind them effectively means they have to get treated very 
differently than "my Wii can't stream netflix" complaints.

Frank Sweetser fs at wpi.edu|  For every problem, there is a solution that
Manager of Network Operations   |  is simple, elegant, and wrong.
Worcester Polytechnic Institute |   - HL Mencken

On 11/5/2012 8:46 PM, Hanset, Philippe C wrote:
> Colleen,
>
>> - What are others doing to support home networking products in the 
>> enterprise (besides just Apple products)?  Ways to do this without having to 
>> completely adapt a vendor solution & be locked into an end to end solution.
>>
>
> Could you (or anyone on the list) give a few examples of home 
> networking products that you have in mind and the challenges that come with 
> them I can think of:
> Printers (interference, security, being on same layer 2) the slew of 
> Apple products (and equivalent products) (the challenges of mDNS) Game 
> consoles (the ones that cannot do 802.1x) What else?
>
>
>> - Any good success stories with IPv6 on wireless? Or location based authZ on 
>> wireless?
>
> Any specific use case for Location based AuthZ on Wi-Fi?
>
>>
>> I know I'll have access to login after the conference is over to review the 
>> session, so I hope these will be discussed!
>>
>
> The session is not recorded but we will try to provide a good summary 
> of the discussion back on the list
>
> Thanks,
>
> Philippe
>
>> Colleen Szymanik
>> University of Pennsylvania
>>
>> On Nov 5, 2012, at 2:44 PM, "Entwistle, Bruce" 
>>  wrote:
>>
>>> I am unable to attend but would be interested in comments related to the 
>>> topics mentioned.
>>>
>>> Bruce Entwistle
>>> Network Manager
>>> University of Redlands
>>>
>>>
>>> -Original Message-
>>> From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
>>> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hanset, 
>>> Philippe C
>>> Sent: Friday, November 02, 2012 4:25 PM
>>> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
>>> Subject: [WIRELESS-LAN] See you at Educause...(Denver, CO)
>>>
>>> The Wireless-LAN session is on Wednesday Nov 7, from 10:30 till 11:20 
>>> Mountain Time, room 402.
>>>
>>> Topics that come to mind:
>>>
>>> -802.11AC Why wait? Why jump?
>>> -How to empower users with Bonjour needs?
>>> (or consequences for not doing it)
>>> -Is Wireless management slowly moving to the switch? What does it mean for 
>>> us?
>>> (Will it all work with openflow seamlessly?)
>>>
>>> Any other topic you want us to discuss?
>>>
>>> Thanks,
>>>
>>> Have a good Weekend,
>>>
>>> Philippe
>>>
>>> Univ. of TN
>>>
>>> **
>>> Participation and subscription informati

Re: [WIRELESS-LAN] See you at Educause...(Denver, CO)

[Frank Sweetser]

One other related category that we've run into a few times is research 
equipment, most notably robotics.  I just recently dealt with a brand new, 
state of the art $200k robot that only supports PSK - no 802.1x support at all.


While they're not that dissimilar from the consumer grade devices (in the 
above robot, I suspect it's wireless was in fact provided by a consumer grade 
belkin adapter), the "critical academic research" classification and the 
amount of research money behind them effectively means they have to get 
treated very differently than "my Wii can't stream netflix" complaints.


Frank Sweetser fs at wpi.edu|  For every problem, there is a solution that
Manager of Network Operations   |  is simple, elegant, and wrong.
Worcester Polytechnic Institute |   - HL Mencken

On 11/5/2012 8:46 PM, Hanset, Philippe C wrote:

Colleen,


- What are others doing to support home networking products in the enterprise 
(besides just Apple products)?  Ways to do this without having to completely adapt 
a vendor solution & be locked into an end to end solution.



Could you (or anyone on the list) give a few examples of home networking 
products that you have in mind and the challenges that come with them
I can think of:
Printers (interference, security, being on same layer 2)
the slew of Apple products (and equivalent products) (the challenges of mDNS)
Game consoles (the ones that cannot do 802.1x)
What else?



- Any good success stories with IPv6 on wireless? Or location based authZ on 
wireless?


Any specific use case for Location based AuthZ on Wi-Fi?



I know I'll have access to login after the conference is over to review the 
session, so I hope these will be discussed!



The session is not recorded but we will try to provide a good summary of the 
discussion back on the list

Thanks,

Philippe


Colleen Szymanik
University of Pennsylvania

On Nov 5, 2012, at 2:44 PM, "Entwistle, Bruce"  
wrote:


I am unable to attend but would be interested in comments related to the topics 
mentioned.

Bruce Entwistle
Network Manager
University of Redlands


-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Hanset, Philippe C
Sent: Friday, November 02, 2012 4:25 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] See you at Educause...(Denver, CO)

The Wireless-LAN session is on Wednesday Nov 7, from 10:30 till 11:20 Mountain 
Time, room 402.

Topics that come to mind:

-802.11AC Why wait? Why jump?
-How to empower users with Bonjour needs?
(or consequences for not doing it)
-Is Wireless management slowly moving to the switch? What does it mean for us?
(Will it all work with openflow seamlessly?)

Any other topic you want us to discuss?

Thanks,

Have a good Weekend,

Philippe

Univ. of TN

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.



**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.