RE: [WIRELESS-LAN] Aruba and Bradford

2016-07-19 Thread Brian Helman 
Hey Julian,

Thanks for the reply.  What was the reason you kept Bradford once you decided 
to deploy ClearPass?  Does ClearPass not work well for the wired network?

-Brian

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Julian Y Koh
Sent: Tuesday, July 19, 2016 5:21 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Aruba and Bradford

On Tue Jul 19 2016 16:09:34 CDT, Brian Helman  wrote:
> 
> If you are an Aruba AND Bradford shop, what was you reason for using Bradford 
> vs Clearpass?  Our primary interest in NAC is onboarding and guest networks 
> (wired and wireless).  We are currently a Bradford shop.

Back when we were making our initial NAC decision to replace an old open source 
system for residence hall wired ports, it came down to Avenda vs. Bradford.  At 
the time, Avenda (dangit autocorrect keeps trying to change that to Agenda!) 
was pretty much brand new, and although we preferred the overall architecture, 
the end user experience was pretty raw.  So we ended up going with Bradford.  

Later on after Aruba bought Avenda and Amigopod and lumped all that together 
into ClearPass, we bought into that to replace our old Steel Belted RADIUS 
servers for authentication purposes and later on used the Amigopod 
functionality to service our guest wireless network captive portal (we had 
liked Amigopod from the beginning but gave Bradford a shot at that function 
first since we already owned that, and Amigopod was a little pricey).  

Now we use Bradford for device registration on the wired ports in the residence 
halls and public areas of the library.  We also use it to implement quarantine 
functionality on all wired ports across the institution.  Works fine for these 
purposes.  

ClearPass is used for central RADIUS authentication for wireless and various 
other services, guest registration, and quarantining for wireless.  Also works 
fine for those purposes.  


--
Julian Y. Koh
Associate Director, Telecommunications and Network Services Northwestern 
Information Technology

2001 Sheridan Road #G-166
Evanston, IL 60208
+1-847-467-5780
Northwestern IT Web Site:  PGP Public 
Key:

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] Aruba and Bradford

2016-07-19 Thread Julian Y Koh 
On Tue Jul 19 2016 16:09:34 CDT, Brian Helman  wrote:
> 
> If you are an Aruba AND Bradford shop, what was you reason for using Bradford 
> vs Clearpass?  Our primary interest in NAC is onboarding and guest networks 
> (wired and wireless).  We are currently a Bradford shop.

Back when we were making our initial NAC decision to replace an old open source 
system for residence hall wired ports, it came down to Avenda vs. Bradford.  At 
the time, Avenda (dangit autocorrect keeps trying to change that to Agenda!) 
was pretty much brand new, and although we preferred the overall architecture, 
the end user experience was pretty raw.  So we ended up going with Bradford.  

Later on after Aruba bought Avenda and Amigopod and lumped all that together 
into ClearPass, we bought into that to replace our old Steel Belted RADIUS 
servers for authentication purposes and later on used the Amigopod 
functionality to service our guest wireless network captive portal (we had 
liked Amigopod from the beginning but gave Bradford a shot at that function 
first since we already owned that, and Amigopod was a little pricey).  

Now we use Bradford for device registration on the wired ports in the residence 
halls and public areas of the library.  We also use it to implement quarantine 
functionality on all wired ports across the institution.  Works fine for these 
purposes.  

ClearPass is used for central RADIUS authentication for wireless and various 
other services, guest registration, and quarantining for wireless.  Also works 
fine for those purposes.  


-- 
Julian Y. Koh
Associate Director, Telecommunications and Network Services
Northwestern Information Technology

2001 Sheridan Road #G-166
Evanston, IL 60208
+1-847-467-5780
Northwestern IT Web Site: 
PGP Public Key:

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Aruba and Bradford

2016-07-19 Thread Brian Helman 
Feel free to ping me off-list.  I may sanitize/redact comments and repost them 
for the benefit of others though..

If you are an Aruba AND Bradford shop, what was you reason for using Bradford 
vs Clearpass?  Our primary interest in NAC is onboarding and guest networks 
(wired and wireless).  We are currently a Bradford shop.  I don't see a reason 
to change, but I'd like to understand the benefits (or drawbacks) for staying 
with Bradford (or moving to Clearpass, for that matter).

If you migrated from Bradford to Clearpass, would you do it again?  Pains?  
Successes?

Vendors:  This is not a solicitation for NAC's or wireless.  I'm collecting 
information.

Thanks!

-Brian




Brian Helman, M.Ed |  Director, ITS/Networking Services | *: 978.542.7272
Salem State University, 352 Lafayette St., Salem Massachusetts 01970
GPS: 42.502129, -70.894779


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Top P2P apps as classified by shapers?

2016-07-19 Thread Lee H Badman 
Thanks, Chris- that link is perfect for what I'm trying to see.

-Lee

Lee Badman | Network Architect (CWDP, CWNA, CWSP, Mobility+)
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Chris Adams (IT)
Sent: Tuesday, July 19, 2016 12:09 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Top P2P apps as classified by shapers?

Lee,

We use Fortinet Fortigate appliances extensively with great success at handling 
P2P traffic.

As a whole, we generally block the entire FortiGuard P2P category (among 
others), and then whitelist legitimate applications higher in the policy set. 
Skype, Steam, and Battle.net are a few examples of P2P traffic that we do 
allow. I have also been slowly moving our traffic shaping efforts off of Blue 
Coat PacketShapers and onto our FortiGates with great success and simplified 
administration.

If you'd like to see what is encompassed in the FortiGuard P2P category, you 
can view it here: https://fortiguard.com/appcontrol

I'm sure that PA has similar features that you are already utilizing.


Thanks,

Chris Adams, CISSP

Director, Network & Telecom Services
Division of Information Technology
University of North Georgia
E-Mail: chris.ad...@ung.edu | Office: (706) 867-2891

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, July 19, 2016 8:29 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Top P2P apps as classified by shapers?

Apologies for the dual-posting for those who fall into that.

I'm wondering if those schools running Palo Alto boxes and the like might be 
willing to share what your appliances are classifying as the top 10-15 P2P apps 
seen these days, whether you choose to block/limit them or not? Just want to 
sanity check one of our methodologies, and a few outside views would be helpful 
if anyone feels like sharing that information.

Regards,

Lee Badman

Lee Badman | Network Architect (CWDP, CWNA, CWSP, Mobility+)
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: point to point wireless bridge

2016-07-19 Thread Chris Adams (IT) 
Bruce,

 

We have a remote proctor site adjacent to one of our campuses that has been
online for 7 months using a pair of Ubiquiti Airfiber 5. The testing site is
CCTV intensive and we see ~300Mbps across this link very reliability pretty
much all day long.  We also push standard network and VoIP traffic across
the link. For the price, they are pretty hard to beat. If I were purchasing
them again today, I would consider the AirFiber 24 instead for the increased
throughput. I would estimate we are shooting about 300yds, and no doubt they
would work well at much greater distance. They come with built in GPS
locating mechanisms and support AES encryption. We power them with a set of
Ubiquity POE injectors and surge suppressors.

 

http://www.ispsupplies.com/brands/airFiber/Ubiquiti-AF24.html

 

http://www.ispsupplies.com/brands/airFiber/Ubiquiti-airFiber-5.html

 

Thanks,

 

Chris Adams, CISSP

 

Director, Network & Telecom Services

Division of Information Technology

University of North Georgia

E-Mail:   chris.ad...@ung.edu | Office: (706)
867-2891

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Entwistle, Bruce
Sent: Tuesday, July 19, 2016 12:02 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] point to point wireless bridge

 

We have been running a pair of Bridgewave GE60 units for several years to
link to some remote buildings.  We recently learned that these units are
reaching/reached EOL, so it is time to begin looking at replacing this
hardware.   I was looking to see what others have used for this type of
link.  The distance between the two units is about 200 feet and the bridge
units are connecting to 1Gb ports on the switches at each end.

 

Thank you

Bruce Entwistle

Network Manager

University of Redlands

** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/. 


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.



smime.p7s
Description: S/MIME cryptographic signature

Re: [WIRELESS-LAN] point to point wireless bridge

2016-07-19 Thread Coehoorn, Joel 
Hey, Max. Nice to know I'm not the only one here running Zebra.



Joel Coehoorn
Director of Information Technology
402.363.5603
*jcoeho...@york.edu *

The mission of York College is to transform lives through
Christ-centered education and to equip students for lifelong service to
God, family, and society

On Tue, Jul 19, 2016 at 11:12 AM, Max McGrath  wrote:

> We're a Motorola/Zebra shop and use AP7161s and AP7562s for bridges.  The
> link below (running on AP7161s) is probably 1/4 mile apart and we get
> phenomenal speeds.
>
>
> [image: Inline image 1]
>
> --
> Max McGrath  
> Network Administrator
> Carthage College
> 262-552-5512
> mmcgr...@carthage.edu
>
> On Tue, Jul 19, 2016 at 11:01 AM, Entwistle, Bruce <
> bruce_entwis...@redlands.edu> wrote:
>
>> We have been running a pair of Bridgewave GE60 units for several years to
>> link to some remote buildings.  We recently learned that these units are
>> reaching/reached EOL, so it is time to begin looking at replacing this
>> hardware.   I was looking to see what others have used for this type of
>> link.  The distance between the two units is about 200 feet and the bridge
>> units are connecting to 1Gb ports on the switches at each end.
>>
>>
>>
>> Thank you
>>
>> Bruce Entwistle
>>
>> Network Manager
>>
>> University of Redlands
>> ** Participation and subscription information for this EDUCAUSE
>> Constituent Group discussion list can be found at
>> http://www.educause.edu/groups/.
>>
>>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] FreeRADIUS server scaling for 802.1x

2016-07-19 Thread Victoria Poncini 
Hi Eriks,
Question: are you using radius proxies to front end controller auth requests to 
a Load balancer that sits in front of the Radius backend servers? Is the 
problem the bottleneck at the wlan controllers or the Radius servers regarding 
concurrent loading?

Thanks for your help with this question. Your presentation was very helpful. 

Best regards,

Victoria Poncini
UW-IT/ MOB
4545 15th Ave NE
Seattle, WA 98105
vponc...@uw.edu
Wk Phone: 206 685-8456


-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Eriks Rugelis
Sent: Tuesday, July 19, 2016 7:46 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] FreeRADIUS server scaling for 802.1x

David,
For what it is worth, here is a presentation on scaling of Wi-Fi authentication 
which we created for this year's CANHEIT conference.

https://canheit-hpcs2016.exordo.com/files/papers/145/presentation_files/1/CANHEIT2016_AuthBigWiFi.pptx

We use Packetfence, which uses FreeRADIUS under the covers but adds a layer of 
context switching which you wouldn't otherwise have if using only FreeRADIUS by 
itself.

Feel free to ask questions, either on the list or directly via email.
---
Eriks Rugelis
Manager, Network Development, University Information Technology York 
University, Toronto

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: point to point wireless bridge

2016-07-19 Thread Chad Burnham 
HI Bruce,

For the last link we moved to their newer Flex 4G-UHA model.  We had one (two) 
failures with that link, I am still awaiting root cause analysis from 
Bridgewave enginnering.  Tip; use their optics (finstar).

Chad


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Entwistle, Bruce
Sent: Tuesday, July 19, 2016 10:02 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] point to point wireless bridge

We have been running a pair of Bridgewave GE60 units for several years to link 
to some remote buildings.  We recently learned that these units are 
reaching/reached EOL, so it is time to begin looking at replacing this 
hardware.   I was looking to see what others have used for this type of link.  
The distance between the two units is about 200 feet and the bridge units are 
connecting to 1Gb ports on the switches at each end.

Thank you
Bruce Entwistle
Network Manager
University of Redlands
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] point to point wireless bridge

2016-07-19 Thread Max McGrath 
We're a Motorola/Zebra shop and use AP7161s and AP7562s for bridges.  The
link below (running on AP7161s) is probably 1/4 mile apart and we get
phenomenal speeds.


[image: Inline image 1]

--
Max McGrath  
Network Administrator
Carthage College
262-552-5512
mmcgr...@carthage.edu

On Tue, Jul 19, 2016 at 11:01 AM, Entwistle, Bruce <
bruce_entwis...@redlands.edu> wrote:

> We have been running a pair of Bridgewave GE60 units for several years to
> link to some remote buildings.  We recently learned that these units are
> reaching/reached EOL, so it is time to begin looking at replacing this
> hardware.   I was looking to see what others have used for this type of
> link.  The distance between the two units is about 200 feet and the bridge
> units are connecting to 1Gb ports on the switches at each end.
>
>
>
> Thank you
>
> Bruce Entwistle
>
> Network Manager
>
> University of Redlands
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Top P2P apps as classified by shapers?

2016-07-19 Thread Chris Adams (IT) 
Lee,

 

We use Fortinet Fortigate appliances extensively with great success at
handling P2P traffic.

 

As a whole, we generally block the entire FortiGuard P2P category (among
others), and then whitelist legitimate applications higher in the policy
set. Skype, Steam, and Battle.net are a few examples of P2P traffic that we
do allow. I have also been slowly moving our traffic shaping efforts off of
Blue Coat PacketShapers and onto our FortiGates with great success and
simplified administration.

 

If you'd like to see what is encompassed in the FortiGuard P2P category, you
can view it here: https://fortiguard.com/appcontrol

 

I'm sure that PA has similar features that you are already utilizing.

 

 

Thanks,

 

Chris Adams, CISSP

 

Director, Network & Telecom Services

Division of Information Technology

University of North Georgia

E-Mail:   chris.ad...@ung.edu | Office: (706)
867-2891

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Tuesday, July 19, 2016 8:29 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Top P2P apps as classified by shapers?

 

Apologies for the dual-posting for those who fall into that.

 

I'm wondering if those schools running Palo Alto boxes and the like might be
willing to share what your appliances are classifying as the top 10-15 P2P
apps seen these days, whether you choose to block/limit them or not? Just
want to sanity check one of our methodologies, and a few outside views would
be helpful if anyone feels like sharing that information.

 

Regards,

 

Lee Badman

 

Lee Badman | Network Architect (CWDP, CWNA, CWSP, Mobility+)

Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244

t 315.443.3003   f 315.443.4325   e  
lhbad...@syr.edu w its.syr.edu

SYRACUSE UNIVERSITY
syr.edu

 

 

 

** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/. 


**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.



smime.p7s
Description: S/MIME cryptographic signature

point to point wireless bridge

2016-07-19 Thread Entwistle, Bruce 
We have been running a pair of Bridgewave GE60 units for several years to link 
to some remote buildings.  We recently learned that these units are 
reaching/reached EOL, so it is time to begin looking at replacing this 
hardware.   I was looking to see what others have used for this type of link.  
The distance between the two units is about 200 feet and the bridge units are 
connecting to 1Gb ports on the switches at each end.

Thank you
Bruce Entwistle
Network Manager
University of Redlands

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: FreeRADIUS server scaling for 802.1x

2016-07-19 Thread Eriks Rugelis 
Curtis K. Larsen wrote:
> Nice slides.  This is pretty similar to what we do.  We're also using 
> PacketFence/FreeRADIUS.  The
> graphing of the authentications is key to understanding/scaling things in my 
> opinion.

Actually, with respect to our current deployment architecture, we are standing 
on your shoulders.   I want to thank you for that and also for driving Inverse 
to implementing the activity and performance graphs in Packetfence.

I cannot overstate how valuable we find the ability to track and correlate 
authentication workload, authentication server performance and back-end (Active 
Directory) server performance!
---
Eriks Rugelis
Manager, Network Development, University Information Technology
York University, Toronto

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] FreeRADIUS server scaling for 802.1x

2016-07-19 Thread Curtis K. Larsen 
Nice slides.  This is pretty similar to what we do.  We're also using 
PacketFence/FreeRADIUS.  The
graphing of the authentications is key to understanding/scaling things in my 
opinion.


Thanks,

Curtis


On Tue, July 19, 2016 8:46 am, Eriks Rugelis wrote:
> David,
> For what it is worth, here is a presentation on scaling of Wi-Fi 
> authentication which we created
> for this year's CANHEIT conference.
>
> https://canheit-hpcs2016.exordo.com/files/papers/145/presentation_files/1/CANHEIT2016_AuthBigWiFi.pptx
>
> We use Packetfence, which uses FreeRADIUS under the covers but adds a layer 
> of context switching
> which you wouldn't otherwise have if using only FreeRADIUS by itself.
>
> Feel free to ask questions, either on the list or directly via email.
> ---
> Eriks Rugelis
> Manager, Network Development, University Information Technology
> York University, Toronto
>
> **
> Participation and subscription information for this EDUCAUSE Constituent 
> Group discussion list can
> be found at http://www.educause.edu/groups/.
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: FreeRADIUS server scaling for 802.1x

2016-07-19 Thread Eriks Rugelis 
David,
For what it is worth, here is a presentation on scaling of Wi-Fi authentication 
which we created for this year's CANHEIT conference.

https://canheit-hpcs2016.exordo.com/files/papers/145/presentation_files/1/CANHEIT2016_AuthBigWiFi.pptx

We use Packetfence, which uses FreeRADIUS under the covers but adds a layer of 
context switching which you wouldn't otherwise have if using only FreeRADIUS by 
itself.

Feel free to ask questions, either on the list or directly via email.
---
Eriks Rugelis
Manager, Network Development, University Information Technology
York University, Toronto

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] [NETMAN] Top P2P apps as classified by shapers?

2016-07-19 Thread Lee H Badman 
?Thanks, Robert. Is similar to what we used to do with our Palo Alto boxes, but 
even there we could report on what was being blocked the most from their auto 
classification under the heading of P2P.


-Lee


Lee Badman | Network Architect (CWDP, CWNA, CWSP, Mobility+)
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 on behalf of Robert Harris 

Sent: Tuesday, July 19, 2016 9:10 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] [NETMAN] Top P2P apps as classified by shapers?

We're using Exinda appliances on our campuses, and we're very happy with them. 
We've set up a simple rule set;
1- block all the P2P traffic
2 -ignore this white list
3 -all other traffic gets bandwidth shared evenly
The devices are capable of much more detailed rule sets and features, but this 
is what works best for us.

The p2p classifications are all done by them and built into the application 
group, we only have to watch and make sure it's catching everything (very 
reliable).

I can't give a ranking, once traffic is getting discarded, it isn't quantified 
anymore.

[The Culinary Institute of America]
Robert Harris
Manager of Network Services
Culinary Institute of America
1946 Campus Drive
Hyde Park, NY
845-451-1681
www.ciachef.edu
Food is Life
Create and Savor Yours.(tm)

Please consider the environment before printing this e-mail.

>>> Lee H Badman  7/19/2016 8:29 AM >>>
Apologies for the dual-posting for those who fall into that.

I'm wondering if those schools running Palo Alto boxes and the like might be 
willing to share what your appliances are classifying as the top 10-15 P2P apps 
seen these days, whether you choose to block/limit them or not? Just want to 
sanity check one of our methodologies, and a few outside views would be helpful 
if anyone feels like sharing that information.

Regards,

Lee Badman

Lee Badman | Network Architect (CWDP, CWNA, CWSP, Mobility+)
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu



** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [NETMAN] Top P2P apps as classified by shapers?

2016-07-19 Thread Robert Harris 

We're using Exinda appliances on our campuses, and we're very happy with them. 
We've set up a simple rule set;

1- block all the P2P traffic

2 -ignore this white list

3 -all other traffic gets bandwidth shared evenly

The devices are capable of much more detailed rule sets and features, but this 
is what works best for us. 



The p2p classifications are all done by them and built into the application 
group, we only have to watch and make sure it's catching everything (very 
reliable). 



I can't give a ranking, once traffic is getting discarded, it isn't quantified 
anymore. 







Robert Harris
Manager of Network Services

Culinary Institute of America

1946 Campus Drive

Hyde Park, NY
845-451-1681

www.ciachef.edu 



Food is Life

Create and Savor Yours.™

 

Please consider the environment before printing this e-mail.




>>> Lee H Badman  7/19/2016 8:29 AM >>>

 
Apologies for the dual-posting for those who fall into that.

 

I’m wondering if those schools running Palo Alto boxes and the like might be 
willing to share what your appliances are classifying as the top 10-15 P2P apps 
seen these days, whether you choose to block/limit them or not? Just want to 
sanity check one of our methodologies, and a few outside views would be helpful 
if anyone feels like sharing that information.

 

Regards,

 

Lee Badman

 

Lee Badman | Network Architect (CWDP, CWNA, CWSP, Mobility+)

Information Technology Services
 206 Machinery Hall
 120 Smith Drive
 Syracuse, New York 13244

t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w its.syr.edu

SYRACUSE UNIVERSITY
syr.edu

 

 

 
 

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Top P2P apps as classified by shapers?

2016-07-19 Thread Lee H Badman 
Apologies for the dual-posting for those who fall into that.

I'm wondering if those schools running Palo Alto boxes and the like might be 
willing to share what your appliances are classifying as the top 10-15 P2P apps 
seen these days, whether you choose to block/limit them or not? Just want to 
sanity check one of our methodologies, and a few outside views would be helpful 
if anyone feels like sharing that information.

Regards,

Lee Badman


Lee Badman | Network Architect (CWDP, CWNA, CWSP, Mobility+)
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244

t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu

SYRACUSE UNIVERSITY
syr.edu




**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.